Hi All,
Has anyone ever tried the Infinite Noise TRNG hardware random number generator with OpenBSD? It's a USB stick that contains hardware to generate random numbers. See: https://github.com/13-37-org/infnoise I had a couple of these working with ArchLinux and would like to try using them with OpenBSD. Using either 6.6 or 6.7 the device is recognised at boot time: > uftdi0 at uhub0 port 2 configuration 1 interface 0 "13-37.org Infinite Noise > TRNG" rev 2.00/10.00 addr 3 ucom0 at uftdi0 portno 1 With libftdi1-1.4p2 installed I was able to compile the associated software using the supplied "Makefile.freebsd". So a pretty easy start ... > make -f Makefile.freebsd > cc -Wall -Wextra -Werror -std=c99 -O3 -fPIC -I Keccak -I > /usr/local/include/libftdi1 -DGIT_VERSION=\"\" -DGIT_COMMIT=\"\" > -DGIT_DATE=\"\" -c libinfnoise.c > cc -Wall -Wextra -Werror -std=c99 -O3 -fPIC -I Keccak -I > /usr/local/include/libftdi1 -DGIT_VERSION=\"\" -DGIT_COMMIT=\"\" > -DGIT_DATE=\"\" -c healthcheck.c > cc -c -o KeccakF-1600-reference.o Keccak/KeccakF-1600-reference.c -Wall > -Wextra -Werror -std=c99 -O3 -fPIC -I Keccak -I /usr/local/include/libftdi1 > -DGIT_VERSION=\"\" -DGIT_COMMIT=\"\" -DGIT_DATE=\"\" > ar rcs libinfnoise.a libinfnoise.o healthcheck.o KeccakF-1600-reference.o > ranlib libinfnoise.a > cc -Wall -Wextra -Werror -std=c99 -O3 -fPIC -I Keccak -I > /usr/local/include/libftdi1 -DGIT_VERSION=\"\" -DGIT_COMMIT=\"\" > -DGIT_DATE=\"\" -fvisibility=hidden -o libinfnoise.so libinfnoise.o > healthcheck.o KeccakF-1600-reference.o -L /usr/local/lib -Wl -lftdi1 -lm > -shared > cc -Wall -Wextra -Werror -std=c99 -O3 -fPIC -I Keccak -I > /usr/local/include/libftdi1 -DGIT_VERSION=\"\" -DGIT_COMMIT=\"\" > -DGIT_DATE=\"\" -c infnoise.c > cc -Wall -Wextra -Werror -std=c99 -O3 -fPIC -I Keccak -I > /usr/local/include/libftdi1 -DGIT_VERSION=\"\" -DGIT_COMMIT=\"\" > -DGIT_DATE=\"\" -c daemon.c > cc -Wall -Wextra -Werror -std=c99 -O3 -fPIC -I Keccak -I > /usr/local/include/libftdi1 -DGIT_VERSION=\"\" -DGIT_COMMIT=\"\" > -DGIT_DATE=\"\" -o infnoise infnoise.o daemon.o libinfnoise.a -lftdi1 -lm > -L. -L /usr/local/lib This creates an executable "driver" called infnoise which can be run as a daemon e.g. > doas ./infnoise -h > Usage: infnoise [options] > Options are: > -D, --debug - turn on some debug output > -R, --dev-random - write entropy to /dev/random instead of stdout > -r, --raw - do not whiten the output > -m, --multiplier <value> - write 256 bits * value for each 512 bits > written to > the Keccak sponge. Default of 0 means write all the entropy. > -n, --no-output - do not write random output data > -p, --pidfile <file> - write process ID to file > -d, --daemon - run in the background > -s, --serial <serial> - use specified device > -l, --list-devices - list available devices > -v, --version - show version information > -h, --help - this help output > ... The "list-devices" mode works nicely: > doas ./infnoise --list-devices > ... > ID: 0, Manufacturer: 13-37.org, Description: Infinite Noise TRNG, Serial: > 1337-ECA4E8A6 So far, so good ... But if I try getting actual random numbers, I get "read failed": > doas ./infnoise > ... > Error: USB read failed Any suggestions? Where am I going wrong? Maybe I shouldn't have taken that shortcut with the freebsd makefile? Or a security issue? Thanks in advance. Cheers, Robb.
