Struct rand::rngs::OsRng [−][src]
A random number generator that retrieves randomness straight from the operating system.
This is the preferred external source of entropy for most applications.
Commonly it is used to initialize a user-space RNG, which can then be used
to generate random values with much less overhead than OsRng
.
You may prefer to use EntropyRng
instead of OsRng
. It is unlikely, but
not entirely theoretical, for OsRng
to fail. In such cases EntropyRng
falls back on a good alternative entropy source.
OsRng::new()
is guaranteed to be very cheap (after the first successful
call), and will never consume more than one file handle per process.
Platform sources
OS | interface |
---|---|
Linux, Android | getrandom system call if available, otherwise /dev/urandom after reading from /dev/random once |
Windows | RtlGenRandom |
macOS, iOS | SecRandomCopyBytes |
FreeBSD | kern.arandom |
OpenBSD, Bitrig | getentropy |
NetBSD | /dev/urandom after reading from /dev/random once |
Dragonfly BSD | /dev/random |
Solaris, illumos | getrandom system call if available, otherwise /dev/random |
Fuchsia OS | cprng_draw |
Redox | rand: |
CloudABI | random_get |
Haiku | /dev/random (identical to /dev/urandom ) |
Web browsers | Crypto.getRandomValues (see Support for WebAssembly and ams.js) |
Node.js | crypto.randomBytes (see Support for WebAssembly and ams.js) |
Rand doesn’t have a blanket implementation for all Unix-like operating
systems that reads from /dev/urandom
. This ensures all supported operating
systems are using the recommended interface and respect maximum buffer
sizes.
Support for WebAssembly and ams.js
The three Emscripten targets asmjs-unknown-emscripten
,
wasm32-unknown-emscripten
and wasm32-experimental-emscripten
use
Emscripten’s emulation of /dev/random
on web browsers and Node.js.
Unfortunately it falls back to the insecure Math.random()
if a browser
doesn’t support Crypto.getRandomValues
.
The bare Wasm target wasm32-unknown-unknown
tries to call the javascript
methods directly, using stdweb
in combination with cargo-web
.
wasm-bindgen
is not yet supported.
Early boot
It is possible that early in the boot process the OS hasn’t had enough time yet to collect entropy to securely seed its RNG, especially on virtual machines.
Some operating systems always block the thread until the RNG is securely seeded. This can take anywhere from a few seconds to more than a minute. Others make a best effort to use a seed from before the shutdown and don’t document much.
A few, Linux, NetBSD and Solaris, offer a choice between blocking, and
getting an error. With try_fill_bytes
we choose to get the error
(ErrorKind::NotReady
), while the other methods use a blocking interface.
On Linux (when the genrandom
system call is not available) and on NetBSD
reading from /dev/urandom
never blocks, even when the OS hasn’t collected
enough entropy yet. As a countermeasure we try to do a single read from
/dev/random
until we know the OS RNG is initialized (and store this in a
global static).
Panics
OsRng
is extremely unlikely to fail if OsRng::new()
, and one read from
it, where succesfull. But in case it does fail, only try_fill_bytes
is
able to report the cause. Depending on the error the other RngCore
methods will retry several times, and panic in case the error remains.
Implementations
impl OsRng
[src]
Trait Implementations
impl Clone for OsRng
[src]
impl CryptoRng for OsRng
[src]
impl Debug for OsRng
[src]
impl RngCore for OsRng
[src]
Auto Trait Implementations
impl RefUnwindSafe for OsRng
impl Send for OsRng
impl Sync for OsRng
impl Unpin for OsRng
impl UnwindSafe for OsRng
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<R> Rng for R where
R: RngCore + ?Sized,
[src]
R: RngCore + ?Sized,
fn gen<T>(&mut self) -> T where
Standard: Distribution<T>,
[src]
Standard: Distribution<T>,
fn gen_range<T: PartialOrd + SampleUniform>(&mut self, low: T, high: T) -> T
[src]
fn sample<T, D: Distribution<T>>(&mut self, distr: D) -> T
[src]
fn sample_iter<'a, T, D: Distribution<T>>(
&'a mut self,
distr: &'a D
) -> DistIter<'a, D, Self, T>ⓘ where
Self: Sized,
[src]
&'a mut self,
distr: &'a D
) -> DistIter<'a, D, Self, T>ⓘ where
Self: Sized,
fn fill<T: AsByteSliceMut + ?Sized>(&mut self, dest: &mut T)
[src]
fn try_fill<T: AsByteSliceMut + ?Sized>(
&mut self,
dest: &mut T
) -> Result<(), Error>
[src]
&mut self,
dest: &mut T
) -> Result<(), Error>
fn gen_bool(&mut self, p: f64) -> bool
[src]
fn choose<'a, T>(&mut self, values: &'a [T]) -> Option<&'a T>
[src]
fn choose_mut<'a, T>(&mut self, values: &'a mut [T]) -> Option<&'a mut T>
[src]
fn shuffle<T>(&mut self, values: &mut [T])
[src]
fn gen_iter<T>(&mut self) -> Generator<T, &mut Self>ⓘ where
Standard: Distribution<T>,
[src]
Standard: Distribution<T>,
fn gen_weighted_bool(&mut self, n: u32) -> bool
[src]
fn gen_ascii_chars(&mut self) -> AsciiGenerator<&mut Self>ⓘNotable traits for AsciiGenerator<R>
impl<R: RngCore> Iterator for AsciiGenerator<R> type Item = char;
[src]
Notable traits for AsciiGenerator<R>
impl<R: RngCore> Iterator for AsciiGenerator<R> type Item = char;
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
pub fn to_owned(&self) -> T
[src]
pub fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,