Document-by-example proper safe usage, especially with respect to initialization and seeding.
Use entropy as a default argument: CSPRNG = MbedTLS.CtrDrbg() does not give us a usable state. I am happy to report that direct calls to rand(CSPRNG, n) segfault instead of returning bad random. This is laudable: bad random is almost the worst possible behavior; a clean panic, or even a segfault is a much safer outcome. Exploitable memory corruption is the only worse thing one could possibly do.
Either implement the Random interface correctly, or do not declare as a subtype of AbstractRNG. For comparison:
4. Alternatively, don't export at all. People can look for other ways of generating secure random; better send them off than provide an option that is not misuse resistant.
Generating nonces is a very typical need. This is rather inconvenient with the currently existing exports. The issue came up when looking for a fix for https://github.com/GenieFramework/Genie.jl/issues/162 . Tangentially related https://github.com/JuliaLang/julia/issues/27614
What I'd like to see:
CSPRNG = MbedTLS.CtrDrbg()does not give us a usable state. I am happy to report that direct calls torand(CSPRNG, n)segfault instead of returning bad random. This is laudable: bad random is almost the worst possible behavior; a clean panic, or even a segfault is a much safer outcome. Exploitable memory corruption is the only worse thing one could possibly do.AbstractRNG. For comparison:julia> rand(rng2, Float32) ERROR: ArgumentError: Sampler for this object is not defined
julia> rand(rng1, 2) 2-element Array{Float64,1}: 0.32157480543452466 0.032868961307404465
julia> rand(rng2, 2) 2-element Array{UInt8,1}: 0xc6 0x2f