keyfork-shard: verify QR code length correctly

This commit is contained in:
Ryan Heywood 2024-05-29 16:15:17 -04:00
parent c65ddbf119
commit 142bea3b9f
Signed by: ryan
GPG Key ID: 8E401478A3FBEF72
5 changed files with 11 additions and 5 deletions

View File

@ -1,3 +1,8 @@
# Keyfork v0.2.1
This release contains an emergency bugfix for Keyfork Shard, which previously
would not be able to properly verify the length of remote shard QR codes.
# Keyfork v0.2.0 # Keyfork v0.2.0
Some of the changes in this release are based on feedback from audits Some of the changes in this release are based on feedback from audits

4
Cargo.lock generated
View File

@ -1674,7 +1674,7 @@ dependencies = [
[[package]] [[package]]
name = "keyfork" name = "keyfork"
version = "0.2.0" version = "0.2.1"
dependencies = [ dependencies = [
"card-backend-pcsc", "card-backend-pcsc",
"clap", "clap",
@ -1835,7 +1835,7 @@ dependencies = [
[[package]] [[package]]
name = "keyfork-shard" name = "keyfork-shard"
version = "0.2.0" version = "0.2.1"
dependencies = [ dependencies = [
"aes-gcm", "aes-gcm",
"anyhow", "anyhow",

View File

@ -1,6 +1,6 @@
[package] [package]
name = "keyfork-shard" name = "keyfork-shard"
version = "0.2.0" version = "0.2.1"
edition = "2021" edition = "2021"
license = "AGPL-3.0-only" license = "AGPL-3.0-only"

View File

@ -483,7 +483,8 @@ pub fn remote_decrypt(w: &mut impl Write) -> Result<(), Box<dyn std::error::Erro
.expect(bug!("qrcode should contain base64 encoded data")); .expect(bug!("qrcode should contain base64 encoded data"));
assert_eq!( assert_eq!(
decoded_data.len(), decoded_data.len(),
ENCRYPTED_LENGTH as usize, // Include length of public key
ENCRYPTED_LENGTH as usize + 32,
bug!("invalid payload data") bug!("invalid payload data")
); );
let _ = pubkey_data.insert(decoded_data[..32].try_into().map_err(|_| InvalidData)?); let _ = pubkey_data.insert(decoded_data[..32].try_into().map_err(|_| InvalidData)?);

View File

@ -1,6 +1,6 @@
[package] [package]
name = "keyfork" name = "keyfork"
version = "0.2.0" version = "0.2.1"
edition = "2021" edition = "2021"
license = "AGPL-3.0-only" license = "AGPL-3.0-only"