GnuTLS guile self checks takes a lot of time

Simon Josefsson simon at josefsson.org
Thu Oct 14 21:29:18 CEST 2010


Ludo,

I just ran 'make distcheck' with GnuTLS and noticed that the guile self
checks are taken a lot of time.  They are stuck reading /dev/*random to
generate DH parameters or RSA parameters.  Search for
'make-dh-parameters'.  Is there any reason you need a fresh DH/RSA
parameter every time these self tests run?  In the C self tests, it
loads a static DH/RSA parameter hard coded in the binary instead, which
avoids expensive prime generation.

This may suggest a real problem in the randomness code -- I thought it
should be quicker now than with libgcrypt -- but I think it would be
good to fix the self tests to not cause prime generations except when it
is those particular functions that are tested.

/Simon




More information about the Gnutls-devel mailing list