fort-nix/nix-bitcoin
1
1
Fork 0
mirror of https://github.com/fort-nix/nix-bitcoin.git synced 2024-11-23 06:42:51 +03:00
Code Issues Packages Projects Releases Wiki Activity

generate-secrets: fetch rpcauth.py from github

Browse Source 
No need to vendor this.
This commit is contained in:
Erik Arvstedt 2020-08-27 12:17:40 +02:00
parent 4d6127bb76
commit ca18ffb90a
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
2 changed files with 8 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/generate-secrets/default.nix
View File

@ -1,9 +1,15 @@
{ pkgs }: with pkgs;
let
rpcauth = pkgs.writeScriptBin "rpcauth" (builtins.readFile ./rpcauth/rpcauth.py);
rpcauthSrc = builtins.fetchurl {
url = "https://raw.githubusercontent.com/bitcoin/bitcoin/d6cde007db9d3e6ee93bd98a9bbfdce9bfa9b15b/share/rpcauth/rpcauth.py";
sha256 = "189mpplam6yzizssrgiyv70c9899ggh8cac76j4n7v0xqzfip07n";
};
rpcauth = pkgs.writeScriptBin "rpcauth" ''
exec ${pkgs.python35}/bin/python ${rpcauthSrc} "$@"
'';
in
writeScript "generate-secrets" ''
export PATH=${lib.makeBinPath [ coreutils apg openssl gnugrep rpcauth python35 ]}
export PATH=${lib.makeBinPath [ coreutils apg openssl gnugrep rpcauth ]}
. ${./generate-secrets.sh} ${./openssl.cnf}
''

46
pkgs/generate-secrets/rpcauth/rpcauth.py
View File

@ -1,46 +0,0 @@
#!/usr/bin/env python3
# Copyright (c) 2015-2018 The Bitcoin Core developers
# Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
from argparse import ArgumentParser
from base64 import urlsafe_b64encode
from binascii import hexlify
from getpass import getpass
from os import urandom
import hmac
def generate_salt(size):
"""Create size byte hex salt"""
return hexlify(urandom(size)).decode()
def generate_password():
"""Create 32 byte b64 password"""
return urlsafe_b64encode(urandom(32)).decode('utf-8')
def password_to_hmac(salt, password):
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')
return m.hexdigest()
def main():
parser = ArgumentParser(description='Create login credentials for a JSON-RPC user')
parser.add_argument('username', help='the username for authentication')
parser.add_argument('password', help='leave empty to generate a random password or specify "-" to prompt for password', nargs='?')
args = parser.parse_args()
if not args.password:
args.password = generate_password()
elif args.password == '-':
args.password = getpass()
# Create 16 byte hex salt
salt = generate_salt(16)
password_hmac = password_to_hmac(salt, args.password)
print('String to be appended to bitcoin.conf:')
print('rpcauth={0}:{1}${2}'.format(args.username, salt, password_hmac))
print('Your password:\n{0}'.format(args.password))
if __name__ == '__main__':
main()