RuntimeError: invalid header for bplist

[pekkanikander]

I'm trying to decrypt my old OTP Auth file, from an old iPhone 4S running OTP Auth 1.1.4, using this tool. I'm using Mac OS X 10.13.4 and the latest version of brew.

However, in the last phase I get the stack trace below. Has the OTP Auth backup file format changed at some point, so that I can no longer read such old files, or what is the issue?

The worst thing is that I cannot even log in to the service with the old OTP Auth... I haven't used the service using 2FA for over a year, but now I need to.

pipenv run python decrypt_otpauth.py decrypt_account --encrypted-otpauth-account /tmp/fooI.otpauth 
Password for export file /tmp/foo.otpauth: 
Traceback (most recent call last):
  File "decrypt_otpauth.py", line 324, in <module>
    cli()
  File "/Users/pnr/.local/share/virtualenvs/decrypt-otpauth-files-smWpXwss/lib/python3.6/site-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/Users/pnr/.local/share/virtualenvs/decrypt-otpauth-files-smWpXwss/lib/python3.6/site-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/Users/pnr/.local/share/virtualenvs/decrypt-otpauth-files-smWpXwss/lib/python3.6/site-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/Users/pnr/.local/share/virtualenvs/decrypt-otpauth-files-smWpXwss/lib/python3.6/site-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/Users/pnr/.local/share/virtualenvs/decrypt-otpauth-files-smWpXwss/lib/python3.6/site-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "decrypt_otpauth.py", line 223, in decrypt_account
    archive = archiver.Unarchive(data).top_object()
  File "/Users/pnr/.local/share/virtualenvs/decrypt-otpauth-files-smWpXwss/lib/python3.6/site-packages/bpylist/archiver.py", line 255, in top_object
    self.unpack_archive_header()
  File "/Users/pnr/.local/share/virtualenvs/decrypt-otpauth-files-smWpXwss/lib/python3.6/site-packages/bpylist/archiver.py", line 174, in unpack_archive_header
    plist = bplist.parse(self.input)
RuntimeError: invalid header for bplist

[CooperRS]

Hi there!

If this account file is in the original OTP Auth account format, this is currently not supported by this tool. Do you have the chance to import the file on an iPhone (using OTP Auth) and reexport in a current format?

Best regards,
Roland

[pekkanikander]

I tried to import the file on a new iPhone SE, using the latest version of OTP Auth, the "Restore from Backup" function, and using iCloud Drive. The new OTP Auth does not recognise the file, i.e. the file is visible but remains in light grey, and it is impossible to select it.

[CooperRS]

🤔, that’s a little UX issue in OTP Auth.

What you have is a single account, not a backup. Thus, you first have to set up OTP Auth as new, then select a folder to import the account to and then tap the plus at the bottom where you should be able to select your account 😊

(I‘ll add that UX issue to my todo list. One should be able to add an account there as well)

[pekkanikander]

Well, I tried that. When importing after clicking the +, my OTP Auth crashed. And now it crashes all the time. That is, when I just click OTP Auth, the start screen flashes and then it crashes immediately after.

BTW, if you prefer to move this to private email (since this is not about this open source tool any more) my email is <pekka.nikander@iki.fi>.

[CooperRS]

I agree, currently we are not talking about this tool. I'll leave the issue open for me to add support for this older file formats.