Paul Eggert writes: > I've been looking into this and have several patches along these lines. > None of them address message-unique-id directly yet (I plan to tackle > this soon) but they do address the general problem area. The basic idea > is to use a new make-nonce primitive. Thanks! I have read your patchset, which looks good to me. I have also attached my latest patch for `message-unique-id', but I'm not married to it if you have something better in mind. It could easily be updated to use `make-nonce' though. > (defun math-init-random-base () [...snip...] > + (declare (obsolete nil "29.1"))) This is a nit, but perhaps this could be simplified to: (declare-obsolete-function-alias 'math-init-random-base #'ignore "29.1) > diff --git a/src/sysdep.c b/src/sysdep.c > index 4786c8fa4f..5117460fc0 100644 > --- a/src/sysdep.c > +++ b/src/sysdep.c > @@ -2159,6 +2159,22 @@ seed_random (void *seed, ptrdiff_t seed_size) > set_random_seed (arg); > } > > +/* Set BUF, of size BUFSIZE, to random data derived from system entropy. */ > + > +void > +get_entropy (void *buf, ptrdiff_t bufsize) > +{ > + char *p = buf, *lim = p + bufsize; > + while (p < lim) > + { > + ssize_t gotten = getrandom (p, lim - p, 0); > + if (0 <= gotten) > + p += gotten; > + else if (errno != EINTR) > + report_file_error ("Getting random data", Qnil); > + } > +} If we claim that the random data is suitable for cryptographic purposes, should we be using the GRND_RANDOM flag here? On Linux, flags 0 and GRND_RANDOM are equivalent (I read the most recent kernel code to verify this). But I have no idea about other platforms.