From bfccb5dc64a6e9ed775794f6efb7fbf5d90893c3 Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Tue, 10 Aug 2021 01:40:54 +0100 Subject: [PATCH] tokens: fiddle with commented-out debugging Signed-off-by: Ian Jackson --- src/bin/client.rs | 1 + src/bin/server.rs | 2 ++ src/utils.rs | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/bin/client.rs b/src/bin/client.rs index 2578f7a..2497780 100644 --- a/src/bin/client.rs +++ b/src/bin/client.rs @@ -48,6 +48,7 @@ fn submit_request<'r, 'c:'r, C:HCC>( let time_t = time_t_now(); let time_t = format!("{:x}", time_t); let hmac = token_hmac(c.ic.secret.0.as_bytes(), time_t.as_bytes()); + //dbg!(DumpHex(&hmac)); let mut token = time_t; write!(token, " ").unwrap(); base64::encode_config_buf(&hmac, BASE64_CONFIG, &mut token); diff --git a/src/bin/server.rs b/src/bin/server.rs index 3e71b41..26abf5e 100644 --- a/src/bin/server.rs +++ b/src/bin/server.rs @@ -122,6 +122,8 @@ async fn handle( let hmac_exp = token_hmac(secret, client_time_s.as_bytes()); // We also definitely want a consttime memeq for the hmac value let hmac_ok = hmac_got.ct_eq(&hmac_exp); + //dbg!(DumpHex(&hmac_exp), client.is_some()); + //dbg!(DumpHex(hmac_got), hmac_ok, client_exists); if ! bool::from(hmac_ok & client_exists) { throw!(anyhow!("xxx should be a 403 error")); } diff --git a/src/utils.rs b/src/utils.rs index e8508b5..5c10752 100644 --- a/src/utils.rs +++ b/src/utils.rs @@ -82,7 +82,7 @@ pub fn token_hmac(key: &[u8], message: &[u8]) -> [u8; HMAC_L] { let mut ikey = key; for k in &mut ikey { *k ^= 0x36; } let mut okey = key; for k in &mut okey { *k ^= 0x5C; } -//dbg!(&key, &ikey, &okey); + //dbg!(DumpHex(&key), DumpHex(message), DumpHex(&ikey), DumpHex(&okey)); let h1 = HmacH::new() .chain(&ikey) -- 2.30.2