[gcrypt-devel] gcry_pk_genkey function is extremely slow in libgcrypt
Shuai Wang
wangshuai901 at gmail.com
Tue Sep 6 03:23:09 CEST 2016
Hello Karl,
Thank you for your reply. Yes, I have double-checked the */dev/random* and
it is extremely slow.
So currently I produce the key pair in my host machine (OS X) and then
switch to the VM for some tests. It works!
Sincerely,
Shuai
On Mon, Sep 5, 2016 at 9:20 PM, Karl Magdsick <kmagnum at gmail.com> wrote:
> Virtual machines may gather entropy incredibly slowly. While you're
> stuck, in another terminal try
>
> prompt> time dd bs=128 count=1 if=/dev/random/ | uuencode -
>
> My guess is this alone will take several minutes for your vm.
>
> Cheers,
> -Karl
>
> On Sep 6, 2016 2:51 AM, "Shuai Wang" <wangshuai901 at gmail.com> wrote:
>
> I am a newbie to libgcrypt(version 1.6.1), and right now I am trying to
> produce a public/private key pair for rsa algorithm.
>
> I list the code I am using below. What I am trapped into is the
> gcry_pk_genkey function, in which it can take over 1.5 hours but never
> return.
>
> int main(int argc, char** argv)
> {
> if (argc != 2) {
> fprintf(stderr, "Usage: %s <rsa-keypair.sp>\n", argv[0]);
> xerr1("Invalid arguments.");
> }
>
> gcrypt_init();
>
> gcry_error_t err = 0;
> gcry_sexp_t rsa_parms;
> gcry_sexp_t rsa_keypair;
>
> err &= gcry_sexp_build(&rsa_parms, NULL, "(genkey (rsa (nbits 4:2048)))");
> if (err) {
> xerr1("gcrypt: failed to create rsa params");
> }
>
> err &= gcry_pk_genkey(&rsa_keypair, rsa_parms); <------- This function call
> if (err) {
> xerr1("gcrypt: failed to create rsa key pair");
> }
>
> char* fname = argv[1];
> err = gcrypt_sexp_to_file(fname, rsa_keypair, 1 << 16);
>
> printf("i am here3\n");
> gcry_sexp_release(rsa_keypair);
> gcry_sexp_release(rsa_parms);
>
> return err;
> }
>
> I am aware that this function can take a few minutes. Your computer needs
> to gather random entropy.. However, I can hardly believe it could take
> almost 2 hours without return/throw exception...
>
> I am using a 32-bit Ubuntu 14.04, inside a virtualbox VM instance. Am I
> doing anything wrong here?
>
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160905/5076d64a/attachment.html>
More information about the Gcrypt-devel
mailing list