Replace SHA with PBKDF2-SHA512+Salt
Uses the MINOR_VERSION (which until now it was 0) to upgrade the hash from SHA to PBKDF2-SHA512+salt. I would have loved to completely replace it once the wallet is ported to the new hashing but because of kwalletd code that is not possible without a bigger rewrite. There are 2 reasons for this patch: 1-We avoid using our own implementation of SHA 2-We use a modern hashing technique I'm cooking more patches to use the system user password to open the wallet, we want that password to be hashed using PBKDF2_SHA512 for security reasons. REVIEW: 115497 NOTE by valir: this was not backported to 4.12 branch and because of that my CBC patch let the sources into an incosistent state in respect with the 4.14 branch. I cherry-picked this commit here, on the 4.12 branch an now the problem is gone, confirmed using the "testcase" wallet provided with the bug report. BUG: 343718
Showing
- CMakeLists.txt 6 additions, 0 deletionsCMakeLists.txt
- cmake/modules/FindLibGcrypt.cmake 61 additions, 0 deletionscmake/modules/FindLibGcrypt.cmake
- kwalletd/backend/CMakeLists.txt 1 addition, 1 deletionkwalletd/backend/CMakeLists.txt
- kwalletd/backend/backendpersisthandler.cpp 8 additions, 2 deletionskwalletd/backend/backendpersisthandler.cpp
- kwalletd/backend/kwalletbackend.cc 119 additions, 14 deletionskwalletd/backend/kwalletbackend.cc
- kwalletd/backend/kwalletbackend.h 4 additions, 0 deletionskwalletd/backend/kwalletbackend.h
Loading
Please register or sign in to comment