| Summary: | Unable to open wallets, likely bad decryption | ||
|---|---|---|---|
| Product: | [Unmaintained] kdelibs | Reporter: | Eric McCorkle <eric> |
| Component: | kwallet | Assignee: | Michael Leupold <lemma> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | normal | ||
| Priority: | NOR | ||
| Version First Reported In: | 4.6 | ||
| Target Milestone: | --- | ||
| Platform: | FreeBSD Ports | ||
| OS: | FreeBSD | ||
| Latest Commit: | Version Fixed/Implemented In: | ||
| Sentry Crash Report: | |||
Could you please uncomment the line just prior to the "return -9" in kwalletbackend.cc and paste the output of kwalletd please? I don't think it's actually the encryption/decryption but rather something funky about fsize. Regarding getting rid of kwallet's implementation of blowfish: I second that but unfortunately it's not possible. There's a suttle error in kwallet's blowfish implementation which makes it incompatible with default blowfish under certain, rare circumstances. Output: fsize: -925727542 encrypted.size(): 200 blksz: 8 Definitely something weird going on here. As for the openSSL thing, I'm going to take it to another request, but my suggestion would be to allow people to select a cipher, which would include the legacy blowfish cipher. Really weird. I wonder what's going wrong there... is there anything specific to BSD and the compiler used which I'm not aware of? Btw, don't bother too much about the blowfish thing. A kwallet successor is on its way and it only includes the broken blowfish to convert legacy kwl files to the new format which in turn uses libraries like openssl and the likes. I'd imagine the problem lies in clang sizing something differently from GCC, which leads to trouble. In any case, if a successor is on the way, don't worry about fixing this. Dear Bug Submitter, This bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? I am setting the status to NEEDSINFO pending your response, please change the Status back to REPORTED when you respond. Thank you for helping us make KDE software even better for everyone! Dear Bug Submitter, This is a reminder that this bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? This bug will be moved back to REPORTED Status for manual review later, which may take a while. If you are able to, please lend us a hand. Thank you for helping us make KDE software even better for everyone! Thank you for reporting this issue in KDE software. As it has been a while since this issue was reported, can we please ask you to see if you can reproduce the issue with a recent software version? If you can reproduce the issue, please change the status to "REPORTED" when replying. Thank you! Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging If you have already provided the requested information, please mark the bug as REPORTED so that the KDE team knows that the bug is ready to be confirmed. Thank you for helping us make KDE software even better for everyone! This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging Thank you for helping us make KDE software even better for everyone! |
Version: 4.6 (using KDE 4.6.5) OS: FreeBSD FreeBSD ports install, built using clang with -mcpu=core2 -O2, on an amd64 system. It appears wallets aren't being decrypted properly. See reproduction steps. Reproducible: Didn't try Steps to Reproduce: Create a new wallet, give it a trivial password ("hi"), use KWalletManager to close the wallet. Now try to open it. Actual Results: Dialog reports cannot open Wallet, with error -9 (likely incorrect password). Expected Results: Wallet opens. I took the following steps to diagnose the problem: I inserted code into KWallet::Backend just before the data in encrypted in sync() and just after it is decrypted in open() which writes the unencrypted contents of the wallet out to a file in /tmp/. The file prior to encryption seemed to be properly formatted, but the file after decryption seems to be corrupted (likely because of incorrect decryption). Suggestion (and I may turn this into a feature request): get rid of the custom blowfish code and use a pre-existing crypto library like OpenSSL.