Store session secrets only on succesful decodeHandshakePacket

eth/p2p/discoveryv5/encodingv1.nim

@@ -478,8 +478,6 @@ proc decodeHandshakePacket(c: var Codec, fromAddr: Address, srcId: NodeId,
     ephKey, challenge.whoareyouData.idNonce)
 
   swap(secrets.readKey, secrets.writeKey)
-  c.sessions.store(srcId, fromAddr, secrets.readKey,
-    secrets.writeKey)
 
   let pt = decryptGCM(secrets.readKey, nonce, ct, header)
   if pt.isNone():
@@ -490,6 +488,11 @@ proc decodeHandshakePacket(c: var Codec, fromAddr: Address, srcId: NodeId,
 
   let message = ? decodeMessage(pt.get())
 
+  # Only store the session secrets in case decryption was successful and also
+  # in case the message can get decoded.
+  c.sessions.store(srcId, fromAddr, secrets.readKey,
+    secrets.writeKey)
+
   return ok(Packet(flag: Flag.HandshakeMessage, message: message, srcId: srcId,
     node: newNode))