Bug 281237

Summary: Use OpenSSL for encryption
Product: [Unmaintained] kdelibs Reporter: Eric McCorkle <eric>
Component: kwalletAssignee: Michael Leupold <lemma>
Status: RESOLVED DUPLICATE    
Severity: wishlist CC: cfeck, mk.mateng
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: FreeBSD Ports   
OS: FreeBSD   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Eric McCorkle 2011-09-03 00:11:12 UTC 
Version:           unspecified (using KDE 4.6.5) 
OS:                FreeBSD

Use OpenSSL for encryption, rather than homebaked blowfish algorithm.  The reasons for this are as follows:

1) Homebaked crypto often has subtle bugs or is subject to subtle attacks that have been dealt with in more mature crypto frameworks.

2) Ability to use different ciphers, such as AES, twofish, blowfish with larger keys, etc.

3) Less code to maintain.

Reproducible: Didn't try


Actual Results:  
Wallets are stored encrypted with a custom blowfish implementation.

Expected Results:  
Wallets should be stored encrypted with the custom blowfish implementation (for back-compatibility), or using a user-selected cipher from the OpenSSL crypto library.
Comment 1 Christoph Feck 2011-09-03 11:25:17 UTC 
Duplicate of bug 276634. Both wishes are equally specific (the other mentions specific encryption modes, this one mentions specific implementations), so I let Michael decide which one to keep open.

We probably should just use QCA2 and be free of any specifics.
Comment 2 Michael Leupold 2011-09-03 16:41:25 UTC 
I'm actually not sure what to do about these bug reports. Regarding the pace ksecretservice currently has, we might actually see a release soon which will invalidate both bug reports. I don't think see kwalletd will see either feature in the meantime. It's just too much of a hassle to implement for a component that's about to die.
Comment 3 michaelk83 2022-09-06 15:19:19 UTC 
Partly covered by GPG wallets, other than that pretty much the same as Bug 444252.

*** This bug has been marked as a duplicate of bug 444252 ***