> I didn't find build instructions to say "use local entropy devices/daemons > whenever available" let alone "require their service at startup". What a > pitty -- it sounds like they leave it to SoftHSM to do this work, even if > the OS has proper sources of entropy. >
Botan do try to use e.g. /dev/random, /dev/srandom, /dev/urandom, /var/run/egd-pool, /dev/egd-pool before trying the unix commands. (Botan 1.11 will do EGD after the unix commands) http://botan.randombit.net/doxygen/global__rng_8cpp_source.html#l00065 If we would add entropy sources directly in SoftHSM, I think would do similar to how Botan is doing it. So it is much better to leave it to Botan. Just that we verify the build flags. // Rickard
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
