lbrycrd/share/rpcauth/rpcauth.py

#!/usr/bin/env python3
# Copyright (c) 2015-2018 The Bitcoin Core developers
# Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php.

import sys
import os
import base64
from binascii import hexlify
import hmac

def generate_salt(size):
    """Create size byte hex salt"""
    return hexlify(os.urandom(size)).decode()

def generate_password():
    """Create 32 byte b64 password"""
    return base64.urlsafe_b64encode(os.urandom(32)).decode('utf-8')

def password_to_hmac(salt, password):
    m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')
    return m.hexdigest()

def main():
    if len(sys.argv) < 2:
        sys.stderr.write('Please include username (and an optional password, will generate one if not provided) as an argument.\n')
        sys.exit(0)

    username = sys.argv[1]

    # Create 16 byte hex salt
    salt = generate_salt(16)
    if len(sys.argv) > 2:
        password = sys.argv[2]
    else:
        password = generate_password()
    password_hmac = password_to_hmac(salt, password)

    print('String to be appended to bitcoin.conf:')
    print('rpcauth={0}:{1}${2}'.format(username, salt, password_hmac))
    print('Your password:\n{0}'.format(password))

if __name__ == '__main__':
    main()
Change all python files to use Python3 2017-12-12 20:47:24 +01:00			`#!/usr/bin/env python3`
Update copyright headers to 2018 2018-07-27 00:36:45 +02:00			`# Copyright (c) 2015-2018 The Bitcoin Core developers`
[tests] Make rpcauth.py testable and add unit tests refs #12995 2018-04-23 09:39:12 +02:00			`# Distributed under the MIT software license, see the accompanying`
Added additional config option for multiple RPC users. 2015-11-11 16:49:32 +01:00			`# file COPYING or http://www.opensource.org/licenses/mit-license.php.`

			`import sys`
			`import os`
			`import base64`
Properly generate salt in rpcauth.py, update tests Previously, when iterating over bytes of the generated salt to construct a hex string, only one character would be outputted when the byte is less than 0x10. Meaning that for a 16 byte salt, the hex string might be less than 32 characters and collisions would occur. 2018-11-17 08:24:57 +01:00			`from binascii import hexlify`
Added additional config option for multiple RPC users. 2015-11-11 16:49:32 +01:00			`import hmac`

Properly generate salt in rpcauth.py, update tests Previously, when iterating over bytes of the generated salt to construct a hex string, only one character would be outputted when the byte is less than 0x10. Meaning that for a 16 byte salt, the hex string might be less than 32 characters and collisions would occur. 2018-11-17 08:24:57 +01:00			`def generate_salt(size):`
			`"""Create size byte hex salt"""`
			`return hexlify(os.urandom(size)).decode()`
Added additional config option for multiple RPC users. 2015-11-11 16:49:32 +01:00
rpcauth: Make it possible to provide a custom password This adds the functionality to specify a custom password to `rpcauth.py`, as well as makes the code (IMO) easier to understand. 2018-05-02 05:09:22 +02:00			`def generate_password():`
[tests] Make rpcauth.py testable and add unit tests refs #12995 2018-04-23 09:39:12 +02:00			`"""Create 32 byte b64 password"""`
rpcauth: Make it possible to provide a custom password This adds the functionality to specify a custom password to `rpcauth.py`, as well as makes the code (IMO) easier to understand. 2018-05-02 05:09:22 +02:00			`return base64.urlsafe_b64encode(os.urandom(32)).decode('utf-8')`
Added additional config option for multiple RPC users. 2015-11-11 16:49:32 +01:00
rpcauth: Make it possible to provide a custom password This adds the functionality to specify a custom password to `rpcauth.py`, as well as makes the code (IMO) easier to understand. 2018-05-02 05:09:22 +02:00			`def password_to_hmac(salt, password):`
[tests] Make rpcauth.py testable and add unit tests refs #12995 2018-04-23 09:39:12 +02:00			`m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')`
rpcauth: Make it possible to provide a custom password This adds the functionality to specify a custom password to `rpcauth.py`, as well as makes the code (IMO) easier to understand. 2018-05-02 05:09:22 +02:00			`return m.hexdigest()`
Minor Python cleanups to make flake8 pass with the new rules enabled 2018-04-16 11:13:07 +02:00
[tests] Make rpcauth.py testable and add unit tests refs #12995 2018-04-23 09:39:12 +02:00			`def main():`
			`if len(sys.argv) < 2:`
rpcauth: Make it possible to provide a custom password This adds the functionality to specify a custom password to `rpcauth.py`, as well as makes the code (IMO) easier to understand. 2018-05-02 05:09:22 +02:00			`sys.stderr.write('Please include username (and an optional password, will generate one if not provided) as an argument.\n')`
[tests] Make rpcauth.py testable and add unit tests refs #12995 2018-04-23 09:39:12 +02:00			`sys.exit(0)`
Added additional config option for multiple RPC users. 2015-11-11 16:49:32 +01:00
[tests] Make rpcauth.py testable and add unit tests refs #12995 2018-04-23 09:39:12 +02:00			`username = sys.argv[1]`

Properly generate salt in rpcauth.py, update tests Previously, when iterating over bytes of the generated salt to construct a hex string, only one character would be outputted when the byte is less than 0x10. Meaning that for a 16 byte salt, the hex string might be less than 32 characters and collisions would occur. 2018-11-17 08:24:57 +01:00			`# Create 16 byte hex salt`
			`salt = generate_salt(16)`
rpcauth: Make it possible to provide a custom password This adds the functionality to specify a custom password to `rpcauth.py`, as well as makes the code (IMO) easier to understand. 2018-05-02 05:09:22 +02:00			`if len(sys.argv) > 2:`
			`password = sys.argv[2]`
			`else:`
			`password = generate_password()`
			`password_hmac = password_to_hmac(salt, password)`
[tests] Make rpcauth.py testable and add unit tests refs #12995 2018-04-23 09:39:12 +02:00
			`print('String to be appended to bitcoin.conf:')`
			`print('rpcauth={0}:{1}${2}'.format(username, salt, password_hmac))`
			`print('Your password:\n{0}'.format(password))`

			`if __name__ == '__main__':`
			`main()`