For what it's worth...I read ... RAND_pseudo_bytes() puts num pseudo-random bytes into buf. Pseudo-ran-dom Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be unique if they are of sufficient length, but are not necessarily unpredictable. They can be used for non-cryptographic purposes and for certain purposes in cryptographic protocols, but usually not for key generation etc.
You must also handle return codes after executing RAND_pseudo_bytes() and provide a means to retry after a failure. and also... The arc4random() function uses the key stream generator employed by the arc4 cipher, which uses 8*8 8 bit S-Boxes. The S-Boxes can be in about (2**1700) states. There is no need to call arc4random_stir() before using arc4random(), since arc4random() automatically initializes itself. That was enough information to influence my opinion. Marty B --
smime.p7s
Description: S/MIME Cryptographic Signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
