[Help-gnutls] Re: About entropy gathering

Simon Josefsson simon at josefsson.org
Wed Jan 31 12:58:45 CET 2007

devel <dev001 at pas-world.com> writes:

> Well,
> The problem is that without time limit a "machine operator"
> can not know if there is a "hardware problem". For example, my machine
> wait about >30seconds for 1024bits or random data, my machine has not
> Hardware RNG (Athlon64 X2) that runs a program slow that PentimIII with
> hw_rng module (<1second).
> On hard load of gathering entropy, a machine operator can not know that
> program is waiting for RNG data. The program, the machine, and the
> server could be slow because machine can not collect true random data.
> I think that function that collect entropy should exit,with error code,
> if a throught of bytes/sg can not be collected. Is my opinion.

If the time-limit is 30s, you then wouldn't be able to generate a
private key on your athlon64, while waiting longer would make that
possible.  Deciding on the time-limit is difficult.  On smaller
machines, generating the required entropy can take many minutes.

A process indicator might be useful, and if someone wants to work on
adding one -- just read one byte of randomness at a time and display
some progress to the user after each byte has been read -- I'd like to
integrate it.

However, when you talk about 'server', what do you mean?  Generating
RSA/DSA private keys or DH parameters can block, but a GnuTLS server
should never (if I understand how we are using libgcrypt correctly).
If you are having a GnuTLS server block on randomness, please give
more details -- that shouldn't happen.


More information about the Gnutls-help mailing list