From 6786069cde0027f5cfc653b76ee943a9a31e1211 Mon Sep 17 00:00:00 2001
From: Alex Zorin <alex@zorin.id.au>
Date: Sun, 14 Jul 2019 10:41:55 +1000
Subject: [PATCH] BUG: Truncation of CBC padding was wrong

Resulting in wrong decryption for large secrets. Whoops.
---
 crypto.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto.go b/crypto.go
index 436dc26..90f7610 100644
--- a/crypto.go
+++ b/crypto.go
@@ -102,7 +102,8 @@ func decryptToken(encryptedSeedB64, salt, passphrase string) (string, error) {
 
 	out := make([]byte, len(encryptedSeed))
 	cbc.CryptBlocks(out, encryptedSeed)
-	out = out[:16]
+
+	out = out[:len(out)-cbc.BlockSize()]
 
 	return hex.EncodeToString(out), nil
 }