Mailing List Archive: Use of libgcrypt in libc?

Hi! I have noticed this work in libc to use NSS for crypto:

http://sourceware.org/git/?p=glibc.git;a=commit;h=ff886b82a2b65758950bdb4687cf5a1238f697a1

I wanted to look into providing a patch to use libgcrypt. The patch is
relatively straight forward to produce, but I have run into a problem
with libgcrypt initialization.

I have read

http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html

and it suggests to recommend solution is that applications initialize
libgcrypt, which I don't see how it would work in glibc.

If libc initialize libgcrypt without secure memory, it seems that
potentially applications may end up with libgcrypt in that mode too,
which appears sub-optimal.

Is it possible to use libgcrypt safely in libc? How?

/Simon

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

On Tue, 16 Jun 2009 10:47, simon@josefsson.org said:

> and it suggests to recommend solution is that applications initialize
> libgcrypt, which I don't see how it would work in glibc.

We would need to address a couple of problems. Of course glibc could do
the initialization but only in a standard way without too much secure
memory or with disabled secure memory.

That would lead to problems with applications requiring a different
memory allocator and definitely with FIPS mode.

The best solution I can think about are a modified memory allocator in
glibc to allow setting flags on allocated memory blocks. With such a
feature custom handlers could be invoked from the standard free or
malloc and do whatever they want (i.e clear out that memory or mlock
it). Not an easy change though.

Shalom-Salam,

Werner

--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel