1//! Utilities for secure random number generation. 2//! 3//! # Examples 4//! 5//! To generate a buffer with cryptographically strong bytes: 6//! 7//! ``` 8//! use openssl::rand::rand_bytes; 9//! 10//! let mut buf = [0; 256]; 11//! rand_bytes(&mut buf).unwrap(); 12//! ``` 13use libc::c_int; 14 15use crate::error::ErrorStack; 16use crate::{cvt, LenType}; 17use openssl_macros::corresponds; 18 19/// Fill buffer with cryptographically strong pseudo-random bytes. 20/// 21/// # Examples 22/// 23/// To generate a buffer with cryptographically strong random bytes: 24/// 25/// ``` 26/// use openssl::rand::rand_bytes; 27/// 28/// let mut buf = [0; 256]; 29/// rand_bytes(&mut buf).unwrap(); 30/// ``` 31#[corresponds(RAND_bytes)] 32pub fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> { 33 unsafe { 34 ffi::init(); 35 assert!(buf.len() <= c_int::max_value() as usize); 36 cvt(ffi::RAND_bytes(buf.as_mut_ptr(), buf.len() as LenType)).map(|_| ()) 37 } 38} 39 40/// Controls random device file descriptor behavior. 41/// 42/// Requires OpenSSL 1.1.1 or newer. 43#[corresponds(RAND_keep_random_devices_open)] 44#[cfg(ossl111)] 45pub fn keep_random_devices_open(keep: bool) { 46 unsafe { 47 ffi::RAND_keep_random_devices_open(keep as LenType); 48 } 49} 50 51#[cfg(test)] 52mod tests { 53 use super::rand_bytes; 54 55 #[test] 56 fn test_rand_bytes() { 57 let mut buf = [0; 32]; 58 rand_bytes(&mut buf).unwrap(); 59 } 60} 61