On Fri, Jan 04, 2008 at 10:48:48AM +0100, Andreas Metzler wrote: > When acting as a server gnutls pulls that much data from /dev/urandom > that entropy available for /dev/random is down to its minimum > safeguard. ((it is not possible to completely deplete /dev/random by > reading from /dev/urandom in current kernels) > > [EMAIL PROTECTED]:~$ cat /proc/sys/kernel/random/entropy_avail && gnutls-serv > --x > 509keyfile /tmp/CERT/exim.key --x509certfile /tmp/CERT/exim.crt & sleep 1 && > ca > t /proc/sys/kernel/random/entropy_avail > [1] 5356 > 3591 > Echo Server ready. Listening to port '5556'. > 139 > > > [EMAIL PROTECTED]:~$ cat /proc/sys/kernel/random/entropy_avail && openssl > s_serve > r -cert /tmp/CERT/exim.crt -key /tmp/CERT/exim.key -accept 5556 & sleep 1 && > cat /proc/sys/kernel/random/entropy_avail > [1] 7139 > 3596 > [...] > 3361
Just FYI: I used strace on openssl s_server -nocert and gnutls-serv, and
I noticed the following:
"openssl s_server" reads 32 bytes from /dev/urandom
"gnutls-serv" reads 3000 times 120 bytes from /dev/urandom, yes, 360 kilobytes!
It is no wonder that when strong random data is required later on, the
entropy pool is completely empty with gnutls-serv. For example, if I
just start "gnutls-serv -g", it will always block while trying to read
300 bytes from an empty /dev/random in order to generate temporary RSA
parameters.
I also noticed that on my machine, /proc/sys/kernel/random/entropy_avail
never exceeds 3600, so by reading 300 bytes, you're using 2/3 of a full
pool.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <[EMAIL PROTECTED]>
signature.asc
Description: Digital signature
