grassrootseconomics/openethereum
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
b97bf81adf
openethereum/rpc/src/authcodes.rs
Andronik Ordian dae5d75dd6 Upgrade ethereum types (#10670) 
* cargo upgrade "ethereum-types" --all --allow-prerelease

* [ethash] fix compilation errors

* [ethkey] fix compilation errors

* [journaldb] fix compilation errors

* [dir] fix compilation errors

* [ethabi] update to 0.7

* wip

* [eip-712] fix compilation errors

* [ethjson] fix compilation errors

* [Cargo.toml] add TODO to remove patches

* [ethstore] fix compilation errors

* use patched keccak-hash with new primitive-types

* wip

* [ethcore-network-devp2p] fix compilation errors

* [vm] fix compilation errors

* [common-types, evm, wasm] fix compilation errors

* [ethcore-db] Require AsRef instead of Deref for keys

* [ethcore-blockchain] fix some compilation errors

* [blooms-db] fix compilation errors

Thanks a lot @dvdplm :)

* we don't need no rlp ethereum feature

* [ethcore] fix some compilation errors

* [parity-ipfs-api] fix compilation error

* [ethcore-light] fix compilation errors

* [Cargo.lock] update parity-common

* [ethcore-private-tx] fix some compilation errors

* wip

* [ethcore-private-tx] fix compilation errors

* [parity-updater] fix compilation errors

* [parity-rpc] fix compilation errors

* [parity-bin] fix other compilation errors

* update to new ethereum-types

* update keccak-hash

* [fastmap] fix compilation in tests

* [blooms-db] fix compilation in tests

* [common-types] fix compilation in tests

* [triehash-ethereum] fix compilation in tests

* [ethkey] fix compilation in tests

* [pwasm-run-test] fix compilation errors

* [wasm] fix compilation errors

* [ethjson] fix compilation in tests

* [eip-712] fix compilation in tests

* [ethcore-blockchain] fix compilation in tests

* [ethstore] fix compilation in tests

* [ethstore-accounts] fix compilation in tests

* [parity-hash-fetch] fix compilation in tests

* [parity-whisper] fix compilation in tests

* [ethcore-miner] fix compilation in tests

* [ethcore-network-devp2p] fix compilation in tests

* [*] upgrade rand to 0.6

* [evm] get rid of num-bigint conversions

* [ethcore] downgrade trie-standardmap and criterion

* [ethcore] fix some warnings

* [ethcore] fix compilation in tests

* [evmbin] fix compilation in tests

* [updater] fix compilation in tests

* [ethash] fix compilation in tests

* [ethcore-secretstore] fix compilation in tests

* [ethcore-sync] fix compilation in tests

* [parity-rpc] fix compilation in tests

* [ethcore] finally fix compilation in tests

FUCK YEAH!!!

* [ethstore] lazy_static is unused

* [ethcore] fix test

* fix up bad merge

* [Cargo.toml] remove unused patches

* [*] replace some git dependencies with crates.io

* [Cargo.toml] remove unused lazy_static

* [*] clean up

* [ethcore] fix transaction_filter_deprecated test

* [private-tx] fix serialization tests

* fix more serialization tests

* [ethkey] fix smoky test

* [rpc] fix tests, please?

* [ethcore] remove commented out code

* Apply suggestions from code review

Co-Authored-By: Tomasz Drwięga <tomusdrw@users.noreply.github.com>

* [ethstore] remove unused dev-dependency

* [ethcore] remove resolved TODO

* [*] resolve keccak-hash TODO

* [*] s/Address::default()/Address::zero()

