certtool still makes 25 120-byte reads from /dev/urandom, fetching 3000
bytes (14400 bits) when 32 (256 bits) is more than enough.
To quote "man 4 random":
"if any program reads more than 256 bits (32 bytes) from the
kernel random pool per invocation, or per reasonable reseed
interval (not less than one minute), that should be taken as a
sign that its cryptography is not skilfully implemented."
read(3, "v\35\223\375<\352qTU\331\316:"..., 120) = 120
read(3, "y\34\220\36\345\374\316k\3\331\351\307"..., 120) = 120
read(3, "\214\272\17@:\304\35LT$\2763"..., 120) = 120
read(3, "\6\357\224>N\353\0\322Ys\311\0"..., 120) = 120
read(3, "\264\f%\242\266\232\300\375\340)\203w"..., 120) = 120
read(3, "Df\203\313\321+\305^|\251r\325"..., 120) = 120
read(3, "\340\323nN\357\233Y?l\26v\n"..., 120) = 120
read(3, "\16H\355\344\347fD\343\207\3118j"..., 120) = 120
read(3, "\312\333)~J\"\226\250f\255\353\3"..., 120) = 120
read(3, "\23\232\0\310B\331\t\266b,\201\314"..., 120) = 120
read(3, ")\367R8\312\257\377a\204\340\255\274"..., 120) = 120
read(3, "\274K\32}h=-(\243S\273\22"..., 120) = 120
read(3, "\236\32UT\3655\276}Zjm\200"..., 120) = 120
read(3, "\1\322C5\323\251\260\35\204\215\377l"..., 120) = 120
read(3, "rBZ\347\312\202\0311\326q\21\331"..., 120) = 120
read(3, "6\376t\255\33L\246\352mI\326\316"..., 120) = 120
read(3, "\346\207\3715g[!\201~\34f\220"..., 120) = 120
read(3, "X\2418\210\3063\26\3001\335\362\215"..., 120) = 120
read(3, "o\257\232\331\33\355K\354mZ\361b"..., 120) = 120
read(3, "\223\331%t\357\10\2347z\364!\20"..., 120) = 120
read(3, ":\233F\375D\356CR\373\320\35$"..., 120) = 120
read(3, "\225j\354C\216\272\257\354\205\vF,"..., 120) = 120
read(3, "9\357.WK\213\206m\0074\3161"..., 120) = 120
read(3, "+\370(\7\311\210J\332\340\342\275\210"..., 120) = 120
read(3, "\273S\215\333\362\274l\253\272R\300\272"..., 120) = 120
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]