[cryptography] OpenPGP in Python: Security evaluations?

Werner Koch wk at gnupg.org
Fri Jun 12 15:14:36 EDT 2015

On Fri, 12 Jun 2015 12:39, lists at infosecurity.ch said:

> Regarding GPGME, is it really exec()uting the gpg binary or is it
> calling directly the gpg as a library?

Sure it does fork/exec.  However, gpgsm is run as a co-process and thus
there is only one fork/exec for a bunch of operations (descriptor
passing is use for the bulk of data).  That can also be implemented for
gpg but we have not yet seen a use case which really demands that - thus
changing this for gpg has a low priority.  (gpgsm uses this because it
is newer than libgpgme and thus could be designed with the co-process in



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the cryptography mailing list