parent
a0079d4b6d
commit
6674a75bfb
4 changed files with 81 additions and 19 deletions
|
@ -269,7 +269,8 @@ EXTRA_DIST += \
|
|||
test/util/data/txcreatescript4.json \
|
||||
test/util/data/txcreatesignv1.hex \
|
||||
test/util/data/txcreatesignv1.json \
|
||||
test/util/data/txcreatesignv2.hex
|
||||
test/util/data/txcreatesignv2.hex \
|
||||
test/util/rpcauth-test.py
|
||||
|
||||
CLEANFILES = $(OSX_DMG) $(BITCOIN_WIN_INSTALLER)
|
||||
|
||||
|
|
|
@ -9,26 +9,36 @@ from random import SystemRandom
|
|||
import base64
|
||||
import hmac
|
||||
|
||||
if len(sys.argv) < 2:
|
||||
def generate_salt():
|
||||
# This uses os.urandom() underneath
|
||||
cryptogen = SystemRandom()
|
||||
|
||||
# Create 16 byte hex salt
|
||||
salt_sequence = [cryptogen.randrange(256) for _ in range(16)]
|
||||
return ''.join([format(r, 'x') for r in salt_sequence])
|
||||
|
||||
def generate_password(salt):
|
||||
"""Create 32 byte b64 password"""
|
||||
password = base64.urlsafe_b64encode(os.urandom(32)).decode('utf-8')
|
||||
|
||||
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')
|
||||
password_hmac = m.hexdigest()
|
||||
|
||||
return password, password_hmac
|
||||
|
||||
def main():
|
||||
if len(sys.argv) < 2:
|
||||
sys.stderr.write('Please include username as an argument.\n')
|
||||
sys.exit(0)
|
||||
|
||||
username = sys.argv[1]
|
||||
username = sys.argv[1]
|
||||
|
||||
#This uses os.urandom() underneath
|
||||
cryptogen = SystemRandom()
|
||||
salt = generate_salt()
|
||||
password, password_hmac = generate_password(salt)
|
||||
|
||||
#Create 16 byte hex salt
|
||||
salt_sequence = [cryptogen.randrange(256) for i in range(16)]
|
||||
hexseq = list(map(hex, salt_sequence))
|
||||
salt = "".join([x[2:] for x in hexseq])
|
||||
print('String to be appended to bitcoin.conf:')
|
||||
print('rpcauth={0}:{1}${2}'.format(username, salt, password_hmac))
|
||||
print('Your password:\n{0}'.format(password))
|
||||
|
||||
#Create 32 byte b64 password
|
||||
password = base64.urlsafe_b64encode(os.urandom(32)).decode("utf-8")
|
||||
|
||||
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), "SHA256")
|
||||
result = m.hexdigest()
|
||||
|
||||
print("String to be appended to bitcoin.conf:")
|
||||
print("rpcauth="+username+":"+salt+"$"+result)
|
||||
print("Your password:\n"+password)
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
|
|
|
@ -156,6 +156,8 @@ bitcoin_test_clean : FORCE
|
|||
check-local: $(BITCOIN_TESTS:.cpp=.cpp.test)
|
||||
@echo "Running test/util/bitcoin-util-test.py..."
|
||||
$(PYTHON) $(top_builddir)/test/util/bitcoin-util-test.py
|
||||
@echo "Running test/util/rpcauth-test.py..."
|
||||
$(PYTHON) $(top_builddir)/test/util/rpcauth-test.py
|
||||
$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -C secp256k1 check
|
||||
if EMBEDDED_UNIVALUE
|
||||
$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -C univalue check
|
||||
|
|
49
test/util/rpcauth-test.py
Executable file
49
test/util/rpcauth-test.py
Executable file
|
@ -0,0 +1,49 @@
|
|||
#!/usr/bin/env python3
|
||||
# Copyright (c) 2015-2018 The Bitcoin Core developers
|
||||
# Distributed under the MIT software license, see the accompanying
|
||||
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
||||
"""Test share/rpcauth/rpcauth.py
|
||||
"""
|
||||
import base64
|
||||
import configparser
|
||||
import hmac
|
||||
import importlib
|
||||
import os
|
||||
import sys
|
||||
import unittest
|
||||
|
||||
class TestRPCAuth(unittest.TestCase):
|
||||
def setUp(self):
|
||||
config = configparser.ConfigParser()
|
||||
config_path = os.path.abspath(
|
||||
os.path.join(os.sep, os.path.abspath(os.path.dirname(__file__)),
|
||||
"../config.ini"))
|
||||
with open(config_path) as config_file:
|
||||
config.read_file(config_file)
|
||||
sys.path.insert(0, os.path.dirname(config['environment']['RPCAUTH']))
|
||||
self.rpcauth = importlib.import_module('rpcauth')
|
||||
|
||||
def test_generate_salt(self):
|
||||
self.assertLessEqual(len(self.rpcauth.generate_salt()), 32)
|
||||
self.assertGreaterEqual(len(self.rpcauth.generate_salt()), 16)
|
||||
|
||||
def test_generate_password(self):
|
||||
salt = self.rpcauth.generate_salt()
|
||||
password, password_hmac = self.rpcauth.generate_password(salt)
|
||||
|
||||
expected_password = base64.urlsafe_b64encode(
|
||||
base64.urlsafe_b64decode(password)).decode('utf-8')
|
||||
self.assertEqual(expected_password, password)
|
||||
|
||||
def test_check_password_hmac(self):
|
||||
salt = self.rpcauth.generate_salt()
|
||||
password, password_hmac = self.rpcauth.generate_password(salt)
|
||||
|
||||
m = hmac.new(bytearray(salt, 'utf-8'),
|
||||
bytearray(password, 'utf-8'), 'SHA256')
|
||||
expected_password_hmac = m.hexdigest()
|
||||
|
||||
self.assertEqual(expected_password_hmac, password_hmac)
|
||||
|
||||
if __name__ == '__main__':
|
||||
unittest.main()
|
Loading…
Reference in a new issue