pe...@piermont.com (Perry E. Metzger) on Sunday, June 28, 2009 wrote: >It has problems. Among other things, it only mlocks your session key >itself into memory, leaving both the AES key schedule (oops!) and the >decrypted data (oops!) pageable into swap. (Why bother mlocking the text >of the key if you're not going to lock the key schedule?)
You should probably use the encrypted swap feature on the Mac. System Preferences -> Security -> Use secure virtual memory. Cheers - Bill ----------------------------------------------------------------------- Bill Frantz | gets() remains as a monument | Periwinkle (408)356-8506 | to C's continuing support of | 16345 Englewood Ave www.pwpconsult.com | buffer overruns. | Los Gatos, CA 95032 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com