Your message dated Tue, 27 Nov 2018 00:20:41 +0100
with message-id <[email protected]>
and subject line Re: openssl: uses only 32 bytes (256 bit) for key generation
has caused the Debian Bug report #742145,
regarding openssl: uses only 32 bytes (256 bit) for key generation
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
742145: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742145
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: openssl
Version: 1.0.1f-1
Severity: serious
Tags: security
Justification: security issue
strace openssl genrsa 4096
Looking at the output:
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3
fstat(3, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 9), ...}) = 0
poll([{fd=3, events=POLLIN}], 1, 10) = 1 ([{fd=3, revents=POLLIN}])
read(3,
"\226\21L.\2707\352\242\372_\10T\306\201\320\200\351bU\206\26\2556?\303\360\223\263jw\370j",
32) = 32
close(3) = 0
I’d expect OpenSSL to use more than *at best* 256 bits of
entropy for generating a key of 4096 bits length.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.13-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Versions of packages openssl depends on:
ii libc6 2.18-4
ii libssl1.0.0 1.0.1f-1
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-bundle [ca-certificates] 20130106+tarent4
-- no debconf information
--- End Message ---
--- Begin Message ---
On 2014-03-19 12:50:54 [+0100], Thorsten Glaser wrote:
> strace openssl genrsa 4096
>
> Looking at the output:
>
> open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3
> fstat(3, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 9), ...}) = 0
> poll([{fd=3, events=POLLIN}], 1, 10) = 1 ([{fd=3, revents=POLLIN}])
> read(3,
> "\226\21L.\2707\352\242\372_\10T\306\201\320\200\351bU\206\26\2556?\303\360\223\263jw\370j",
> 32) = 32
> close(3) = 0
>
> I’d expect OpenSSL to use more than *at best* 256 bits of
> entropy for generating a key of 4096 bits length.
currently (as in unstable) it uses the same amount of bytes to seed its
internal rng and then create the key. This and and the response
|From: Damien Miller <[email protected]>
|Subject: Re: Bug#742145: openssl: uses only 32 bytes (256 bit) for key
generation
|Date: Thu, 20 Mar 2014 11:03:54 +1100 (EST)
|
|256 bits is enough for keys up to 15Kb, which is just shy of
|OPENSSL_RSA_MAX_MODULUS_BITS (16Kb).
|
|Ref: NIST Special Publication 800-57, section 5.6.1, table 2
I consider this as closed. If you feel different please reopen saying
why and I see what can be done.
Sebastian
--- End Message ---
