Lib.rs

Cryptography
#random #numbers #randomness #getrandom #generator #panic #verifier

no-std getrandom_or_panic

Implements a RngCore which panics unless getrandom exists

Owned by Jeff Burdges.

2 releases

0.0.3 Nov 21, 2023
0.0.2 Nov 21, 2023
0.0.1 Nov 21, 2023

#478 in Cryptography

Download history 45866/week @ 2024-07-22 39905/week @ 2024-07-29 46160/week @ 2024-08-05 59254/week @ 2024-08-12 40801/week @ 2024-08-19 53006/week @ 2024-08-26 58281/week @ 2024-09-02 55747/week @ 2024-09-09 56797/week @ 2024-09-16 55500/week @ 2024-09-23 58763/week @ 2024-09-30 62062/week @ 2024-10-07 58872/week @ 2024-10-14 64932/week @ 2024-10-21 52387/week @ 2024-10-28 66173/week @ 2024-11-04

244,207 downloads per month
Used in 727 crates (via schnorrkel)

BSD-3-Clause

4KB

getrandom_or_panic

Addresses one minor conundrum in cryptography crates:

We want end user signers and provers to dependend directly upon getrandom for system randomness, so that users cannot supply insecure random number generators.

We need verifiers to run in contexts without system randomness though, like block chains.

We'd ideally seperate provers and verifiers using features, but doing so becomes tricky as crates become more complex, and makes insecure backends for getrandom tempting.

Instead, we pretend that system randomness exists to satisfy the compiler, but panic if called without getrandom. You could still provide an insecure getrandom, but now you've been warnned about this footgun.

lib.rs:

Returns OsRng with getrandom, or a CryptoRng which panics without getrandom.

Dependencies

~235KB