diff --git a/proxmox-acme/src/account.rs b/proxmox-acme/src/account.rs index 0f023224..6993b2cf 100644 --- a/proxmox-acme/src/account.rs +++ b/proxmox-acme/src/account.rs @@ -323,7 +323,12 @@ impl AccountCreator { /// Set the EAB credentials for the account registration pub fn set_eab_credentials(mut self, kid: String, hmac_key: String) -> Result { - let hmac_key = PKey::hmac(&base64::decode(hmac_key)?)?; + let hmac_key = if hmac_key.contains('+') || hmac_key.contains('/') { + base64::decode(hmac_key)? + } else { + b64u::decode(&hmac_key)? + }; + let hmac_key = PKey::hmac(&hmac_key)?; self.eab_credentials = Some((kid, hmac_key)); Ok(self) } diff --git a/proxmox-acme/src/b64u.rs b/proxmox-acme/src/b64u.rs index a4f8ce0a..9616fc1b 100644 --- a/proxmox-acme/src/b64u.rs +++ b/proxmox-acme/src/b64u.rs @@ -7,6 +7,11 @@ pub fn encode(data: &[u8]) -> String { base64::encode_config(data, config()) } +/// Decode a base64url encoded string. +pub fn decode>(data: &T) -> Result, crate::Error> { + Ok(base64::decode_config(data.as_ref(), config())?) +} + // curiously currently unused as we don't deserialize any of that // /// Decode bytes from a base64url string. // pub fn decode(data: &str) -> Result, base64::DecodeError> {