Re: spw – secure password generator
Jim Cheetham
jim at gonzul.net
Tue Dec 20 04:04:46 GMT 2016
Ah, I see. So are you leaving it to the user to configure the OneRNG's
settings, so that there is data being emitted? Or are you controlling
the device settings from within spw? I didn't see any code for that
...
Certainly for our device, it is important to be careful to get it
configured properly; if the device is silent, your call to read data
from it may just block forever, as you don't have any timeout that I
can see.
Additionally, we're primarily an entropy source, and the data gathered
from OneRNG is expected to be carefully mixed into an existing pool.
If you have not configured whitening (which is "only" CRC16) then
you'd be getting some bias in there as well.
I guess this could all be addressed with a usage example and some
sample commands in the documentation :-) It doesn't seem to be
reasonable to put this sort of control code into the main program
itself.
-jim
More information about the Discuss
mailing list