Most key dongles or smartcards let you load your own key on the device in a write-only fashion, or use the inherent secure cryptographic operations from the device to generate a key (which could subsequently tested if it is random enough through examining the public key portion and multiple tests).
> use the inherent secure cryptographic operations from the device to generate a key (which could subsequently tested if it is random enough through examining the public key portion and multiple tests).
It's not really possible to verify randomness this way - particularly for a device that already has a decent chunk of storage and crypto operahtions. Suppose the "random" number generator is actually an AES keystream coming from a key controlled by the NSA - how would you tell?
