Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Klaus Steden (klauscompt.com)
Date: Sun Jul 07 2002 - 13:50:20 CDT
> yesterday's -stable and ports tree, rebuilt twice.
> % pgpk -l randy
> Type Bits KeyID Created Expires Algorithm Use
> sec+ 1024 0xB1331439 1994-04-04 ---------- RSA Sign & Encrypt
> uid Randy Bush <randypsg.com>
> 1 matching key found
> Received signal 8.
> anyone else see this or have a clue?
Yup. I tried PGP6, too, and found the same problem. Did some digging around
in the source, and at least with PGP6, I discovered it's a bug in
pgpRndUnix.c. Specifically, when loading a timer for use in an entropy
function (I think), there's a call to clock_getres() - using the
CLOCK_REALTIME clock, filling in a structure that gets returned to the caller
as 0, which triggers the FPE.
I tried using CLOCK_VIRTUAL, which stopped the FPE, but returned an error and
thus didn't generate any randomness.
Hopefully I've got my terms right - I'm no crypto expert by any stretch, but
that's what I found to be a problem in PGP6. I suspect something similar may
be at play in PGP5.
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message