On 07/24/2012 11:19 AM, Vasantharangan, Shruthi M. wrote:
Hi,
We require a random number generator that's FIPS2 complaint on RedHat Linux
5.6.
In the linux rpm for NSS nss-3.12.8-1.el5. I find random generation api's in
pkcs11f.h.
If I use them can I be sure that the random data generated is FIPS2
complaint?
What is the api to set NSS in FIPS Mode?
pk11pub.h:SECStatus PK11_GenerateRandom(unsigned char *data,int len);
yes, PK11_GenerateRandom calls the FIPS validate PRNG in softoken, which
has been validated to FIP-140-2 level 2.
bob
Rgds
Shruthi
_____________________________________________________
This electronic message and any files transmitted with it contains
information from iDirect, which may be privileged, proprietary
and/or confidential. It is intended solely for the use of the individual
or entity to whom they are addressed. If you are not the original
recipient or the person responsible for delivering the email to the
intended recipient, be advised that you have received this email
in error, and that any use, dissemination, forwarding, printing, or
copying of this email is strictly prohibited. If you received this email
in error, please delete it and immediately notify the sender.
_____________________________________________________
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
