On Sun, 18 Dec 2016 17:00, jspri...@debian.org said: > which led me to this patch:
This is agent: Kludge to mitigate blocking calls in Libgcrypt. * agent/gpg-agent.c (agent_libgcrypt_progress_cb): Sleep for 100ms on "need_entropy". -- During key generation Libgrypt will read from /dev/random which may block. Libgcrypt is not nPth aware and thus the entire process will block. Fortunately there is also a select with a short timeout to run the progress callback. We detect this in gpg-agent and introduce a short delay to give other threads (i.e. connections) an opportunity to run. This alone is not sufficient, an updated Libgpg-error is also required to make the lock functions nPth aware. Are you also using libgpg_error 1.25? If there is not enough entropy available it should not harm to wait a bit and relinquish control to other threads. Unless other processes content about entropy fom the kernel this sleep call can't be the reasons for your delays. Well, we could reduce it to 20ms or so. > needs entropy when doing gpg -d. gpg needs to initialize its own RNG in almost all cases. This is required for the generation of an internal cookie to verify --clearsigned messages and also for the RSA blinding (to mitigate side channel attacks). Do you have a ~/.gnupg/random_seed ? Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpItg6RstYKq.pgp
Description: PGP signature