Module rand

Cryptographic pseudo-random number generation.

An application should create a single SystemRandom and then use it for all randomness generation. Functions that generate random bytes should take a &dyn SecureRandom parameter instead of instantiating their own. Besides being more efficient, this also helps document where non-deterministic (random) outputs occur. Taking a reference to a SecureRandom also helps with testing techniques like fuzzing, where it is useful to use a (non-secure) deterministic implementation of SecureRandom so that results can be replayed. Following this pattern also may help with sandboxing (seccomp filters on Linux in particular). See SystemRandom’s documentation for more details.

Example

use aws_lc_rs::{rand, rand::SecureRandom};

//  Using `rand::fill`
let mut rand_bytes = [0u8; 32];
rand::fill(&mut rand_bytes).unwrap();

// Using `SystemRandom`
let rng = rand::SystemRandom::new();
rng.fill(&mut rand_bytes).unwrap();

// Using `rand::generate`
let random_array = rand::generate(&rng).unwrap();
let more_rand_bytes: [u8; 64] = random_array.expose();

Structs

• Random
  A random value constructed from a SecureRandom that hasn’t been exposed through any safe Rust interface.
• SystemRandom
  A secure random number generator where the random values come from the underlying AWS-LC libcrypto.

Traits

• RandomlyConstructable
  A type that can be returned by aws_lc_rs::rand::generate().
• SecureRandom
  A secure random number generator.

Functions

• fill
  Fills dest with random bytes.
• generate
  Generate the new random value using rng.