Persistence APIs for private keys that use a buffer, not a FILE.
Thunderbird prefers to encrypt private keys before storing them on disk. It already does that for saved server logins, and for certificate private keys.
In order to handle the encryption and decryption of the persistent data produced by libotr, it would be helpful if the persistence APIs offered a function that returns the persistent data as a buffer, without writing it to a file. This could ensure that the private keys never reach the disk without protection. Similarly, reading the persistent data back should also support reading from a buffer, instead of a FILE.