Ok(Self {
prefix: Cow::Borrowed(prefix),
data: data.to_string(),
- time: proxmox::tools::time::epoch_i64(),
+ time: proxmox_time::epoch_i64(),
signature: None,
_type_marker: PhantomData,
})
write!(
f,
"{}:{}:{:08X}",
- percent_encode(self.prefix.as_bytes(), &TICKET_ASCIISET),
- percent_encode(self.data.as_bytes(), &TICKET_ASCIISET),
+ percent_encode(self.prefix.as_bytes(), TICKET_ASCIISET),
+ percent_encode(self.data.as_bytes(), TICKET_ASCIISET),
self.time,
)
.map_err(Error::from)
/// Write additional authentication data to the verifier.
fn write_aad(f: &mut dyn io::Write, aad: Option<&str>) -> Result<(), Error> {
if let Some(aad) = aad {
- write!(f, ":{}", percent_encode(aad.as_bytes(), &TICKET_ASCIISET))?;
+ write!(f, ":{}", percent_encode(aad.as_bytes(), TICKET_ASCIISET))?;
}
Ok(())
}
/// Sign the ticket.
pub fn sign(&mut self, keypair: &PKey<Private>, aad: Option<&str>) -> Result<String, Error> {
let mut output = Vec::<u8>::new();
- let mut signer = Signer::new(MessageDigest::sha256(), &keypair)
+ let mut signer = Signer::new(MessageDigest::sha256(), keypair)
.map_err(|err| format_err!("openssl error creating signer for ticket: {}", err))?;
self.write_data(&mut output)
None => bail!("invalid ticket without signature"),
};
- let age = proxmox::tools::time::epoch_i64() - self.time;
+ let age = proxmox_time::epoch_i64() - self.time;
if age < time_frame.start {
bail!("invalid ticket - timestamp newer than expected");
}
bail!("invalid ticket - expired");
}
- let mut verifier = Verifier::new(MessageDigest::sha256(), &keypair)?;
+ let mut verifier = Verifier::new(MessageDigest::sha256(), keypair)?;
self.write_data(&mut verifier)
.and_then(|()| Self::write_aad(&mut verifier, aad))
.map_err(|err| format_err!("error verifying ticket: {}", err))?;
let is_valid: bool = verifier
- .verify(&signature)
+ .verify(signature)
.map_err(|err| format_err!("openssl error verifying ticket: {}", err))?;
if !is_valid {
false
});
simple_test(&key, None, |t| {
- t.change_time(proxmox::tools::time::epoch_i64() + 0x1000_0000);
+ t.change_time(proxmox_time::epoch_i64() + 0x1000_0000);
false
});
}