keyfork-shard: increase QR code read timeout from 30 to 60 seconds

This commit is contained in:
Ryan Heywood 2024-02-04 17:51:38 -05:00
parent e37b5f0e6a
commit b3a05277e8
Signed by: ryan
GPG Key ID: 8E401478A3FBEF72
2 changed files with 8 additions and 9 deletions

View File

@ -44,6 +44,9 @@ pub struct InvalidData;
pub(crate) const HUNK_VERSION: u8 = 1; pub(crate) const HUNK_VERSION: u8 = 1;
pub(crate) const HUNK_OFFSET: usize = 2; pub(crate) const HUNK_OFFSET: usize = 2;
const QRCODE_PROMPT: &str = "Press enter, then present QR code to camera.";
const QRCODE_TIMEOUT: u64 = 60; // One minute
/// Establish ECDH transport for remote operators, receive transport-encrypted shares, decrypt the /// Establish ECDH transport for remote operators, receive transport-encrypted shares, decrypt the
/// shares, and combine them. /// shares, and combine them.
/// ///
@ -92,11 +95,9 @@ pub fn remote_decrypt(w: &mut impl Write) -> Result<(), Box<dyn std::error::Erro
#[cfg(feature = "qrcode")] #[cfg(feature = "qrcode")]
{ {
pm.prompt_message(PromptMessage::Text( pm.prompt_message(PromptMessage::Text(QRCODE_PROMPT.to_string()))?;
"Press enter, then present QR code to camera".to_string(),
))?;
if let Ok(Some(hex)) = if let Ok(Some(hex)) =
keyfork_qrcode::scan_camera(std::time::Duration::from_secs(30), 0) keyfork_qrcode::scan_camera(std::time::Duration::from_secs(QRCODE_TIMEOUT), 0)
{ {
let decoded_data = smex::decode(&hex)?; let decoded_data = smex::decode(&hex)?;
let _ = pubkey_data.insert(decoded_data[..32].try_into().map_err(|_| InvalidData)?); let _ = pubkey_data.insert(decoded_data[..32].try_into().map_err(|_| InvalidData)?);

View File

@ -56,7 +56,7 @@ use smartcard::SmartcardManager;
const SHARD_METADATA_VERSION: u8 = 1; const SHARD_METADATA_VERSION: u8 = 1;
const SHARD_METADATA_OFFSET: usize = 2; const SHARD_METADATA_OFFSET: usize = 2;
use super::{InvalidData, SharksError, HUNK_VERSION}; use super::{InvalidData, SharksError, HUNK_VERSION, QRCODE_PROMPT, QRCODE_TIMEOUT};
// 256 bit share is 49 bytes + some amount of hunk bytes, gives us reasonable padding // 256 bit share is 49 bytes + some amount of hunk bytes, gives us reasonable padding
const ENC_LEN: u8 = 4 * 16; const ENC_LEN: u8 = 4 * 16;
@ -471,10 +471,8 @@ pub fn decrypt(
#[cfg(feature = "qrcode")] #[cfg(feature = "qrcode")]
{ {
pm.prompt_message(PromptMessage::Text( pm.prompt_message(PromptMessage::Text(QRCODE_PROMPT.to_string()))?;
"Press enter, then present QR code to camera".to_string(), if let Ok(Some(hex)) = keyfork_qrcode::scan_camera(std::time::Duration::from_secs(QRCODE_TIMEOUT), 0) {
))?;
if let Ok(Some(hex)) = keyfork_qrcode::scan_camera(std::time::Duration::from_secs(30), 0) {
let decoded_data = smex::decode(&hex)?; let decoded_data = smex::decode(&hex)?;
let _ = nonce_data.insert(decoded_data[..12].try_into().map_err(|_| InvalidData)?); let _ = nonce_data.insert(decoded_data[..12].try_into().map_err(|_| InvalidData)?);
let _ = pubkey_data.insert(decoded_data[12..].try_into().map_err(|_| InvalidData)?); let _ = pubkey_data.insert(decoded_data[12..].try_into().map_err(|_| InvalidData)?);