Merge #13056: [tests] Make rpcauth.py testable and add unit tests

6674a75 [tests] Make rpcauth.py testable and add unit tests (Qasim Javed)

Pull request description:

  refs #12995

Tree-SHA512: 609a85a75dafe46723f050db1e96098f6859519afd5e1b141a332f34ab715144d32fdd8f10d245d6dc0765e77f82158fe7b8aa2e4317f0e893de491d2e0acf1f
This commit is contained in:
Wladimir J. van der Laan 2018-04-25 15:56:33 +02:00
commit 106d929780
No known key found for this signature in database
GPG key ID: 1E4AED62986CD25D
4 changed files with 81 additions and 19 deletions

View file

@ -269,7 +269,8 @@ EXTRA_DIST += \
test/util/data/txcreatescript4.json \
test/util/data/txcreatesignv1.hex \
test/util/data/txcreatesignv1.json \
test/util/data/txcreatesignv2.hex
test/util/data/txcreatesignv2.hex \
test/util/rpcauth-test.py
CLEANFILES = $(OSX_DMG) $(BITCOIN_WIN_INSTALLER)

View file

@ -1,6 +1,6 @@
#!/usr/bin/env python3
# Copyright (c) 2015-2017 The Bitcoin Core developers
# Distributed under the MIT software license, see the accompanying
# Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
import sys
@ -9,26 +9,36 @@ from random import SystemRandom
import base64
import hmac
if len(sys.argv) < 2:
sys.stderr.write('Please include username as an argument.\n')
sys.exit(0)
def generate_salt():
# This uses os.urandom() underneath
cryptogen = SystemRandom()
username = sys.argv[1]
# Create 16 byte hex salt
salt_sequence = [cryptogen.randrange(256) for _ in range(16)]
return ''.join([format(r, 'x') for r in salt_sequence])
#This uses os.urandom() underneath
cryptogen = SystemRandom()
def generate_password(salt):
"""Create 32 byte b64 password"""
password = base64.urlsafe_b64encode(os.urandom(32)).decode('utf-8')
#Create 16 byte hex salt
salt_sequence = [cryptogen.randrange(256) for i in range(16)]
hexseq = list(map(hex, salt_sequence))
salt = "".join([x[2:] for x in hexseq])
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')
password_hmac = m.hexdigest()
#Create 32 byte b64 password
password = base64.urlsafe_b64encode(os.urandom(32)).decode("utf-8")
return password, password_hmac
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), "SHA256")
result = m.hexdigest()
def main():
if len(sys.argv) < 2:
sys.stderr.write('Please include username as an argument.\n')
sys.exit(0)
print("String to be appended to bitcoin.conf:")
print("rpcauth="+username+":"+salt+"$"+result)
print("Your password:\n"+password)
username = sys.argv[1]
salt = generate_salt()
password, password_hmac = generate_password(salt)
print('String to be appended to bitcoin.conf:')
print('rpcauth={0}:{1}${2}'.format(username, salt, password_hmac))
print('Your password:\n{0}'.format(password))
if __name__ == '__main__':
main()

View file

@ -156,6 +156,8 @@ bitcoin_test_clean : FORCE
check-local: $(BITCOIN_TESTS:.cpp=.cpp.test)
@echo "Running test/util/bitcoin-util-test.py..."
$(PYTHON) $(top_builddir)/test/util/bitcoin-util-test.py
@echo "Running test/util/rpcauth-test.py..."
$(PYTHON) $(top_builddir)/test/util/rpcauth-test.py
$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -C secp256k1 check
if EMBEDDED_UNIVALUE
$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -C univalue check

49
test/util/rpcauth-test.py Executable file
View file

@ -0,0 +1,49 @@
#!/usr/bin/env python3
# Copyright (c) 2015-2018 The Bitcoin Core developers
# Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
"""Test share/rpcauth/rpcauth.py
"""
import base64
import configparser
import hmac
import importlib
import os
import sys
import unittest
class TestRPCAuth(unittest.TestCase):
def setUp(self):
config = configparser.ConfigParser()
config_path = os.path.abspath(
os.path.join(os.sep, os.path.abspath(os.path.dirname(__file__)),
"../config.ini"))
with open(config_path) as config_file:
config.read_file(config_file)
sys.path.insert(0, os.path.dirname(config['environment']['RPCAUTH']))
self.rpcauth = importlib.import_module('rpcauth')
def test_generate_salt(self):
self.assertLessEqual(len(self.rpcauth.generate_salt()), 32)
self.assertGreaterEqual(len(self.rpcauth.generate_salt()), 16)
def test_generate_password(self):
salt = self.rpcauth.generate_salt()
password, password_hmac = self.rpcauth.generate_password(salt)
expected_password = base64.urlsafe_b64encode(
base64.urlsafe_b64decode(password)).decode('utf-8')
self.assertEqual(expected_password, password)
def test_check_password_hmac(self):
salt = self.rpcauth.generate_salt()
password, password_hmac = self.rpcauth.generate_password(salt)
m = hmac.new(bytearray(salt, 'utf-8'),
bytearray(password, 'utf-8'), 'SHA256')
expected_password_hmac = m.hexdigest()
self.assertEqual(expected_password_hmac, password_hmac)
if __name__ == '__main__':
unittest.main()