[openssl-users] Long startup time and poor entropy on Windows due to inefficient heap walking In RAND_poll()
Jeffrey Walton
noloader at gmail.com
Mon Jan 19 05:02:05 UTC 2015
On Sun, Jan 18, 2015 at 10:17 PM, Noel Carboni
<NCarboni at prodigitalsoftware.com> wrote:
> ...
> Trouble is, the OpenSSL startup is taking over 1 second on a modern computer
> running Windows 8.1 x64.
> ...
>
> We tracked the delay down to OpenSSL's entropy gathering heap walking logic
> in the RAND_poll() function in rand_win.c. The Heap32First() and
> Heap32Next() Windows API calls are monstrously inefficient - each iteration
> taking a significant part of a second just to return a pointer to the first
> or next heap entry. Since the logic attempts to walk through the entire
> heap, it doesn't take many calls at all to exceed the MAXDELAY time of 1000
> milliseconds (one full second).
You should seed OpenSSL's random number generator directly using
CryptGenRandom (and other entropy you might have).
Once the generator is seeded, it won't attempt to auto-seed itself
with the RAND_poll gear.
Also see http://wiki.openssl.org/index.php/Random_Numbers. It advises
that you seed the generator directly rather than depending on the
library doing it through RAND_poll.
Jeff
More information about the openssl-users
mailing list