Hi Arthur, Testing RDSEED generator... > > > > CryptoPP::Exception caught: RDSEED: GCC_RSA_GenerateBlock operation failed > > > Uri and I began hitting this, too after the release. The issue is RDRAND never fails to fulfill a request (I have never seen it happen), while RDSEED fails to fulfill on occasion. Requesting 20K random bytes is enough to trigger the failure.
To fix it, you just need to bump the number of retries for RDSEED. We did that on validat1.cpp at commit 0059f486ad0467d5 (https://github.com/weidai11/cryptopp/commit/0059f486ad0467d5c4dc692db99a5a5f96c2a733): $ git diff 0059f486ad0467d5^ 0059f486ad0467d5 diff --git a/validat1.cpp b/validat1.cpp index 1d61463..144bdbf 100644 --- a/validat1.cpp +++ b/validat1.cpp @@ -460,6 +460,7 @@ bool TestAutoSeeded() #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64) bool TestRDRAND() { + // Testing on 6th generation i7 shows RDRAND needs less than 8 retries for 10K bytes. RDRAND rdrand; bool entropy = true, compress = true, discard = true; static const unsigned int SIZE = 10000; @@ -532,7 +533,8 @@ bool TestRDRAND() #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64) bool TestRDSEED() { - RDSEED rdseed; + // Testing on 6th generation i7 shows RDSEED needs about 128 retries for 10K bytes. + RDSEED rdseed(128); bool entropy = true, compress = true, discard = true; static const unsigned int SIZE = 10000; Jeff -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
