keyfork-shard: limit size of encrypted payload, can fit at max a 256 bit shard

crates/keyfork-shard/src/lib.rs

@@ -41,7 +41,7 @@ pub struct InvalidData;
 /// 1 byte: Version
 /// 1 byte: Threshold
 /// Data: &[u8]
-pub(crate) const HUNK_VERSION: u8 = 1;
+pub(crate) const HUNK_VERSION: u8 = 2;
 pub(crate) const HUNK_OFFSET: usize = 2;
 
 const QRCODE_PROMPT: &str = "Press enter, then present QR code to camera.";
@@ -129,7 +129,7 @@ pub fn remote_decrypt(w: &mut impl Write) -> Result<(), Box<dyn std::error::Erro
             (Some(pubkey), Some(payload)) => (pubkey, payload),
             _ => {
                 let validator = MnemonicSetValidator {
-                    word_lengths: [24, 48],
+                    word_lengths: [24, 39],
                 };
 
                 let [pubkey_mnemonic, payload_mnemonic] = pm.prompt_validated_wordlist(

crates/keyfork-shard/src/openpgp.rs

@@ -62,7 +62,7 @@ use super::{
 };
 
 // 256 bit share is 49 bytes + some amount of hunk bytes, gives us reasonable padding
-const ENC_LEN: u8 = 4 * 16;
+const ENC_LEN: u8 = 52;
 
 /// Errors encountered while performing operations using OpenPGP.
 #[derive(Debug, thiserror::Error)]