1 //! Utilities for secure random number generation. 2 //! 3 //! # Examples 4 //! 5 //! To generate a buffer with cryptographically strong bytes: 6 //! 7 //! ``` 8 //! use openssl::rand::rand_bytes; 9 //! 10 //! let mut buf = [0; 256]; 11 //! rand_bytes(&mut buf).unwrap(); 12 //! ``` 13 use libc::c_int; 14 15 use crate::error::ErrorStack; 16 use crate::{cvt, LenType}; 17 use openssl_macros::corresponds; 18 19 /// Fill buffer with cryptographically strong pseudo-random bytes. 20 /// 21 /// # Examples 22 /// 23 /// To generate a buffer with cryptographically strong random bytes: 24 /// 25 /// ``` 26 /// use openssl::rand::rand_bytes; 27 /// 28 /// let mut buf = [0; 256]; 29 /// rand_bytes(&mut buf).unwrap(); 30 /// ``` 31 #[corresponds(RAND_bytes)] rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack>32pub fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> { 33 unsafe { 34 ffi::init(); 35 assert!(buf.len() <= c_int::max_value() as usize); 36 cvt(ffi::RAND_bytes(buf.as_mut_ptr(), buf.len() as LenType)).map(|_| ()) 37 } 38 } 39 40 /// Controls random device file descriptor behavior. 41 /// 42 /// Requires OpenSSL 1.1.1 or newer. 43 #[corresponds(RAND_keep_random_devices_open)] 44 #[cfg(ossl111)] keep_random_devices_open(keep: bool)45pub fn keep_random_devices_open(keep: bool) { 46 unsafe { 47 ffi::RAND_keep_random_devices_open(keep as LenType); 48 } 49 } 50 51 #[cfg(test)] 52 mod tests { 53 use super::rand_bytes; 54 55 #[test] test_rand_bytes()56 fn test_rand_bytes() { 57 let mut buf = [0; 32]; 58 rand_bytes(&mut buf).unwrap(); 59 } 60 } 61