Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
let time_t = time_t_now();
let time_t = format!("{:x}", time_t);
let hmac = token_hmac(c.ic.secret.0.as_bytes(), time_t.as_bytes());
let time_t = time_t_now();
let time_t = format!("{:x}", time_t);
let hmac = token_hmac(c.ic.secret.0.as_bytes(), time_t.as_bytes());
+ //dbg!(DumpHex(&hmac));
let mut token = time_t;
write!(token, " ").unwrap();
base64::encode_config_buf(&hmac, BASE64_CONFIG, &mut token);
let mut token = time_t;
write!(token, " ").unwrap();
base64::encode_config_buf(&hmac, BASE64_CONFIG, &mut token);
let hmac_exp = token_hmac(secret, client_time_s.as_bytes());
// We also definitely want a consttime memeq for the hmac value
let hmac_ok = hmac_got.ct_eq(&hmac_exp);
let hmac_exp = token_hmac(secret, client_time_s.as_bytes());
// We also definitely want a consttime memeq for the hmac value
let hmac_ok = hmac_got.ct_eq(&hmac_exp);
+ //dbg!(DumpHex(&hmac_exp), client.is_some());
+ //dbg!(DumpHex(hmac_got), hmac_ok, client_exists);
if ! bool::from(hmac_ok & client_exists) {
throw!(anyhow!("xxx should be a 403 error"));
}
if ! bool::from(hmac_ok & client_exists) {
throw!(anyhow!("xxx should be a 403 error"));
}
let mut ikey = key; for k in &mut ikey { *k ^= 0x36; }
let mut okey = key; for k in &mut okey { *k ^= 0x5C; }
let mut ikey = key; for k in &mut ikey { *k ^= 0x36; }
let mut okey = key; for k in &mut okey { *k ^= 0x5C; }
-//dbg!(&key, &ikey, &okey);
+ //dbg!(DumpHex(&key), DumpHex(message), DumpHex(&ikey), DumpHex(&okey));
let h1 = HmacH::new()
.chain(&ikey)
let h1 = HmacH::new()
.chain(&ikey)