sysrand looks scary and is unused- delete?

[TomMD]

cryptonite_sysrand_init is not called anywhere afaict and it looks scarily wrong (out arg buf is unused, it just hashes the time and tosses the result).

[vincenthz]

It's not finished, and currently unused; it's supposed to provide to a non-constant memory initialization for the sysran buffer (which would then be xor-combined to cpu entropy generator), based on a "random" set of properties and system related identifications/state.

It's here to create """some entropy""" in case of a catastrophic failure of cpu's based rng (says someone patch the microcode to return 0 or something constant/guessable).

In a everything-is-working-as-usual scenario, I don't think it's very useful but I can't think of any downside (except performance); i.e. worst case, everything that is used is guessable, and the xor operation provides no additional security.

[vincenthz]

a similar approach that I just found recently: https://github.com/libressl-portable/openbsd/blob/master/src/lib/libcrypto/crypto/getentropy_linux.c#L337-L547