Hey, I updated the random number code in ETUUID. Now it will use arc4random if available - this function is declared in stdlib.h on BSD's, and it looks like an ideal function for us. It seeds itself using /dev/urandom, has a large state (I think it's 128 bytes or more), and is supposed to be fast. I believe it works something along the lines of: encrypt the internal state with the RC4 stream cipher, return the RC4 output as random bytes, and mix the output back in to the internal state, and repeat. If we wanted to we could use this function on linux as well by requiring the libbsd library, but I'm not sure if it's worth it.
Platforms without arc4random will use libcrypto's RNG. This is also supposed to seed itself on platforms with /dev/urandom, and on Windows using the windows crypto API. My only concern is, if it isn't on one of those platforms, it returns an error instead of seeding itself with gettimeofday. I'm also not sure how fast/slow libcrypto's RNG is. The old code used srandom(int x) on non-BSD platforms. The big problem with using this to generate UUID's is, assuming sizeof(int)==4, you will only get 2^32 possible UUID sequences.In other words, the first UUID generated by ETUUID will be one out of a list of ~4 billion which you can easily precompute… this is clearly a bad property for a UUID generator to have. -Eric _______________________________________________ Etoile-dev mailing list [email protected] https://mail.gna.org/listinfo/etoile-dev
