Review Request 115497: Replace SHA with PBKDF2-SHA512+Salt

Àlex Fiestas afiestas at kde.org
Mon Feb 10 17:43:46 GMT 2014


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/115497/
-----------------------------------------------------------

(Updated Feb. 10, 2014, 5:43 p.m.)


Review request for KDE Runtime, Teo Mrnjavac and Valentin Rusu.


Repository: kde-runtime


Description
-------

Uses the MINOR_VERSION (which until now it was 0) to upgrade the hash from SHA to PBKDF2-SHA512+salt.
I would have loved to completely replace it once the wallet is ported to the new hashing but because
of kwalletd code that is not possible without a bigger rewrite.

There are 2 reasons for this patch:
1-We avoid using our own implementation of SHA
2-We use a modern hashing technique

I'm cooking more patches to use the system user password to open the wallet, we want that password to be
hashed using PBKDF2_SHA512 for security reasons.


Diffs (updated)
-----

  CMakeLists.txt 275a6c7 
  cmake/modules/FindLibGcrypt.cmake PRE-CREATION 
  kwalletd/backend/CMakeLists.txt 5a5837c 
  kwalletd/backend/backendpersisthandler.cpp bdef6ca 
  kwalletd/backend/kwalletbackend.h 83ebf7f 
  kwalletd/backend/kwalletbackend.cc e4d461c 

Diff: https://git.reviewboard.kde.org/r/115497/diff/


Testing
-------


Thanks,

Àlex Fiestas

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20140210/458f5add/attachment.htm>


More information about the kde-core-devel mailing list