Opened at 2013-02-26T19:55:52Z
Last modified at 2016-01-14T17:55:01Z
#1924 closed defect
NetBSD < 6.0 /dev/random appears to break RSA keygen in test suites — at Initial Version
Reported by: | midnightmagic | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | undecided |
Component: | code | Version: | 1.9.2 |
Keywords: | netbsd random cryptopp | Cc: | |
Launchpad Bug: |
Description
It *looks* as though the NetBSD /dev/random from earlier than 6.0 (prior to Thor's patch which overhauled it to supply unlimited amounts of random data) does not supply enough bytes to get Tahoe LAFS through the test phase *at all times*.
If you turn off all sources of mixed entropy via NetBSD rndctl, and exhaust it continuously (cat /dev/random > /dev/null) it is possible to reproduce the issue semi-regularly.
It manifests as failed RSA invertibility tests in the test suite.
Running crypto++ test binary under the same conditions makes crypto++ complain bitterly about how long it has to wait for random bytes to be supplied from /dev/random, but it does not technically fail: just complain about it.
I believe it is this issue which is not being handled correctly.
I have no direct evidence this is so.
Updating to NetBSD >= Thor's /dev/random overhaul appears to correct the issue.