I've occasionally seen Cognito return a negative hex number for the ChallengeParameters.SALT value, which causes warrant to crash:
Traceback (most recent call last):
File "cogtest.py", line 5, in <module>
cog.authenticate('password')
File "C:\Program Files\Python38\lib\site-packages\warrant\__init__.py", line 382, in authenticate
tokens = aws.authenticate_user()
File "C:\Program Files\Python38\lib\site-packages\warrant\aws_srp.py", line 209, in authenticate_user
challenge_response = self.process_challenge(response['ChallengeParameters'])
File "C:\Program Files\Python38\lib\site-packages\warrant\aws_srp.py", line 183, in process_challenge
hkdf = self.get_password_authentication_key(user_id_for_srp,
File "C:\Program Files\Python38\lib\site-packages\warrant\aws_srp.py", line 152, in get_password_authentication_key
x_value = hex_to_long(hex_hash(pad_hex(salt) + username_password_hash))
File "C:\Program Files\Python38\lib\site-packages\warrant\aws_srp.py", line 35, in hex_hash
return hash_sha256(bytearray.fromhex(hex_string))
ValueError: non-hexadecimal number found in fromhex() arg at position 1
Is there documentation somewhere that you used to create this code, and does it specify what the valid values of the salt can be?
I've occasionally seen Cognito return a negative hex number for the
ChallengeParameters.SALT
value, which causeswarrant
to crash:Is there documentation somewhere that you used to create this code, and does it specify what the valid values of the salt can be?