Re: [Cerowrt-devel] pcengines apu2c4 hardware random number generation

[Josh Datko <jbdatko@gmail.com>]

On Wed, 2016-05-04 at 16:28 -0700, Dave Taht wrote:
> so I figure that there might be something even simpler out there from
> the pi-ish or beaglebone world that could be repurposed to suit?

I've used Atmel's CryptoAuthentication chips routinely. They are i2c
based and have a (proprietary) RNG on them. I have a few linux driver
options for using them.

Presumably, you want this HWRNG thing to be inside the case. Looking at
that pdf, jumper J4 says it's an I2C connector. Those Atmel chips I was
playing with are all i2c, so you could try flywiring those to the
connector.

I'm not sure what pin is what, but PWR and GND should be easy to find
and then SDA/SCL I just plug and and try. If it doesn't work, swap the
pins.

As long as the CPU has access to that i2c bus, (is there an i2c-tools
equivalent on cerowrt?), then you should see it.

miniPCIe has I2C as well. I had this idea once to take a miniPCI card
and solder the atmel chips to the SDA/SCL lines.

8-pin molex connectors should be easy to find and it probably wouldn't
be too bad to make it a "proper" expansion board, but ... loose wires
make life more exciting :)

Josh

links:

Out-of-tree kernel driver for Atmel AT204/108/508 chips with /dev/hwrng
support: https://github.com/cryptotronix/atsha204-i2c

CLI application using the AT204: https://github.com/cryptotronix/hashle
t

Digikey: https://www.digikey.com/product-detail/en/atmel/ATECC508A-SSHD
A-B/ATECC508A-SSHDA-B-ND/5213053

^ The 204A are cheaper, the 508A have ECDSA/ECDH as well as the RNG and
my "eclet" driver will support ecdsa signing/ecdh, so might as well get
those vs. the 204A.