SSLError WRONG_SIGNATURE_TYPE on login in USA
adambrakhane opened this issue · 4 comments
- Hyundai / Kia Connect version:
- Python version: Python 3.10.5
- Operating System: Mac Venture 13.4
Region: USA
Brand: Kia
Description
On just attempting login, I get fatal SSL errors. They are triggered by running vm.check_and_refresh_token()
after setting up the VM config. It seems to be an issue with region 3. When I change the region, I get a more normal authentication error, which makes sense.
What I Did
Code
from hyundai_kia_connect_api.VehicleManager import VehicleManager
region = 3
brand = 1
username = "XXXX"
password = "XXXX"
pin = "XXXX"
vm = VehicleManager(
region=region,
brand=brand,
username=username,
password=password,
pin=pin,
geocode_api_enable=True,
)
vm.check_and_refresh_token()
vm.check_and_force_update_vehicles(force_refresh_interval=600)
print(vm.vehicles)
Traceback
Traceback (most recent call last):
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/connectionpool.py", line 467, in _make_request
self._validate_conn(conn)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/connectionpool.py", line 1092, in _validate_conn
conn.connect()
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/connection.py", line 642, in connect
sock_and_verified = _ssl_wrap_socket_and_match_hostname(
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/connection.py", line 783, in _ssl_wrap_socket_and_match_hostname
ssl_sock = ssl_wrap_socket(
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/util/ssl_.py", line 469, in ssl_wrap_socket
ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls, server_hostname)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/util/ssl_.py", line 513, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/ssl.py", line 513, in wrap_socket
return self.sslsocket_class._create(
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/ssl.py", line 1071, in _create
self.do_handshake()
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/ssl.py", line 1342, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: WRONG_SIGNATURE_TYPE] wrong signature type (_ssl.c:997)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/connectionpool.py", line 790, in urlopen
response = self._make_request(
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/connectionpool.py", line 491, in _make_request
raise new_e
urllib3.exceptions.SSLError: [SSL: WRONG_SIGNATURE_TYPE] wrong signature type (_ssl.c:997)
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/requests/adapters.py", line 486, in send
resp = conn.urlopen(
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/connectionpool.py", line 844, in urlopen
retries = retries.increment(
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/urllib3/util/retry.py", line 515, in increment
raise MaxRetryError(_pool, url, reason) from reason # type: ignore[arg-type]
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='api.owners.kia.com', port=443): Max retries exceeded with url: /apigw/v1/prof/authUser (Caused by SSLError(SSLError(1, '[SSL: WRONG_SIGNATURE_TYPE] wrong signature type (_ssl.c:997)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/Users/adam/projects/me/kia_access/test.py", line 19, in <module>
vm.check_and_refresh_token()
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/hyundai_kia_connect_api/VehicleManager.py", line 124, in check_and_refresh_token
self.initialize()
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/hyundai_kia_connect_api/VehicleManager.py", line 68, in initialize
self.token: Token = self.api.login(self.username, self.password)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/hyundai_kia_connect_api/KiaUvoAPIUSA.py", line 172, in login
response = requests.post(url, json=data, headers=headers)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/requests/api.py", line 115, in post
return request("post", url, data=data, json=json, **kwargs)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/requests/api.py", line 59, in request
return session.request(method=method, url=url, **kwargs)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/requests/sessions.py", line 589, in request
resp = self.send(prep, **send_kwargs)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/requests/sessions.py", line 703, in send
r = adapter.send(request, **kwargs)
File "/Users/adam/.pyenv/versions/3.10.5/lib/python3.10/site-packages/requests/adapters.py", line 517, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='api.owners.kia.com', port=443): Max retries exceeded with url: /apigw/v1/prof/authUser (Caused by SSLError(SSLError(1, '[SSL: WRONG_SIGNATURE_TYPE] wrong signature type (_ssl.c:997)')))
FYI: With CURL, I reproduced the login request from hyundai_kia_connect_api/KiaUvoAPIUSA.py
on the command line and it successfully logged me in.
Most likely related to your openssl version. Kia USA uses obsolete cyphers. I thought we had overridden this but apparently not fully. Someone will need to play with the code who has a USA car to see if we can make this more robust.
got the same problem on Windows 11 WSL (Ubuntu)