1

I am a newbie to libgcrypt version 1.6.1, and right now I am trying to produce a public/private key pair for rsa algorithm.

I list the code I am using below. What I am trapped into is the gcry_pk_genkey function, in which it can take over 1.5 hours but never return.

void gcrypt_init()
{
 if (!gcry_check_version (GCRYPT_VERSION))
{
    xerr("gcrypt: library version mismatch");
}

gcry_error_t err = 0;

err &= gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);

err &= gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);

err &= gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
err &= gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);

if (err) {
    xerr("gcrypt: failed initialization");
}
}


#include "gcry.hh"
#include <cstdio>
#include <cstdlib>
#include <cstring>

int main(int argc, char** argv)
{
if (argc != 2) {
    fprintf(stderr, "Usage: %s <rsa-keypair.sp>\n", argv[0]);
    xerr1("Invalid arguments.");
}

gcrypt_init();

gcry_error_t err = 0;
gcry_sexp_t rsa_parms;
gcry_sexp_t rsa_keypair;

err &= gcry_sexp_build(&rsa_parms, NULL, "(genkey (rsa (nbits 4:2048)))");
if (err) {
    xerr1("gcrypt: failed to create rsa params");
}

err &= gcry_pk_genkey(&rsa_keypair, rsa_parms); <------- This function call
if (err) {
    xerr1("gcrypt: failed to create rsa key pair");
}

char* fname = argv[1];
err = gcrypt_sexp_to_file(fname, rsa_keypair, 1 << 16);

    printf("i am here3\n");
gcry_sexp_release(rsa_keypair);
gcry_sexp_release(rsa_parms);

return err;
}

I am aware that this function can take a few minutes. Your computer needs to gather random entropy.. However, I can hardly believe it could take almost 2 hours without return/throw exception...

I am using a 32-bit Ubuntu 14.04, inside a virtualbox VM instance. Am I doing anything wrong here?

lllllllllllll
  • 8,519
  • 9
  • 45
  • 80

1 Answers1

3

Could you test the speed of your /dev/random? If that's horribly slow (possibly because other processes require too much entropy) then /dev/random will block until entropy is gathered. This may also be an issue on headless machines. I've certainly had issues with the speed of random number generation on Ubuntu on my laptop.

You can also specify transient-key (as flag in the s expression) to use a somewhat less secure random number generator, which probably means less entropy and therefore less blocking.

It's highly unlikely that the time it costs to validate that a number is prime takes that long. And even though the time to find a prime (or two) isn't known it advance, it is unlikely that anything other than blocking for random number generation could cause such huge generation times.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Hello Maarten, thank you so much for your advice. Could you please elaborate more about "somewhat less secure random number generator,"? How should I configure that setting? Thank you! – lllllllllllll Sep 05 '16 at 17:55
  • It's [in the manual](https://gnupg.org/documentation/manuals/gcrypt/gcrypt.pdf), used as a flag in the string. Haven't tried it myself. You may want to see what you can do about the slow `/dev/random` if that's the issue though, other processes may experience problems too. – Maarten Bodewes Sep 05 '16 at 18:00
  • You are right... I tried `cat /dev/random`, it produce a few outputs, then get stucked... – lllllllllllll Sep 05 '16 at 18:46
  • I generate the key in the host machine, and eveything looks fine now.. Thank you! – lllllllllllll Sep 05 '16 at 18:49
  • You're welcome.If you do need the VM and /dev/random you may want to use [this](http://security.stackexchange.com/a/34552/2651) to add entropy. – Maarten Bodewes Sep 05 '16 at 20:01