Hi all, With dropbear 0.48.1 running on a MIPS Au1550 platform, RSA key generation occasionally takes a very long time (multiple minutes); the problem was traced to the loop shown below in gen_rsa_priv_key() which executes many times, until a value of the modulus, n, is finally computed that is a multiple-of-8-bits long.
65 /* PuTTY doesn't like it if the modulus isn't a multiple of 8 bits, 66 * so we just generate them until we get one which is OK */ 67 getrsaprime(key->p, &pminus, key->e, size/2); 68 do { 69 getrsaprime(key->q, &qminus, key->e, size/2); 70 71 if (mp_mul(key->p, key->q, key->n) != MP_OKAY) { 72 fprintf(stderr, "rsa generation failed\n"); 73 exit(1); 74 } 75 } while (mp_count_bits(key->n) % 8 != 0); I've found a post from Matt Johnston back in 2003 that indicates why this loop was addded: http://lists.mindrot.org/pipermail/openssh-unix-dev/2003-July/018639.htm l However, using more recent versions of PuTTY (0.58 and 0.60), I don't see any problems with keys generated by dropbear where the modulus is not a multiple-of-8-bits long. So, my question is: should the loop above be deprecated since it doesn't appear to be necessary any more? Thanks, -- Sajin