rndtest(4) FIPS 140-2 random number generator test monitor

SYNOPSIS

device rndtest

DESCRIPTION

The driver ``hooks up'' to hardware crypto devices to monitor the entropy data passed to the random(4) subsystem. This data is periodically tested for FIPS 140-2 compliance and statistics are collected. If the harvested entropy fails any of the FIPS test suite, then it is discarded and testing is continuously applied until ``good data'' is received from the device. Failures are optionally reported on the console.

HISTORY

The idea for this and the original code came from An Jason L. Wright . The device driver first appeared in Fx 5.0 .

BUGS

Crypto device drivers must be compiled specially to make use of this driver; this should not be necessary. This feature might better be integrated into the random(4) subsystem where it can be applied to devices that claim to supply ``pure entropy''