|
115 | 115 | //! entropy yet. To avoid returning low-entropy bytes, we first poll |
116 | 116 | //! `/dev/random` and only switch to `/dev/urandom` once this has succeeded. |
117 | 117 | //! |
| 118 | +//! On OpenBSD, this kind of entropy accounting isn't available, and on |
| 119 | +//! NetBSD, blocking on it is discouraged. On these platforms, nonblocking |
| 120 | +//! interfaces are used, even when reliable entropy may not be available. |
| 121 | +//! On the platforms where it is used, the reliability of entropy accounting |
| 122 | +//! itself isn't free from controversy. This library provides randomness |
| 123 | +//! sourced according to the platform's best practices, but each platform has |
| 124 | +//! its own limits on the grade of randomness it can promise in environments |
| 125 | +//! with few sources of entropy. |
| 126 | +//! |
118 | 127 | //! ## Error handling |
119 | 128 | //! |
120 | | -//! We always choose failure over returning insecure "random" bytes. In general, |
121 | | -//! on supported platforms, failure is highly unlikely, though not impossible. |
122 | | -//! If an error does occur, then it is likely that it will occur on every call to |
123 | | -//! `getrandom`, hence after the first successful call one can be reasonably |
124 | | -//! confident that no errors will occur. |
| 129 | +//! We always choose failure over returning known insecure "random" bytes. In |
| 130 | +//! general, on supported platforms, failure is highly unlikely, though not |
| 131 | +//! impossible. If an error does occur, then it is likely that it will occur |
| 132 | +//! on every call to `getrandom`, hence after the first successful call one |
| 133 | +//! can be reasonably confident that no errors will occur. |
125 | 134 | //! |
126 | 135 | //! [1]: http://man7.org/linux/man-pages/man2/getrandom.2.html |
127 | 136 | //! [2]: http://man7.org/linux/man-pages/man4/urandom.4.html |
|
0 commit comments