* [rpc] remove Subscribers::new_test

* [rpc] remove EthPubSubClient::new_test

* [ethcore] use trie-standardmap from crates.io

* [dir] fix db_root_path

* [ethcore] simplify snapshot::tests::helpers::fill_storage

* Apply suggestions from code review

Co-Authored-By: David <dvdplm@gmail.com>

* [ethcore-secretstore] resolve TODO in serialization

* [ethcore-network-devp2p] resolve TODO in save_key

* [Cargo.lock] update triehash

* [*] use ethabi from crates.io

* [ethkey] use secp256k1 from master branch

* [Cargo.lock] update eth-secp256k1
2019-06-03 15:36:21 +02:00

340 lines
9.0 KiB
Rust
Raw Blame History

// Copyright 2015-2019 Parity Technologies (UK) Ltd.
// This file is part of Parity Ethereum.
// Parity Ethereum is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// Parity Ethereum is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with Parity Ethereum. If not, see <http://www.gnu.org/licenses/>.
use std::io::{self, Read, Write};
use std::path::Path;
use std::{fs, time, mem};
use itertools::Itertools;
use rand::{Rng, rngs::OsRng, distributions::Alphanumeric};
use hash::keccak;
use ethereum_types::H256;
/// Providing current time in seconds
pub trait TimeProvider {
/// Returns timestamp (in seconds since epoch)
fn now(&self) -> u64;
}
impl<F : Fn() -> u64> TimeProvider for F {
fn now(&self) -> u64 {
self()
}
}
/// Default implementation of `TimeProvider` using system time.
#[derive(Default)]
pub struct DefaultTimeProvider;
impl TimeProvider for DefaultTimeProvider {
fn now(&self) -> u64 {
time::UNIX_EPOCH.elapsed().expect("Valid time has to be set in your system.").as_secs()
}
}
/// No of seconds the hash is valid
const TIME_THRESHOLD: u64 = 7;
/// minimal length of hash
const TOKEN_LENGTH: usize = 16;
/// Separator between fields in serialized tokens file.
const SEPARATOR: &str = ";";
/// Number of seconds to keep unused tokens.
const UNUSED_TOKEN_TIMEOUT: u64 = 3600 * 24; // a day
struct Code {
code: String,
/// Duration since unix_epoch
created_at: time::Duration,
/// Duration since unix_epoch
last_used_at: Option<time::Duration>,
}
fn decode_time(val: &str) -> Option<time::Duration> {
let time = val.parse::<u64>().ok();
time.map(time::Duration::from_secs)
}
fn encode_time(time: time::Duration) -> String {
format!("{}", time.as_secs())
}
/// Manages authorization codes for `SignerUIs`
pub struct AuthCodes<T: TimeProvider = DefaultTimeProvider> {
codes: Vec<Code>,
now: T,
}
impl AuthCodes<DefaultTimeProvider> {
/// Reads `AuthCodes` from file and creates new instance using `DefaultTimeProvider`.
pub fn from_file(file: &Path) -> io::Result<AuthCodes> {
let content = {
if let Ok(mut file) = fs::File::open(file) {
let mut s = String::new();
let _ = file.read_to_string(&mut s)?;
s
} else {
"".into()
}
};
let time_provider = DefaultTimeProvider::default();
let codes = content.lines()
.filter_map(|line| {
let mut parts = line.split(SEPARATOR);
let token = parts.next();
let created = parts.next();
let used = parts.next();
match token {
None => None,
Some(token) if token.len() < TOKEN_LENGTH => None,
Some(token) => {
Some(Code {
code: token.into(),
last_used_at: used.and_then(decode_time),
created_at: created.and_then(decode_time)
.unwrap_or_else(|| time::Duration::from_secs(time_provider.now())),
})
}
}
})
.collect();
Ok(AuthCodes {
codes,
now: time_provider,
})
}
}
impl<T: TimeProvider> AuthCodes<T> {
/// Writes all `AuthCodes` to a disk.
pub fn to_file(&self, file: &Path) -> io::Result<()> {
let mut file = fs::File::create(file)?;
let content = self.codes.iter().map(|code| {
let mut data = vec![code.code.clone(), encode_time(code.created_at)];
if let Some(used_at) = code.last_used_at {
data.push(encode_time(used_at));
}
data.join(SEPARATOR)
}).join("\n");
file.write_all(content.as_bytes())
}
/// Creates a new `AuthCodes` store with given `TimeProvider`.
pub fn new(codes: Vec<String>, now: T) -> Self {
AuthCodes {
codes: codes.into_iter().map(|code| Code {
code,
created_at: time::Duration::from_secs(now.now()),
last_used_at: None,
}).collect(),
now,
}
}
/// Checks if given hash is correct authcode of `SignerUI`
/// Updates this hash last used field in case it's valid.
pub fn is_valid(&mut self, hash: &H256, time: u64) -> bool {
let now = self.now.now();
// check time
if time >= now + TIME_THRESHOLD || time <= now - TIME_THRESHOLD {
warn!(target: "signer", "Received old authentication request. ({} vs {})", now, time);
return false;
}
