Hi all, I did some searching in the archives but wasn't able to see if someone else asked this question before. If it's been discussed before and I missed it then I apologize in advance for the weakness of my search-fu and would appreciate it if someone might point me in the right direction.
That said, I was curious if it is possible for GPG to use the hardware RNG in an OpenPGP smartcard (either the GnuPG-branded one sold by Kernel Concepts or ones like the GPF Crypto Stick) as an entropy source for non-card-based operations. For example, if I were to generate a long-term OpenPGP key (not generated on the card) I'd like to ensure that the system has a high degree of entropy. I currently use a Simtec Entropy Key[1] for creating entropy for otherwise entropy-starved systems (mostly low-activity VMs) and this works well[2], but it'd be nice to also add in entropy from the smartcard hardware RNG as well. While it might be nice to use the smartcard's HRNG to feed /dev/random, I'm mostly interested in using it as an entropy source for key generation or other entropy-dependent functions if the card is inserted and available. Is this possible? Cheers! -Pete [1] http://www.entropykey.co.uk/ [3] [2] It generates entropy using two hardware generators, does a series of tests on them, and assuming they pass the tests, feeds them to a daemon that feeds into a *nix system's entropy pool. One can then access the entropy through normal methods, such as by accessing /dev/random. [3] ObDisclaimer: I have no connection or relationship with the company. I'm merely a customer who owns the device they sell. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
