Re: Adding entropy from external source into random number generator - how?

On 3/26/22, freebsd-lists@sensation.net.au
<freebsd-lists@sensation.net.au> wrote:
> I think the best way to do it would be to call random_harvest_queue(...),
> but what do I use as the source enum (see /usr/include/sys/random.h)?
> ENTROPYSOURCE, I guess?

Try search for use of that function in the source, and
maybe look into how RNG cards attach even in /dev...
random(4)
random_harvest(9)
random_fortuna
kern.random.harvest.mask_symbolic
crypto(4)
crypto(9)
rndtest(4)

> I believe it's also possible to open /dev/random for write to inject entropy
> but I cannot find any mention of that scenario in the man pages.

Using serial port as entropy source (either as interrupt and/or data),
even USB video audio radios environmentals, might already have a
handbook or wiki page, if not then interested users could make one.

If injecting that data isn't in random(4), a script example of that is in...
/etc/rc.d/random

Along with some entropy file parts mentioned in...
loader.conf(5)
rc.conf(5)

The choice of 4096 bytes should be documented.

Search also ports for RNG things.

> whether ~45 kilobytes per second of
> additional entropy is even useful in a typical situation?

CSPRNGs often try not to break no matter how much
output is read, accept a bit-equivalent amount of random
seed (ie 256-bits), and are speed limited only by cpu system.

If doing only this: "HWRNG_stream XOR plaintext_stream",
then in that case you could only get ~45kB/s throughput.

> All entropy is good entropy, right?

At least one source must be good.
Having more good sources monitored and feeding
into things can serve as redundant coverage.


Search: Claude Shannon, one time pad, XOR, CSPRNG,
HWRNG, applications such as casinos bitcoin
keygeneration fobs, fun sources to collect, etc.