Version: unspecified (using KDE 4.6.5) OS: FreeBSD Use OpenSSL for encryption, rather than homebaked blowfish algorithm. The reasons for this are as follows: 1) Homebaked crypto often has subtle bugs or is subject to subtle attacks that have been dealt with in more mature crypto frameworks. 2) Ability to use different ciphers, such as AES, twofish, blowfish with larger keys, etc. 3) Less code to maintain. Reproducible: Didn't try Actual Results: Wallets are stored encrypted with a custom blowfish implementation. Expected Results: Wallets should be stored encrypted with the custom blowfish implementation (for back-compatibility), or using a user-selected cipher from the OpenSSL crypto library.
Duplicate of bug 276634. Both wishes are equally specific (the other mentions specific encryption modes, this one mentions specific implementations), so I let Michael decide which one to keep open. We probably should just use QCA2 and be free of any specifics.
I'm actually not sure what to do about these bug reports. Regarding the pace ksecretservice currently has, we might actually see a release soon which will invalidate both bug reports. I don't think see kwalletd will see either feature in the meantime. It's just too much of a hassle to implement for a component that's about to die.
Partly covered by GPG wallets, other than that pretty much the same as Bug 444252. *** This bug has been marked as a duplicate of bug 444252 ***