úterý 2. ledna 2018

IOTA IRI remote authentication

When installing IOT IRI atm you can start it with authentication enabled. As the IRI developers really like trytes and trits and their home made curl hash (which by the way was proved a bit broken), the authentication uses the curl  for hashing the password. No documentation for this feature so some code digging was necessary to find the answer on how to configure remote authentication.

The configuration option can look like this:
  • in iri.ini
  • in command line arguments
    --remote-auth iota: DRDR...SRCJ
Above config means when prompted for password, you enter username "iota" and password "password".

To generate passwor hash use following script:

const Curl=require("iota.lib.js/lib/crypto/curl/curl.js")
const a2t=require("iota.lib.js/lib/utils/asciiToTrytes.js")
const conv=require("iota.lib.js/lib/crypto/converter/converter.js")
const IOTA=require("iota.lib.js")

let password=process.argv[2]
if ( ! password ) {
console.log("Usage: node hash-password.js ascii-password-to-hash")
let pwdTrytes = a2t.toTrytes(password)
let pwdTrits = conv.trits(pwdTrytes)
let curl=new Curl()
curl.absorb(pwdTrits, 0, pwdTrits.length)
let out=[]
curl.squeeze(out, 0, Curl.HASH_LENGTH)

This example is part of iota-experiments.