Page MenuHome GnuPG
Create Task
Maniphest T3189

secmem routines should be in libgpg-error as gpgrt_*
Open, NormalPublic
Actions

Description

We have secmem routines in libgcrypt now. Targeting libgcrypt 1.9, it is better move those functions to libgpg-error.

Details

Due Date
Apr 30 2018, 5:00 PM

Event Timeline

gniibe created this task.May 31 2017, 1:10 PM
werner triaged this task as Normal priority.Jun 1 2017, 9:31 PM
gniibe claimed this task.Sep 6 2018, 3:20 AM

I created gniibe/secmem branch for this.
https://dev.gnupg.org/source/libgpg-error/history/gniibe%252Fsecmem/

gniibe added a comment.Sep 12 2018, 5:45 AM

secmem routines are installed into gniibe/secmem branch.
Please note that it's only secmem routines, not malloc_secure.

Now, I wonder the original intention.
Do we intend to have malloc_secure in gpgrt?

Do we need to expose the secmem routines, as a public interface of gpgrt?

pert added a subscriber: pert.Nov 14 2020, 3:57 PM
pert added a comment.Nov 14 2020, 4:03 PM
In T3189#117959, @gniibe wrote:

Do we need to expose the secmem routines, as a public interface of gpgrt?

I would find it useful. For example I'm making a utility that gets a passphrase with GPGME and gpg-agent, and would like to copy it into a buffer that lives on after closing the context.