crypto/rand: switch to arc4random_buf
This doesn't have the potential blocking issue of the getentropy call (which calls WASI random_get when using wasi-libc) and should therefore be a lot faster. For context, this is what the random_get documentation says: > Write high-quality random data into a buffer. This function blocks > when the implementation is unable to immediately provide sufficient > high-quality random data. This function may execute slowly, so when > large mounts of random data are required, it's advisable to use this > function to seed a pseudo-random number generator, rather than to > provide the random data directly.
Этот коммит содержится в:
Ayke van Laethem
Ron Evans
родитель
4f7b23c2b7
коммит
d05103668f
2 изменённых файлов: 30 добавлений и 38 удалений
30
src/crypto/rand/rand_arc4random.go
Обычный файл
30
src/crypto/rand/rand_arc4random.go
Обычный файл
|
|
@ -0,0 +1,30 @@
|
|||
// +build darwin freebsd tinygo.wasm
|
||||
|
||||
// This implementation of crypto/rand uses the arc4random_buf function
|
||||
// (available on both MacOS and WASI) to generate random numbers.
|
||||
//
|
||||
// Note: arc4random_buf (unlike what the name suggets) does not use the insecure
|
||||
// RC4 cipher. Instead, it uses a high-quality cipher, varying by the libc
|
||||
// implementation.
|
||||
|
||||
package rand
|
||||
|
||||
import "unsafe"
|
||||
|
||||
func init() {
|
||||
Reader = &reader{}
|
||||
}
|
||||
|
||||
type reader struct {
|
||||
}
|
||||
|
||||
func (r *reader) Read(b []byte) (n int, err error) {
|
||||
if len(b) != 0 {
|
||||
libc_arc4random_buf(unsafe.Pointer(&b[0]), uint(len(b)))
|
||||
}
|
||||
return len(b), nil
|
||||
}
|
||||
|
||||
// void arc4random_buf(void *buf, size_t buflen);
|
||||
//export arc4random_buf
|
||||
func libc_arc4random_buf(buf unsafe.Pointer, buflen uint)
|
||||
|
|
@ -1,38 +0,0 @@
|
|||
// +build darwin freebsd tinygo.wasm
|
||||
|
||||
// This implementation of crypto/rand uses the getentropy system call (available
|
||||
// on both MacOS and WASI) to generate random numbers.
|
||||
|
||||
package rand
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
var errReadFailed = errors.New("rand: could not read random bytes")
|
||||
|
||||
func init() {
|
||||
Reader = &reader{}
|
||||
}
|
||||
|
||||
type reader struct {
|
||||
}
|
||||
|
||||
func (r *reader) Read(b []byte) (n int, err error) {
|
||||
if len(b) != 0 {
|
||||
if len(b) > 256 {
|
||||
b = b[:256]
|
||||
}
|
||||
result := libc_getentropy(unsafe.Pointer(&b[0]), len(b))
|
||||
if result < 0 {
|
||||
// Maybe we should return a syscall.Errno here?
|
||||
return 0, errReadFailed
|
||||
}
|
||||
}
|
||||
return len(b), nil
|
||||
}
|
||||
|
||||
// int getentropy(void *buf, size_t buflen);
|
||||
//export getentropy
|
||||
func libc_getentropy(buf unsafe.Pointer, buflen int) int
|
||||
Загрузка…
Создание таблицы
Сослаться в новой задаче