From e6a6ba7d63c7215e58cc6c4d9f1e58b95eb53307 Mon Sep 17 00:00:00 2001
From: Philipp Riederer <philipp@riederer.email>
Date: Fri, 11 Mar 2022 12:38:19 +0100
Subject: [PATCH] Fix keepass-cr-recovery

keepass-cr-recovery used the challenge unpadded, add padding as in
https://github.com/keepassxreboot/keepassxc/blob/develop/src/keys/drivers/YubiKeyInterfaceUSB.cpp\#L291
https://github.com/keepassxreboot/keepassxc/blob/develop/src/keys/drivers/YubiKeyInterfacePCSC.cpp\#L747

Closes #4744
---
 utils/keepassxc-cr-recovery/main.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/utils/keepassxc-cr-recovery/main.go b/utils/keepassxc-cr-recovery/main.go
index b9e64d3e..abcba1a2 100644
--- a/utils/keepassxc-cr-recovery/main.go
+++ b/utils/keepassxc-cr-recovery/main.go
@@ -169,6 +169,14 @@ func main() {
 		log.Fatalf("couldn't read challenge: %s", err)
 	}
 
+	if len(challenge) < 64 {
+		padd := make([]byte, 64-len(challenge))
+		for i, _ := range padd {
+			padd[i] = byte(64-len(challenge))
+		}
+		challenge = append(challenge[:], padd[:]...)
+	}
+
 	mac := hmac.New(sha1.New, secret)
 	mac.Write(challenge)