> On Feb. 5, 2014, 7:18 p.m., Michael Pyne wrote: > > kwalletd/backend/kwalletbackend.cc, line 635 > > <https://git.reviewboard.kde.org/r/115497/diff/1/?file=242022#file242022line635> > > > > Seems to be no error checking here, if this fails and we overwrite the > > hashed passwords on disk, couldn't there be data loss when we try to > > re-open them (when the user can't guess the key)? > > Àlex Fiestas wrote: > Added a runtime check to decide if we shuold swap or not the hashes, also > checking it in BlowfishPersistHandler::write. > > This will fix the following usecase: > -KWallet uses SHA1 to read > -KWallet uses PBKDF2 to write, but BKDF2 hash is null > > For other cases we can't add much fallback since Backend::setPassword > returns void, and no other code using it checks for errors in anyway.
feel free to add a return value to it, if that's needed. - Valentin ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://git.reviewboard.kde.org/r/115497/#review49065 ----------------------------------------------------------- On Feb. 10, 2014, 5:43 p.m., Àlex Fiestas wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://git.reviewboard.kde.org/r/115497/ > ----------------------------------------------------------- > > (Updated Feb. 10, 2014, 5:43 p.m.) > > > Review request for KDE Runtime, Teo Mrnjavac and Valentin Rusu. > > > Repository: kde-runtime > > > Description > ------- > > Uses the MINOR_VERSION (which until now it was 0) to upgrade the hash from > SHA to PBKDF2-SHA512+salt. > I would have loved to completely replace it once the wallet is ported to the > new hashing but because > of kwalletd code that is not possible without a bigger rewrite. > > There are 2 reasons for this patch: > 1-We avoid using our own implementation of SHA > 2-We use a modern hashing technique > > I'm cooking more patches to use the system user password to open the wallet, > we want that password to be > hashed using PBKDF2_SHA512 for security reasons. > > > Diffs > ----- > > CMakeLists.txt 275a6c7 > cmake/modules/FindLibGcrypt.cmake PRE-CREATION > kwalletd/backend/CMakeLists.txt 5a5837c > kwalletd/backend/backendpersisthandler.cpp bdef6ca > kwalletd/backend/kwalletbackend.h 83ebf7f > kwalletd/backend/kwalletbackend.cc e4d461c > > Diff: https://git.reviewboard.kde.org/r/115497/diff/ > > > Testing > ------- > > > Thanks, > > Àlex Fiestas > >
