libgcrypt: random source via library on Linux?

Werner Koch wk at
Fri May 29 12:22:58 CEST 2020

On Thu, 28 May 2020 14:43, Steffen Nurpmeso said:

>     ./configure \
>         --prefix=/usr \
>         --disable-padlock-support \
>         --enable-static=yes
>     make
>     make DESTDIR=$PKG install

That is pretty standard except for the --disable-padlock-support - why
do you use this?  Padlock is only used on VIA CPUs and has an auditable
design in contrast to RDRAND (which is used by Libgcrypt be default).

Are you running in FIPS mode?

Can you run the Libgcrypt test suite?  In particular

$ libgcrypt/tests/version
$ libgcrypt/tests/random --verbose --debug



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list