parent
a0079d4b6d
commit
6674a75bfb
4 changed files with 81 additions and 19 deletions
|
@ -269,7 +269,8 @@ EXTRA_DIST += \
|
||||||
test/util/data/txcreatescript4.json \
|
test/util/data/txcreatescript4.json \
|
||||||
test/util/data/txcreatesignv1.hex \
|
test/util/data/txcreatesignv1.hex \
|
||||||
test/util/data/txcreatesignv1.json \
|
test/util/data/txcreatesignv1.json \
|
||||||
test/util/data/txcreatesignv2.hex
|
test/util/data/txcreatesignv2.hex \
|
||||||
|
test/util/rpcauth-test.py
|
||||||
|
|
||||||
CLEANFILES = $(OSX_DMG) $(BITCOIN_WIN_INSTALLER)
|
CLEANFILES = $(OSX_DMG) $(BITCOIN_WIN_INSTALLER)
|
||||||
|
|
||||||
|
|
|
@ -9,26 +9,36 @@ from random import SystemRandom
|
||||||
import base64
|
import base64
|
||||||
import hmac
|
import hmac
|
||||||
|
|
||||||
if len(sys.argv) < 2:
|
def generate_salt():
|
||||||
sys.stderr.write('Please include username as an argument.\n')
|
# This uses os.urandom() underneath
|
||||||
sys.exit(0)
|
cryptogen = SystemRandom()
|
||||||
|
|
||||||
username = sys.argv[1]
|
# Create 16 byte hex salt
|
||||||
|
salt_sequence = [cryptogen.randrange(256) for _ in range(16)]
|
||||||
|
return ''.join([format(r, 'x') for r in salt_sequence])
|
||||||
|
|
||||||
#This uses os.urandom() underneath
|
def generate_password(salt):
|
||||||
cryptogen = SystemRandom()
|
"""Create 32 byte b64 password"""
|
||||||
|
password = base64.urlsafe_b64encode(os.urandom(32)).decode('utf-8')
|
||||||
|
|
||||||
#Create 16 byte hex salt
|
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')
|
||||||
salt_sequence = [cryptogen.randrange(256) for i in range(16)]
|
password_hmac = m.hexdigest()
|
||||||
hexseq = list(map(hex, salt_sequence))
|
|
||||||
salt = "".join([x[2:] for x in hexseq])
|
|
||||||
|
|
||||||
#Create 32 byte b64 password
|
return password, password_hmac
|
||||||
password = base64.urlsafe_b64encode(os.urandom(32)).decode("utf-8")
|
|
||||||
|
|
||||||
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), "SHA256")
|
def main():
|
||||||
result = m.hexdigest()
|
if len(sys.argv) < 2:
|
||||||
|
sys.stderr.write('Please include username as an argument.\n')
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
print("String to be appended to bitcoin.conf:")
|
username = sys.argv[1]
|
||||||
print("rpcauth="+username+":"+salt+"$"+result)
|
|
||||||
print("Your password:\n"+password)
|
salt = generate_salt()
|
||||||
|
password, password_hmac = generate_password(salt)
|
||||||
|
|
||||||
|
print('String to be appended to bitcoin.conf:')
|
||||||
|
print('rpcauth={0}:{1}${2}'.format(username, salt, password_hmac))
|
||||||
|
print('Your password:\n{0}'.format(password))
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
||||||
|
|
|
@ -156,6 +156,8 @@ bitcoin_test_clean : FORCE
|
||||||
check-local: $(BITCOIN_TESTS:.cpp=.cpp.test)
|
check-local: $(BITCOIN_TESTS:.cpp=.cpp.test)
|
||||||
@echo "Running test/util/bitcoin-util-test.py..."
|
@echo "Running test/util/bitcoin-util-test.py..."
|
||||||
$(PYTHON) $(top_builddir)/test/util/bitcoin-util-test.py
|
$(PYTHON) $(top_builddir)/test/util/bitcoin-util-test.py
|
||||||
|
@echo "Running test/util/rpcauth-test.py..."
|
||||||
|
$(PYTHON) $(top_builddir)/test/util/rpcauth-test.py
|
||||||
$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -C secp256k1 check
|
$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -C secp256k1 check
|
||||||
if EMBEDDED_UNIVALUE
|
if EMBEDDED_UNIVALUE
|
||||||
$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -C univalue check
|
$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -C univalue check
|
||||||
|
|
49
test/util/rpcauth-test.py
Executable file
49
test/util/rpcauth-test.py
Executable file
|
@ -0,0 +1,49 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
# Copyright (c) 2015-2018 The Bitcoin Core developers
|
||||||
|
# Distributed under the MIT software license, see the accompanying
|
||||||
|
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
||||||
|
"""Test share/rpcauth/rpcauth.py
|
||||||
|
"""
|
||||||
|
import base64
|
||||||
|
import configparser
|
||||||
|
import hmac
|
||||||
|
import importlib
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
import unittest
|
||||||
|
|
||||||
|
class TestRPCAuth(unittest.TestCase):
|
||||||
|
def setUp(self):
|
||||||
|
config = configparser.ConfigParser()
|
||||||
|
config_path = os.path.abspath(
|
||||||
|
os.path.join(os.sep, os.path.abspath(os.path.dirname(__file__)),
|
||||||
|
"../config.ini"))
|
||||||
|
with open(config_path) as config_file:
|
||||||
|
config.read_file(config_file)
|
||||||
|
sys.path.insert(0, os.path.dirname(config['environment']['RPCAUTH']))
|
||||||
|
self.rpcauth = importlib.import_module('rpcauth')
|
||||||
|
|
||||||
|
def test_generate_salt(self):
|
||||||
|
self.assertLessEqual(len(self.rpcauth.generate_salt()), 32)
|
||||||
|
self.assertGreaterEqual(len(self.rpcauth.generate_salt()), 16)
|
||||||
|
|
||||||
|
def test_generate_password(self):
|
||||||
|
salt = self.rpcauth.generate_salt()
|
||||||
|
password, password_hmac = self.rpcauth.generate_password(salt)
|
||||||
|
|
||||||
|
expected_password = base64.urlsafe_b64encode(
|
||||||
|
base64.urlsafe_b64decode(password)).decode('utf-8')
|
||||||
|
self.assertEqual(expected_password, password)
|
||||||
|
|
||||||
|
def test_check_password_hmac(self):
|
||||||
|
salt = self.rpcauth.generate_salt()
|
||||||
|
password, password_hmac = self.rpcauth.generate_password(salt)
|
||||||
|
|
||||||
|
m = hmac.new(bytearray(salt, 'utf-8'),
|
||||||
|
bytearray(password, 'utf-8'), 'SHA256')
|
||||||
|
expected_password_hmac = m.hexdigest()
|
||||||
|
|
||||||
|
self.assertEqual(expected_password_hmac, password_hmac)
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
unittest.main()
|
Loading…
Reference in a new issue