Interface to the random number generator of the operating system.
OsRng is the preferred external source of entropy for most applications.Commonly it is used to initialize a user-space RNG, which can then be usedto generate random values with much less overhead thanOsRng.
You may prefer to useEntropyRng instead ofOsRng. It is unlikely, butnot entirely theoretical, forOsRng to fail. In such casesEntropyRngfalls back on a good alternative entropy source.
OsRng::new() is guaranteed to be very cheap (after the first successfulcall), and will never consume more than one file handle per process.
userand_os::OsRng;userand_os::rand_core::RngCore;letmutos_rng=OsRng::new().unwrap();letmutkey= [0u8;16];os_rng.fill_bytes(&mutkey);letrandom_u64=os_rng.next_u64();
| OS | interface |
|---|---|
| Linux, Android | getrandom system call if available, otherwise/dev/urandom after reading from/dev/random once |
| Windows | RtlGenRandom |
| macOS, iOS | SecRandomCopyBytes |
| FreeBSD | kern.arandom |
| OpenBSD, Bitrig | getentropy |
| NetBSD | /dev/urandom after reading from/dev/random once |
| Dragonfly BSD | /dev/random |
| Solaris, illumos | getrandom system call if available, otherwise/dev/random |
| Fuchsia OS | cprng_draw |
| Redox | rand: |
| CloudABI | random_get |
| Haiku | /dev/random (identical to/dev/urandom) |
| Web browsers | Crypto.getRandomValues (seeSupport for WebAssembly and ams.js) |
| Node.js | crypto.randomBytes (seeSupport for WebAssembly and ams.js) |
Rand doesn't have a blanket implementation for all Unix-like operatingsystems that reads from/dev/urandom. This ensures all supported operatingsystems are using the recommended interface and respect maximum buffersizes.
The three Emscripten targetsasmjs-unknown-emscripten,wasm32-unknown-emscripten andwasm32-experimental-emscripten useEmscripten's emulation of/dev/random on web browsers and Node.js.
The bare WASM targetwasm32-unknown-unknown tries to call the javascriptmethods directly, using eitherstdweb orwasm-bindgen depending on whatfeatures are activated for this crate. Note that if both features areenabledwasm-bindgen will be used.
It is possible that early in the boot process the OS hasn't had enough timeyet to collect entropy to securely seed its RNG, especially on virtualmachines.
Some operating systems always block the thread until the RNG is securelyseeded. This can take anywhere from a few seconds to more than a minute.Others make a best effort to use a seed from before the shutdown and don'tdocument much.
A few, Linux, NetBSD and Solaris, offer a choice between blocking, andgetting an error. Withtry_fill_bytes we choose to get the error(ErrorKind::NotReady), while the other methods use a blocking interface.
On Linux (when thegenrandom system call is not available) and on NetBSDreading from/dev/urandom never blocks, even when the OS hasn't collectedenough entropy yet. As a countermeasure we try to do a single read from/dev/random until we know the OS RNG is initialized (and store this in aglobal static).
We cannot guarantee thatOsRng will fail, but if it does, it will likelybe either whenOsRng::new() is first called or when data is first read.If you wish to catch errors early, then test reading of at least one bytefromOsRng viatry_fill_bytes. If this succeeds, it is extremelyunlikely that any further errors will occur.
Onlytry_fill_bytes is able to report the cause of an error; the otherRngCore methods may (depending on the error kind) retry several times,but must eventually panic if the error persists.
pub extern craterand_core; |
| OsRng | A random number generator that retrieves randomness straight from theoperating system. |
Prefix searches with a type followed by a colon (e.g.,fn:) to restrict the search to a given type.
Accepted types are:fn,mod,struct,enum,trait,type,macro, andconst.
Search functions by type signature (e.g.,vec -> usize or* -> vec)
Search multiple things at once by splitting your query with comma (e.g.,str,u8 orString,struct:Vec,test)