diff options
| author | Wladimir J. van der Laan <laanwj@gmail.com> | 2018-11-21 10:20:41 +0100 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2018-11-21 10:33:25 +0100 |
| commit | 267793af8b03e2a11af8a51d7091495bbd065b62 (patch) | |
| tree | e410cbacfd0d953a173951d8afa603e8e8ff5847 /test | |
| parent | 6b90a2a0e06548b5c30a160fe76351a44fe3f861 (diff) | |
| parent | 6be7d14d243eeeaaf6b4b98c3359c3e1695f2046 (diff) | |
Merge #14742: Properly generate salt in rpcauth.py
6be7d14d243eeeaaf6b4b98c3359c3e1695f2046 Properly generate salt in rpcauth.py, update tests (Carl Dong)
Pull request description:
Previously, when iterating over bytes of the generated salt to construct
a hex string, only one character would be outputted when the byte is
less than 0x10. Meaning that for a 16 byte salt, the hex string might be
less than 32 characters and collisions would occur.
Tree-SHA512: 7038ecbbac846cd1851112396acd8a04475685f5b6f786e4e7316acba4a56cc711c275b7f52f0f2b6bc6cfdc0c0d9d39c3afeb2c0aff3a30fde516bf642fdf9f
Diffstat (limited to 'test')
| -rwxr-xr-x | test/util/rpcauth-test.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/test/util/rpcauth-test.py b/test/util/rpcauth-test.py index 46e9fbc739..53058dc394 100755 --- a/test/util/rpcauth-test.py +++ b/test/util/rpcauth-test.py @@ -24,8 +24,8 @@ class TestRPCAuth(unittest.TestCase): self.rpcauth = importlib.import_module('rpcauth') def test_generate_salt(self): - self.assertLessEqual(len(self.rpcauth.generate_salt()), 32) - self.assertGreaterEqual(len(self.rpcauth.generate_salt()), 16) + for i in range(16, 32 + 1): + self.assertEqual(len(self.rpcauth.generate_salt(i)), i * 2) def test_generate_password(self): password = self.rpcauth.generate_password() @@ -34,7 +34,7 @@ class TestRPCAuth(unittest.TestCase): self.assertEqual(expected_password, password) def test_check_password_hmac(self): - salt = self.rpcauth.generate_salt() + salt = self.rpcauth.generate_salt(16) password = self.rpcauth.generate_password() password_hmac = self.rpcauth.password_to_hmac(salt, password) |