2010/12/21 Joachim Schipper <joac...@joachimschipper.nl>: > + get_random_bytes(buf, sizeof(buf)); > + nanotime(&ts); > + for (i = 0; i < sizeof(ts); i++) > + buf[i] ^= ((uint8_t *) &ts)[i];
I like the idea of using XOR. However, there are two issues: 1.) if nanotime() was called because of not enough random data from get_random_bytes() then you could end up with only the value &ts in buf. Why not use a md5 hash of the time value (better than the plain time value) or better just don't use the time value at all. I think get_random_bytes will allways return enough random data - see my other post. 2.) don't forget to check if sizeof(ts) <= sizeof(buf), otherwise you will create a buffer overrun. Regards Kurt Knochner http://knochner.com/
