Comment 6 for bug 1004845

Yeah, that key generation is pretty terrible.

Fortunately we mostly use python-keyring to talk to GNOME Keyring / KDE Wallet. Hopefully most people do.

I don't think re-using IVs is horrifically insecure here, as most keyrings won't be re-written much, so the key + IV-reuse is minimal. But it is definitily a problem and should be improved.