Skip to content

support legacy SRP (s2k_fo) logins #398

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

support legacy SRP (s2k_fo) logins #398

wants to merge 1 commit into from
+14 −3

Conversation

MattKiazyk
Copy link
Contributor

Duplicate of XcodesOrg/XcodesApp#650

Apple IDs with "old" passwords (ie those set before a certain date, the cutoff for which I'm not 100% certain) use the s2k_fo protocol rather than s2k. This legacy protocol involved an extra step in the SRP handshake, where the password was hex-encoded before performing PBKDF2 to derive the shared secret. Luckily it's pretty trivial for us to handle this and fix the erroneous "incorrect username or password" errors that it resulted in.

@MattKiazyk MattKiazyk mentioned this pull request Dec 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MattKiazyk