This is a reasonable use.. This can simply be implemented in the primitive where /dev/random is used. It would only need a HW check during initialization to enable using the DRNG or leave it as is in the event HW does not support it..
Michael Demeter Staff Software Engineer Open Source Technology Center - SSG Intel Corporation On Oct 3, 2012, at 4:30 AM, Wan-Teh Chang <w...@google.com> wrote: > On Tue, Oct 2, 2012 at 9:02 PM, Robert Relyea <rrel...@redhat.com> wrote: >> >> But we can use it go seed the prng. There's a pretty easy way to get NSS to >> use HW generated values to get some initial entropy: If you create a PKCS >> #11 module that advertises a RNG (See the PKCS #11 spec), NSS will mix >> entropy from it's own internal PRNG as well as extract random values to mix >> into it's internal PRNG. Such a scheme would allow even old version of NSS >> to benefit from HW RNGs. >> >> As another step, there are a set of internal entropy collecting functions >> within NSS that are platform specific called: >> win_rand.c, unix_rand.c, and os2_rand.c. Mixing hardware generated bits into >> the RNG_SystemRNG() call would pick up new HW generated entropy whenever NSS >> decided it needs to reseed. > > Yes, we can use it as an entropy source. I think the latter method is better. > > I just verified that there is no DRBG validation certificate issued to Intel: > http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgval.html > > So I think we can only use it as an entropy source. > > Wan-Teh > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
