Browse Source

pytest: test hsm_secret encryption

travis-debug
darosior 5 years ago
committed by neil saitug
parent
commit
1c27545f9e
  1. 46
      tests/test_wallet.py

46
tests/test_wallet.py

@ -3,9 +3,11 @@ from fixtures import * # noqa: F401,F403
from fixtures import TEST_NETWORK
from flaky import flaky # noqa: F401
from lightning import RpcError, Millisatoshi
from utils import only_one, wait_for, sync_blockheight, EXPERIMENTAL_FEATURES, COMPAT
from utils import only_one, wait_for, sync_blockheight, EXPERIMENTAL_FEATURES, COMPAT, VALGRIND, SLOW_MACHINE
import os
import pytest
import subprocess
import time
import unittest
@ -562,3 +564,45 @@ def test_transaction_annotations(node_factory, bitcoind):
assert(len(peers) == 1 and len(peers[0]['channels']) == 1)
scid = peers[0]['channels'][0]['short_channel_id']
assert(txs[1]['outputs'][fundidx]['channel'] == scid)
@unittest.skipIf(VALGRIND, "It does not play well with prompt and key derivation.")
def test_hsm_secret_encryption(node_factory, executor):
l1 = node_factory.get_node()
password = "reckful\n"
# We need to simulate a terminal to use termios in `lightningd`.
master_fd, slave_fd = os.openpty()
# Test we can encrypt an already-existing and not encrypted hsm_secret
l1.rpc.stop()
l1.daemon.opts.update({"encrypted-hsm": None})
l1.daemon.start(stdin=slave_fd, wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
os.write(master_fd, password.encode("utf-8"))
l1.daemon.wait_for_log("Server started with public key")
id = l1.rpc.getinfo()["id"]
# Test we cannot start the same wallet without specifying --encrypted-hsm
l1.stop()
l1.daemon.opts.pop("encrypted-hsm")
l1.daemon.start(stdin=slave_fd, stderr=subprocess.STDOUT,
wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
os.write(master_fd, password[2:].encode("utf-8"))
err = "hsm_secret is encrypted, you need to pass the --encrypted-hsm startup option."
assert l1.daemon.is_in_log(err)
# Test we cannot restore the same wallet with another password
l1.daemon.opts.update({"encrypted-hsm": None})
l1.daemon.start(stdin=slave_fd, stderr=subprocess.STDOUT,
wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
os.write(master_fd, password[2:].encode("utf-8"))
l1.daemon.wait_for_log("Wrong password for encrypted hsm_secret.")
# Test we can restore the same wallet with the same password
l1.daemon.start(stdin=slave_fd, wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
os.write(master_fd, password.encode("utf-8"))
l1.daemon.wait_for_log("Server started with public key")
assert id == l1.rpc.getinfo()["id"]

Loading…
Cancel
Save