|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: /dev/random hardware support
From: William Ahern (william
25thandClement.com)
Date: Mon Jan 24 2005 - 18:33:24 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Jan 24, 2005 at 04:14:35PM -0800, Scott Miller wrote:
> The current entry for random(4) still seems to indicate that /dev/random is
> reserved for future hardware RNG support. Has there been any sort of
> interface specified? Does any such hardware exist?
The hardware exists; I have such a device. They're just not directly
accessible. If I understood things last time I looked, drivers for these
devices simply feed the internal entropy pools using a simple API. I believe
the interface is documented in sys/dev/rnd.c. See
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/rnd.c?rev=HEAD
AFAIU, what needs to be resolved is whether, how and under what constraints
one can directly gather output from userspace; and what portion goes into
the system PRNG pools. You want to carefully protect the output of these
devices to prevent leakage and screwing with the system pools.
I've never actually touched the code, so don't be surprised if somebody
severly corrects me.
- Bill
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]