gcry_control
Werner Koch
wk at gnupg.org
Tue Aug 17 13:50:03 CEST 2004
On Mon, 16 Aug 2004 09:19:50 -0700, Neil Spring said:
> So is it the case that I should have my code call either:
> gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
> or
> gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
> but not both?
Yes. However you should call DISABLE_SECMEM as early as possible;
i.e. before gcry_check_version.
> Someone asked about the "Secure memory is not locked into core"
> warning and I wanted to get rid of it and explain it at the same
Yesterday, I figured out that there is a bug in the way the warning
message is generated. This means the suggested way of doing a
gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
before gcry_check_version and later enabling the messages using
gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
does not work reliable. It will be fixed in the next version.
Werner
More information about the Gcrypt-devel
mailing list