[RFC PATCH] enable configurable SECMEM_BUFFER_SIZE

Werner Koch wk at gnupg.org
Wed Nov 22 09:47:10 CET 2017


On Tue, 21 Nov 2017 19:12, matthew.summers at syapse.com said:

> id. This is a severe issue for us that seems pretty easy to remedy
> with a patch like this.

Can you please explain the problem you try to solve.

Most crypto operations which temporary require allocation of extra
chunks of data (big integer computation) the secure memory area is
enlarged on the fly.

The gpg-agent stores secret keys in a cache which is allocated in
standard memory.  This can be done because the keys are stored encrypted
in this cache (using a per process ephemeral key).

Any problems creating or using more keys is either due to a memory leak
in gpg-agent or because you have a lot of active connections to the
gpg-agent using private keys.

For that latter case there are two solutions:

 1. Enlarging the secure memory area.  This has the problem that you
    will never known how much is sufficient.

 2. Enlarge the secure memory area on the fly as we do it with some of
    the Libgcrypt internal mallocs (actually all xmalloc style
    allocations).  That would require an update to Libgcrypt and a
    runtime option to gpg-agent to enable this.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20171122/8218ee9b/attachment.sig>

More information about the Gnupg-devel mailing list