[gnutls-dev] Speed of random data generation

Andreas Metzler ametzler at downhill.at.eu.org
Thu Jun 14 19:12:42 CEST 2007


On 2007-06-13 Alex Hudson <home at alexhudson.com> wrote:
> On Wed, 2007-06-13 at 19:45 +0200, Andreas Metzler wrote:
> > OpenSSL usually is built to use /dev/urandom instead of /dev/random
> > which does not block if you are out of entropy.

> Ah, ok. Does GNUTLS _always_ use /dev/random, or does it depend on what
> you're doing? And is that documented, do you know?
[...]

Hello,
as Werner noted it is not gnutls itself but libgcrypt that does the
actual reading from /dev/random. Afaict libgcrypt only uses
/dev/urandom if /dev/random is not readable.
cu andreas

-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'



More information about the Gnutls-dev mailing list