On Fri, April 4, 2014 02:20:28 Valentin Rusu wrote: > On Sunday, March 30, 2014 05:25:58 PM Michael Pyne wrote: > > In fact the list of folders and keys present in KWallet (though > > not their values) can be queried without unlocking KWallet, or even > > causing > > it to prompt to unlock. > > Could you please elaborate more on the possibility to enumerate the keys > without opening the wallet?
From the KWallet::Wallet API docs: > bool Wallet::keyDoesNotExist(...): > > Determine if an entry in a folder does not exist in a wallet. > > This does not require decryption of the wallet. This is a handy optimization > to avoid prompting the user if your data is certainly not in the wallet. Wallet::folderDoesNotExist() has similar verbiage. "enumerating" is overstating the case here since there's no direct support for enumerating folders or keys. But all the same, it's not hard at all to brute- force potential folder or key names using the same method used to guess valid Coinbase user identities that just hit the news. Of course if an attacker is running code they'd probably just find it easier to open the .kwl directly and read the folder and key names, since apparently those are stored unencrypted, if the API docs are to be believed. Note that there is a valid use case for this feature: It would be tremendously annoying for a user to have to open their wallet just so an application can verify if it does or does not have an entry stored in the wallet. Instead the application can defer opening the wallet (and forcing the password prompt0 until the value is actually needed. Regards, - Michael Pyne
signature.asc
Description: This is a digitally signed message part.
