spinoso_random/urandom.rs
1use crate::UrandomError;
2
3/// Read random bytes, using platform-provided randomness.
4///
5/// `dest` is completely filled with bytes that are expected to be a
6/// cryptographically secure pseudo-random number in binary form.
7///
8/// In 2017, Linux manpage random(7) writes that "no cryptographic primitive
9/// available today can hope to promise more than 256 bits of security". So it
10/// might be questionable to pass a slice where `dest.len() > 32` to this
11/// method.
12///
13/// # Examples
14///
15/// ```
16/// use spinoso_random::Error;
17///
18/// # fn example() -> Result<(), Error> {
19/// let mut bytes = [0_u8; 32];
20/// spinoso_random::urandom(&mut bytes)?;
21/// assert!(!bytes.iter().all(|&b| b == 0));
22/// # Ok(())
23/// # }
24/// # example().unwrap();
25/// ```
26///
27/// # Errors
28///
29/// If the randomness feature provided by the platform is not present or failed
30/// to completely fill `dest`, an error is returned. This error should be raised
31/// as a [Ruby `RuntimeError`].
32///
33/// [Ruby `RuntimeError`]: https://ruby-doc.org/core-3.1.2/RuntimeError.html
34pub fn urandom(dest: &mut [u8]) -> Result<(), UrandomError> {
35 getrandom::fill(dest)?;
36 Ok(())
37}
38
39#[cfg(test)]
40mod tests {
41 use super::urandom;
42
43 #[test]
44 fn read_random_bytes() {
45 let mut buf_a = [0; 256];
46 let mut buf_b = [0; 256];
47 urandom(&mut buf_a).unwrap();
48 urandom(&mut buf_b).unwrap();
49 assert_ne!(buf_a, buf_b);
50 }
51}