Just in case e-mail doesn't reach the gcrypt-devel list ... Without using "(transient-key)" /dev/random in a VMFusion is like watching lawn grass grow ... very green and utterly useless.
hth 73 de Jeff Begin forwarded message: > From: Jeff Johnson <n3...@mac.com> > Date: June 9, 2010 2:40:04 PM EDT > To: gcrypt-de...@gnupg.org > Subject: ECDSA genkey w GCRY_VERY_STRONG_RANDOM is painfully slow > > Attached is a patch to decrease random strength if "(transient-key)" > is in the S-expr (just like RSA/DSA). > > BTW, I'm also seeing this building from gcrypt SVN trunk on RHEL6 beta > using this malloc voo-doo in ~/.bash_profile: > > export MALLOC_CHECK_=3 > # http://udrepper.livejournal.com/11429.html > export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) > > *** glibc detected *** /X/src/libgcrypt/tests/.libs/lt-t-mpi-bit: free(): > invalid pointer: 0x0a022bf8 *** > ======= Backtrace: ========= > /lib/libc.so.6[0x61c861] > /lib/libc.so.6(cfree+0xf0)[0x6214a0] > /X/src/libgcrypt/src/.libs/libgcrypt.so.11(+0xba3c)[0x427a3c] > /X/src/libgcrypt/src/.libs/libgcrypt.so.11(+0x7c38)[0x423c38] > /X/src/libgcrypt/src/.libs/libgcrypt.so.11(gcry_free+0x1d)[0x4207bd] > /X/src/libgcrypt/tests/.libs/lt-t-mpi-bit[0x80493d1] > /lib/libc.so.6(__libc_start_main+0xe6)[0x5c4bb6] > /X/src/libgcrypt/tests/.libs/lt-t-mpi-bit[0x8048a31] > ======= Memory map: ======== > 00280000-00281000 r-xp 00000000 00:00 0 [vdso] > 0041c000-0048d000 r-xp 00000000 fd:00 1444033 > /X/src/libgcrypt/src/.libs/libgcrypt.so.11.6.0 > 0048d000-00490000 rw-p 00070000 fd:00 1444033 > /X/src/libgcrypt/src/.libs/libgcrypt.so.11.6.0 > 00588000-005a6000 r-xp 00000000 fd:00 138742 /lib/ld-2.11.1.so > 005a6000-005a7000 r--p 0001d000 fd:00 138742 /lib/ld-2.11.1.so > 005a7000-005a8000 rw-p 0001e000 fd:00 138742 /lib/ld-2.11.1.so > 005ae000-00729000 r-xp 00000000 fd:00 138744 /lib/libc-2.11.1.so > 00729000-0072a000 ---p 0017b000 fd:00 138744 /lib/libc-2.11.1.so > 0072a000-0072c000 r--p 0017b000 fd:00 138744 /lib/libc-2.11.1.so > 0072c000-0072d000 rw-p 0017d000 fd:00 138744 /lib/libc-2.11.1.so > 0072d000-00730000 rw-p 00000000 00:00 0 > 00732000-00735000 r-xp 00000000 fd:00 131244 /lib/libdl-2.11.1.so > 00735000-00736000 r--p 00002000 fd:00 131244 /lib/libdl-2.11.1.so > 00736000-00737000 rw-p 00003000 fd:00 131244 /lib/libdl-2.11.1.so > 00889000-0088c000 r-xp 00000000 fd:00 139535 /lib/libgpg-error.so.0.6.0 > 0088c000-0088d000 rw-p 00002000 fd:00 139535 /lib/libgpg-error.so.0.6.0 > 00942000-0095f000 r-xp 00000000 fd:00 138762 > /lib/libgcc_s-4.4.3-20100121.so.1 > 0095f000-00960000 rw-p 0001c000 fd:00 138762 > /lib/libgcc_s-4.4.3-20100121.so.1 > 08048000-0804a000 r-xp 00000000 fd:00 1447630 > /X/src/libgcrypt/tests/.libs/lt-t-mpi-bit > 0804a000-0804b000 rw-p 00001000 fd:00 1447630 > /X/src/libgcrypt/tests/.libs/lt-t-mpi-bit > 0a022000-0a043000 rw-p 00000000 00:00 0 [heap] > b780f000-b7811000 rw-p 00000000 00:00 0 > b7821000-b7822000 rw-p 00000000 00:00 0 > bfa40000-bfa55000 rw-p 00000000 00:00 0 [stack] > /bin/sh: line 5: 20427 Aborted ${dir}$tst > FAIL: t-mpi-bit > > I'll dig out the flaw somewhen and send a patch, just busy & lazy ... > > Is there any time line for ECDSA into RFC 2440/4880? I'll be happy to > test and help whenever, been waiting for more than a year already ... > > hth > > 73 de Jeff
gcrypt.patch
Description: Binary data
>
