Patrick Lamaizière wrote: > Le Tue, 02 Sep 2008 18:15:00 -0500, > "James R. Van Artsdalen" <[EMAIL PROTECTED]> a écrit : > > >> Has Hi/fn stated what kind of random number generator the 7955 has? >> >> How is this enabled in FreeBSD 7? I've added these lines to the >> kernel config file: >> >> device crypto # core crypto support >> device cryptodev # /dev/crypto for access to h/w >> device hifn # Hifn 7951, 7781, etc. >> options HIFN_DEBUG # enable debugging support: hw.hifn.debug >> options HIFN_RNDTEST # enable rndtest support >> device rndtest # FIPS 140-2 entropy tester >> >> I'm not convinced it's being used instead of the kernal's Yarrow >> code. >> > > It should work. > By default rndtest only reports failure, use the sysctl > kern.rndtest.verbose=2 (not sure for the sysctl, something like that) to > reports success. > > Thanks. rndtest is working but the hifn is apparently not being used by openssl at all - hifnstats reports no activity as a result of "openssl speed". cryptostats reports no activity either. cryptotest does result in some activity in cryptostats and hifnstats so it may be an openssl issue with /dev/crypto
It's still not clear if the kernel is using the hifn for random numbers or not. And even if it is, I can't find any indication of what sort of RNG hifn uses or how good it is. _______________________________________________ Soekris-tech mailing list [email protected] http://lists.soekris.com/mailman/listinfo/soekris-tech
