bjk at luxsci
Mar 16, 2012, 3:00 PM
Post #2 of 9
On Fri, Mar 16, 2012 at 05:31:26PM +0100, Martin Stenberg wrote:
> I sent a previous message (subject: gpgme not using secure memory?) to
> the list but I assume it got lost in moderation (was not subscribed).
> I'm writing a password manager and want it to use a gpg-encrypted file
> for storing passwords. I figured that gpgme would be the right tool to
> use to integrate gpg encryption/decryption in my application. However,
> I'm unsure if gpgme stores decrypted data in secure memory. I don't want
> passwords to be swapped to disk.
I have a project that does the same by using libassuan and gpg-agent.
Maybe you'd be interested in helping me with it? If so, the url is
> As far as I can tell from peeking at the gpgme source code, it reads
> decrypted data using assuan_read_line, and I cannot find any mlock's
> either in libassuan nor in gpgme.
> I'm new to the gpg-related libraries so I might very well have missed
> something, could someone please confirm if decrypted data can indeed be
> swapped when using gpgme?
I use the custom memory allocators to create a linked list of
pointers which are zero'd before being freed.
[XMPP: bjk AT jabber DOT org] - [IRC: (bjk) FreeNode/OFTC]
Gnupg-devel mailing list
Gnupg-devel [at] gnupg