a. huh? b. I was assuming something similar to the Sun /dev/des, which is basically invoked as int cbc_crypt(key, data, datalen, mode, ivec) ^^^ If your chip is doing key generation for you, then testing is tougher. Adam A. Padgett Peterson P.E. Information Security wrote: | > Faking crypto chips for public algorithims is theoretically | >more difficult, because its simple to create a DES_verify routine to make | >sure your DES chip is working right. | | a) chips do not need makeup | b) t'were me, I would just fix the chip so that instead of 2^56 (DES) keys | or whatever, the PRNG was "fixed" so that the total keyspace was only 2^32 | for instance. Enough to be nearly impossible to check but small enough -- "It is seldom that liberty of any kind is lost all at once." -Hume