On Sat, Jun 18, 2011 at 6:01 PM, James Cloos <cl...@jhcloos.com> wrote: >>>>>> "JL" == Jack Lloyd <ll...@randombit.net> writes: > > JL> It's also supported in (very very recent) GNU binutils. > > The sample code Intel provided on that page compiled/assembled > correctly here, using binutils-2.21. > Did you notice......
In rdrand.c, near lines 420 and 460, there are two functions (_rdrand_get_seed128_retry and _rdrand_get_seed128_method2_retry) which claim: Creates a random value that is fully forward and backward prediction resistant, suitable for seeding a NIST SP800-90 Compliant, FIPS 1402-2 certifiable SW DRBG It appears none of the sensitive material (key, forward value, and XOR'd intermediate result) is zeroized. Zeroization is a FIPS 140-2 Level 1 requirement. Jeff _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography