[Openswan dev] Support for hardware random number generators

[Paul Wouters]

On Wed, 19 Nov 2008, Vrabete, Brad wrote:

> I have noticed the support for /dev/hw_random has been dropped in the last
> versions. What was the reason? Low quality of existing HW RNG?

/dev/hw_random is not meant to be used directly. You must run rngd which
reads /dev/hw_random, runs FIPS 140-2 tests and adds to /dev/random. So
all applications should only use /dev/random itself.

And yes, on certain intel/amd setups we got streams of zero's out of
/dev/hw_random.

Paul