-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crypto vs Cryptodome #37
Comments
Should work. |
Sure, but I prefer to use debian packages whenever possible. |
OK, but you're causing problems where there aren't any. |
I vote for not a bug of this project and this can be closed. You shall use virtual environmental (venv) for individual projects. Using apt to install isn't a good idea anyway due to potential version conflicts and broken dependency. |
I tend to disagree here, I too prefer to manage my python packages using the os package manager. |
I cannot ensure 100% that the change Crypto -> Cryptodome works, but I could authenticate (surprisingly it just asked me the username and password but no authentication code) and get the reports. |
That's because of the anisette. |
But on subsequent calls it doesn't even ask for username/password. |
The first call is to get the search party token, and when the anisette data used for that is from a trusted device, it will not ask for 2FA. The subsequent calls use the cached search party token from the first call as password and the dsid as username. |
Sorry for abusing thins bug, but where is the anisette data stored? In the anisette server (I'm using the dockerized one)?. |
The anisette server is faking an apple device, with the serials and stuff (ADI) stored in $HOME/.config/anisette-v3/adi.pb and device.json. Those numbers together generate a validation code like OTP, which is then going through a whole bunch of Mixed Boolean Arithmetic to generate two anisette headers for the request. One of these is a machine serial that is quite static over time, the other one is the otp which changes a lot. |
Ah, thank you, I see those files inside the container, I thought they would be stored in the mounted volume (which is empty). |
I'm trying (unsuccessfully but that will be another bug) to use provision and I see that if I install cryprodome with pip in a venv, the correct import is Crypto, while with the debian package is Cryptodome. For the time being, while I'm experimenting with provision but I want to use the, working, system python I did this:
|
the original pypush code uses |
Nope, that doesn't work because hashlib.sha256 has no digest_size (only an instance created with it has the attribute). |
Yes that's my error too! 🤷 |
I'm not really into python cryptography, but wanting to try the latest few commits, I saw an error importing SHA256. I couldn't find a debian package providing it, but I found
python3-pycryptodome
, so I made this changeSearching cryptodome I found this bug so maybe it's a good idea to import from Cryptodome instead of from Crypto.
The text was updated successfully, but these errors were encountered: