From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jeffrey Walton Subject: (unknown) Date: Wed, 1 Jun 2016 00:21:02 -0400 Message-ID: Reply-To: noloader@gmail.com Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 To: linux-crypto@vger.kernel.org Return-path: Received: from mail-io0-f173.google.com ([209.85.223.173]:35212 "EHLO mail-io0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751488AbcFAEVE (ORCPT ); Wed, 1 Jun 2016 00:21:04 -0400 Received: by mail-io0-f173.google.com with SMTP id o189so46417ioe.2 for ; Tue, 31 May 2016 21:21:03 -0700 (PDT) Subject: Sender: linux-crypto-owner@vger.kernel.org List-ID: Please forgive my ignorance here... I have test system with a VIA C7-M processor and PM-400 chipset. This is one of those Thin Client/Internet of Things processor and chipsets I test security libraries on (like OpenSSL, Cryptlib and Crypto++). The processor includes the Padlock extensions. Padlock is similar to Intel's RDRAND, RDSEED and AES-NI, and it predates Intel's instructions by about a decade. The Padlock Security Engine can produce a stream of random numbers at megabits per socond, so I've been kind of surprised it has been suffering entropy depletion. Here's what the audit trail looks like: Testing operating system provided blocking random number generator... FAILED: it took 74 seconds to generate 5 bytes passed: 5 generated bytes compressed to 7 bytes by DEFLATE Above, the blocking RNG is drained. Then, 16 bytes are requested. It appears to take over one minute to gather five bytes when effectively an endless stream is available. My question is, is this system expected to suffer entropy depletion out of the box? Or are users expected to do something special so the system does not fail? Thanks in advance. Jeff