search

rust-random / getrandom

A small cross-platform library for retrieving random data from (operating) system source
Apache License 2.0
264 stars 166 forks source link

Use ProcessPrng on Windows #415

Closed josephlr closed 1 month ago

josephlr commented 2 months ago

Use ProcessPrng on Windows 10 and up, and use RtlGenRandom on older legacy Windows versions. Don't use BCryptGenRandom due to stability issues.

josephlr commented 1 month ago

@briansmith the above are really good point w.r.t. sandboxing. I think that it would be good to have general documentation along the lines of "before starting a sandbox, you should first successfully call getrandom() on a non-empty buffer". That should be good platform-agnostic advice, and will handle things like LoadLibrary and libc::dlsym.

More generally, this won't work inside many sandboxes, including Chromium's.

I think that this won't cause issues in some sandboxes provided that ProcessPRNG is already loaded. IIRC the sandbox only complains on loading a new dll, not upon looking up a symbol from an already loaded DLL. Regardless, having specific documentation will be good here.

josephlr commented 1 month ago

@newpavlov and @briansmith this is now ready for review!