starred/FindMy.py
1
0
Fork 0
mirror of https://github.com/malmeloo/FindMy.py.git synced 2026-04-17 21:53:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

Password encryption now also supports s2k_fo protocol

Browse Source
This commit is contained in:
Steffen Siebert
2024-08-24 13:15:38 +02:00
parent ba1a0a1d07
commit 261979b196
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
findmy/reports/account.py
View File

@@ -736,13 +736,13 @@ class AsyncAppleAccount(BaseAppleAccount):
msg = "Email verification failed: " + r["Status"].get("em")
raise InvalidCredentialsError(msg)
sp = r.get("sp")
if sp != "s2k":
msg = f"This implementation only supports s2k. Server returned {sp}"
if sp not in ["s2k", "s2k_fo"]:
msg = f"This implementation only supports s2k and sk2_fo. Server returned {sp}"
raise UnhandledProtocolError(msg)
logging.debug("Attempting password challenge")
usr.p = crypto.encrypt_password(self._password, r["s"], r["i"])
usr.p = crypto.encrypt_password(self._password, r["s"], r["i"], sp)
m1 = usr.process_challenge(r["s"], r["B"])
if m1 is None:
msg = "Failed to process challenge"

5
findmy/util/crypto.py
View File

@@ -11,9 +11,12 @@ from cryptography.hazmat.primitives.kdf.x963kdf import X963KDF
P224_N = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D
def encrypt_password(password: str, salt: bytes, iterations: int) -> bytes:
def encrypt_password(password: str, salt: bytes, iterations: int, protocol: str) -> bytes:
"""Encrypt password using PBKDF2-HMAC."""
assert protocol in ["s2k", "s2k_fo"]
p = hashlib.sha256(password.encode("utf-8")).digest()
if protocol == "s2k_fo":
p = p.hex().encode("utf-8")
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,