[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] Re: Feature request: not really random session keys
|
From: |
Simon Josefsson |
|
Subject: |
[gnutls-dev] Re: Feature request: not really random session keys |
|
Date: |
Wed, 18 Jan 2006 15:01:16 +0100 |
|
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) |
Florian Weimer <address@hidden> writes:
> The various DH implementations seem to end up calling
> gnutls_calc_dh_secret in lib/gnutls_dh.c:
>
> do {
> _gnutls_mpi_randomize(x, (x_size / 8) * 8, GCRY_STRONG_RANDOM);
> /* Check whether x is zero.
> */
> } while( _gnutls_mpi_cmp_ui( x, 0)==0);
>
> _gnutls_mpi_randomize is actually gcry_mpi_randomize. If I read the
> libgcrypt source correctly GCRY_STRONG_RANDOM maps to level 2, and
> this means that a corresponding number of bits has to be read from
> /dev/random.
STRONG_RANDOM is 1:
typedef enum gcry_random_level
{
GCRY_WEAK_RANDOM = 0,
GCRY_STRONG_RANDOM = 1,
GCRY_VERY_STRONG_RANDOM = 2
}
I believe only >= 2 should ever block.
[gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/18
Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos, 2006/01/18