Hello. I am asking in this newsgroup, because I believe FIPS mode can affect the answer.
Let assume -- Token A is software token, and able to make ECC signatures. -- Token B is hardware token providing TRUE random numbers. Certainly, I'd like the token B be used as random number source as much as possible. Would it be correct if application takes random number from token B, and passes to token A to be used as ECC signature nonce ? Is it compatible with FIPS mode requirements ? Let's forget for a while that PKCS#11 doesn't provide a way to application to pass an own random to ECC signature mechanism. -- Konstantin Andreev -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
