Using secure memory

Markus Teich teichm at
Mon Apr 20 08:23:21 CEST 2015

jvoisin wrote:
> Hello, I am a libotr[1] contributor, and I'd like to make use of libotr's
> secure memory; unfortunately, I can't find in the documentation the correct
> way to initialize it: Libotr is not a program, it's a library, and this
> situation is not described in the documentation[2].
> Also, I'm wondering how I can estimate how much memory I should allocate; for
> now I tried with 32k and the testsuite is running great, but I'm worried about
> some possible breakages.


I looked at the libgcrypt initialization of libotr once and remember to see a
comment there that they disable the secure memory, because it cannot be
dynamically resized. Basically you have to know how much secure memory you need
(which you don't for OTR), and specify it at the beginning. Maybe this has been
changed in the recent past, at least it would be nice to dynamically resize the
amount of secure memory.


More information about the Gcrypt-devel mailing list