[Pkg-openssl-devel] Bug#863429: openssl: Please make long-running commands such as dhparam 4096 multithreaded.
Brian Minton
brian at minton.name
Fri May 26 17:40:31 UTC 2017
Package: openssl
Version: 1.1.0f-1
Severity: wishlist
Tags: upstream
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Dear Maintainer,
When generating large DH parameters, the command can take a very long
time. For instance:
$ openssl dhparam -out dhparams_4096.pem 4096
Generating DH parameters, 4096 bit long safe prime, generator 2
This is going to take a long time
...
When looking at the CPU usage, I notice that openssl is taking up 100.0%
CPU, implying it is only using one core. However, I have 16 cores on my
system, and it seems reasonable that each of the cores could run an
indipendent search for a safe prime starting with a different random
number. This would consume more entropy from the system, but assuming
sufficient entropy, should produce a result much sooner.
- -- System Information:
Debian Release: 9.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64
(x86_64)
Foreign Architectures: i386
Kernel: Linux 4.8.0-1-amd64 (SMP w/16 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages openssl depends on:
ii libc6 2.24-10
ii libssl1.1 1.1.0f-1
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20161130+nmu1
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCWShojgAKCRBrjrOgZc+6
qXNfAP9kfJm9tO/0bQQPwqfCSCwD1zZ4a3sRnNi2uhH9fzfqyQD+McUcNsz+GOHc
NkeVWdL3iEg3TJZZpzr+ZIWvSoZEVWWIdQQBFggAHRYhBO7QFYAT3C5tbgAepDe5
UHrP8gFuBQJZKGiOAAoJEDe5UHrP8gFu8G8BAOe1c6x4QcEXClFWOguFuNvvHeAw
ZTy79AAy19jobCidAP0fZBnJ6OJCgz23GDp7whclmLsWXSoKEo25ymZWKy24BQ==
=OLD3
-----END PGP SIGNATURE-----
More information about the Pkg-openssl-devel
mailing list