keyfork-shard: verify QR code length correctly

CHANGELOG.md

@@ -1,3 +1,8 @@
+# Keyfork v0.2.1
+
+This release contains an emergency bugfix for Keyfork Shard, which previously
+would not be able to properly verify the length of remote shard QR codes.
+
 # Keyfork v0.2.0
 
 Some of the changes in this release are based on feedback from audits

Cargo.lock

@@ -1674,7 +1674,7 @@ dependencies = [
 
 [[package]]
 name = "keyfork"
-version = "0.2.0"
+version = "0.2.1"
 dependencies = [
  "card-backend-pcsc",
  "clap",
@@ -1835,7 +1835,7 @@ dependencies = [
 
 [[package]]
 name = "keyfork-shard"
-version = "0.2.0"
+version = "0.2.1"
 dependencies = [
  "aes-gcm",
  "anyhow",

crates/keyfork-shard/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "keyfork-shard"
-version = "0.2.0"
+version = "0.2.1"
 edition = "2021"
 license = "AGPL-3.0-only"
 

crates/keyfork-shard/src/lib.rs

@@ -483,7 +483,8 @@ pub fn remote_decrypt(w: &mut impl Write) -> Result<(), Box<dyn std::error::Erro
                     .expect(bug!("qrcode should contain base64 encoded data"));
                 assert_eq!(
                     decoded_data.len(),
-                    ENCRYPTED_LENGTH as usize,
+                    // Include length of public key
+                    ENCRYPTED_LENGTH as usize + 32,
                     bug!("invalid payload data")
                 );
                 let _ = pubkey_data.insert(decoded_data[..32].try_into().map_err(|_| InvalidData)?);

crates/keyfork/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "keyfork"
-version = "0.2.0"
+version = "0.2.1"
 edition = "2021"
 license = "AGPL-3.0-only"