Bodo Moeller Bodo_Moeller at public.uni-hamburg.de
Mon Jan 11 23:34:00 CET 1999

Werner Koch <wk at isil.d.shuttle.de>:

> I have just released version 0.9.1 of GnuPG.  [...]

I compiled it on a Solaris 2.6 system.  When I tried to create a key,
it looked as if the program froze at the moment when actual key
creation was to begin.  After having set the GNUPG_RNDUNIX_DBG and
GNUPG_RNDUNIX_DBGALL environment variables and trying again I found
out that nothing could have been further from the truth: rndunix's
slow random polling function was busily executing over and over again
(without finding too much randomness), and the program never had
enough. After some 10000 lines of debugging output, I stopped it (and
manually added things like "xwd -root" to the slow poll command table,
which finally got me my key).

As a quick workaround, rndunix could give up after some attempts if it
cannot gather enough randomness.  Then the usual "INSECURE"
warning/error messages should be generated (as in the dummy random
number generator case) -- at least the user will know what is going

In the long run, probably there should be some provisions for random
seeding in the option/configuration file parser (possibly with support
for something like PGP's randseed.bin -- with manual randomness
gathering via keyboard timings for slow interactive commands such as
key generation and automatic [low-entropy] randomness updating for
non-interactive or "less-interactive" commands such as encryption).

More information about the Gnupg-devel mailing list