0

From the libgcrypt manual:

Libgcrypt uses a concept known as secure memory, which is a region of memory set aside for storing sensitive data. Because such memory is a scarce resource, it needs to be setup in advanced to a fixed size. Further, most operating systems have special requirements on how that secure memory can be used. For example, it might be required to install an application as “setuid(root)” to allow allocating such memory. [...] If you have to protect your keys or other information in memory against being swapped out to disk and to enable an automatic overwrite of used and freed memory, you need to[...]

I am a bit confused on how this secure memory works.
I'm developing a software that do aes256-cbc file encryption and also it calculate the MAC (hmac with sha512) of IV+CIPHERTEXT so i must use the secure memory to store sensitive information.
What i don't understand about the concept of the "secure memory" is:

  1. Let's say that i have this: unsigned char *key; key = malloc(32);. How can the library knows that this variable wants the secure memory to be "malloced"?
  2. "automatic overwrite of the freed memory" means that free(key) will be erased so i don't need to memset the memory before freeing the pointer right?
polslinux
  • 1,739
  • 9
  • 34
  • 73

1 Answers1

1

Just keep reading the same page you copied and pasted: http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html

there are the examples on how to initialize the library.

In general a secure memory is locked with mlock so it can't be paged out.

The library is of course unaware of malloc calls in other places of your program, check its documentation for how to use it.

LtWorf
  • 7,286
  • 6
  • 31
  • 45