let as_token = |code| keccak(format!("{}:{}", code, time));
// look for code
for code in &mut self.codes {
if &as_token(&code.code) == hash {
code.last_used_at = Some(time::Duration::from_secs(now));
return true;
}
}
false
}
/// Generates and returns a new code that can be used by `SignerUIs`
pub fn generate_new(&mut self) -> io::Result<String> {
let mut rng = OsRng::new()?;
let code = rng.sample_iter(&Alphanumeric).take(TOKEN_LENGTH).collect::<String>();
let readable_code = code.as_bytes()
.chunks(4)
.filter_map(|f| String::from_utf8(f.to_vec()).ok())
.collect::<Vec<String>>()
.join("-");
trace!(target: "signer", "New authentication token generated.");
self.codes.push(Code {
code,
created_at: time::Duration::from_secs(self.now.now()),
last_used_at: None,
});
Ok(readable_code)
}
/// Returns true if there are no tokens in this store
pub fn is_empty(&self) -> bool {
self.codes.is_empty()
}
/// Removes old tokens that have not been used since creation.
pub fn clear_garbage(&mut self) {
let now = self.now.now();
let threshold = time::Duration::from_secs(now.saturating_sub(UNUSED_TOKEN_TIMEOUT));
let codes = mem::replace(&mut self.codes, Vec::new());
for code in codes {
// Skip codes that are old and were never used.
if code.last_used_at.is_none() && code.created_at <= threshold {
continue;
}
self.codes.push(code);
}
}
}
#[cfg(test)]
mod tests {
use std::io::{Read, Write};
use std::{time, fs};
use std::cell::Cell;
use tempdir::TempDir;
use hash::keccak;
use ethereum_types::H256;
use super::*;
fn generate_hash(val: &str, time: u64) -> H256 {
keccak(format!("{}:{}", val, time))
}
#[test]
fn should_return_false_even_if_code_is_initial_and_store_is_empty() {
// given
let code = "initial";
let time = 99;
let mut codes = AuthCodes::new(vec![], || 100);
// when
let res1 = codes.is_valid(&generate_hash(code, time), time);
let res2 = codes.is_valid(&generate_hash(code, time), time);
// then
assert_eq!(res1, false);
assert_eq!(res2, false);
}
#[test]
fn should_return_true_if_hash_is_valid() {
// given
let code = "23521352asdfasdfadf";
let time = 99;
let mut codes = AuthCodes::new(vec![code.into()], || 100);
// when
let res = codes.is_valid(&generate_hash(code, time), time);
// then
assert_eq!(res, true);
}
#[test]
fn should_return_false_if_code_is_unknown() {
// given
let code = "23521352asdfasdfadf";
let time = 99;
let mut codes = AuthCodes::new(vec!["1".into()], || 100);
// when
let res = codes.is_valid(&generate_hash(code, time), time);
// then
assert_eq!(res, false);
}
#[test]
fn should_return_false_if_hash_is_valid_but_time_is_invalid() {
// given
let code = "23521352asdfasdfadf";
let time = 107;
let time2 = 93;
let mut codes = AuthCodes::new(vec![code.into()], || 100);
// when
let res1 = codes.is_valid(&generate_hash(code, time), time);
let res2 = codes.is_valid(&generate_hash(code, time2), time2);
// then
assert_eq!(res1, false);
assert_eq!(res2, false);
}
#[test]
fn should_read_old_format_from_file() {
// given
let tempdir = TempDir::new("").unwrap();
let file_path = tempdir.path().join("file");
let code = "23521352asdfasdfadf";
{
let mut file = fs::File::create(&file_path).unwrap();
file.write_all(b"a\n23521352asdfasdfadf\nb\n").unwrap();
}
// when
let mut authcodes = AuthCodes::from_file(&file_path).unwrap();
let time = time::UNIX_EPOCH.elapsed().unwrap().as_secs();
// then
assert!(authcodes.is_valid(&generate_hash(code, time), time), "Code should be read from file");
}
#[test]
fn should_remove_old_unused_tokens() {
// given
let tempdir = TempDir::new("").unwrap();
let file_path = tempdir.path().join("file");
let code1 = "11111111asdfasdf111";
let code2 = "22222222asdfasdf222";
let code3 = "33333333asdfasdf333";
let time = Cell::new(100);
let mut codes = AuthCodes::new(vec![code1.into(), code2.into(), code3.into()], || time.get());
// `code2` should not be removed (we never remove tokens that were used)
codes.is_valid(&generate_hash(code2, time.get()), time.get());
// when
time.set(100 + 10_000_000);
// mark `code1` as used now
codes.is_valid(&generate_hash(code1, time.get()), time.get());
let new_code = codes.generate_new().unwrap().replace('-', "");
codes.clear_garbage();
codes.to_file(&file_path).unwrap();
// then
let mut content = String::new();
let mut file = fs::File::open(&file_path).unwrap();
file.read_to_string(&mut content).unwrap();
assert_eq!(content, format!("{};100;10000100\n{};100;100\n{};10000100", code1, code2, new_code));
}
}
Reference in New Issue View Git Blame Copy Permalink