summaryrefslogtreecommitdiffstats
path: root/third_party/rust/getrandom
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
commit26a029d407be480d791972afb5975cf62c9360a6 (patch)
treef435a8308119effd964b339f76abb83a57c29483 /third_party/rust/getrandom
parentInitial commit. (diff)
downloadfirefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz
firefox-26a029d407be480d791972afb5975cf62c9360a6.zip
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'third_party/rust/getrandom')
-rw-r--r--third_party/rust/getrandom/.cargo-checksum.json1
-rw-r--r--third_party/rust/getrandom/CHANGELOG.md435
-rw-r--r--third_party/rust/getrandom/Cargo.toml94
-rw-r--r--third_party/rust/getrandom/LICENSE-APACHE201
-rw-r--r--third_party/rust/getrandom/LICENSE-MIT26
-rw-r--r--third_party/rust/getrandom/README.md64
-rw-r--r--third_party/rust/getrandom/SECURITY.md13
-rw-r--r--third_party/rust/getrandom/benches/buffer.rs71
-rw-r--r--third_party/rust/getrandom/src/3ds.rs18
-rw-r--r--third_party/rust/getrandom/src/apple-other.rs27
-rw-r--r--third_party/rust/getrandom/src/bsd_arandom.rs54
-rw-r--r--third_party/rust/getrandom/src/custom.rs114
-rw-r--r--third_party/rust/getrandom/src/dragonfly.rs30
-rw-r--r--third_party/rust/getrandom/src/emscripten.rs13
-rw-r--r--third_party/rust/getrandom/src/error.rs191
-rw-r--r--third_party/rust/getrandom/src/error_impls.rs24
-rw-r--r--third_party/rust/getrandom/src/espidf.rs26
-rw-r--r--third_party/rust/getrandom/src/fuchsia.rs21
-rw-r--r--third_party/rust/getrandom/src/hermit.rs21
-rw-r--r--third_party/rust/getrandom/src/hurd.rs18
-rw-r--r--third_party/rust/getrandom/src/js.rs161
-rw-r--r--third_party/rust/getrandom/src/lib.rs351
-rw-r--r--third_party/rust/getrandom/src/linux_android.rs48
-rw-r--r--third_party/rust/getrandom/src/macos.rs36
-rw-r--r--third_party/rust/getrandom/src/openbsd.rs22
-rw-r--r--third_party/rust/getrandom/src/rdrand.rs130
-rw-r--r--third_party/rust/getrandom/src/solaris_illumos.rs49
-rw-r--r--third_party/rust/getrandom/src/solid.rs26
-rw-r--r--third_party/rust/getrandom/src/use_file.rs138
-rw-r--r--third_party/rust/getrandom/src/util.rs101
-rw-r--r--third_party/rust/getrandom/src/util_libc.rs159
-rw-r--r--third_party/rust/getrandom/src/vita.rs21
-rw-r--r--third_party/rust/getrandom/src/vxworks.rs37
-rw-r--r--third_party/rust/getrandom/src/wasi.rs25
-rw-r--r--third_party/rust/getrandom/src/windows.rs66
-rw-r--r--third_party/rust/getrandom/tests/common/mod.rs100
-rw-r--r--third_party/rust/getrandom/tests/custom.rs54
-rw-r--r--third_party/rust/getrandom/tests/normal.rs11
-rw-r--r--third_party/rust/getrandom/tests/rdrand.rs20
39 files changed, 3017 insertions, 0 deletions
diff --git a/third_party/rust/getrandom/.cargo-checksum.json b/third_party/rust/getrandom/.cargo-checksum.json
new file mode 100644
index 0000000000..fc46f728c8
--- /dev/null
+++ b/third_party/rust/getrandom/.cargo-checksum.json
@@ -0,0 +1 @@
+{"files":{"CHANGELOG.md":"fe1a0dc50ac5c7bdd60591f6d1027072c68dcf142131945f782169c74b9e8188","Cargo.toml":"5506345251dee6e156a3d0072d2b3b6bc6894d8cf91adb85fefe211741e7c7f9","LICENSE-APACHE":"aaff376532ea30a0cd5330b9502ad4a4c8bf769c539c87ffe78819d188a18ebf","LICENSE-MIT":"209fbbe0ad52d9235e37badf9cadfe4dbdc87203179c0899e738b39ade42177b","README.md":"e5858de17fc28ec7a3a62cbefedd301ace8a85291d0aad5cb416824d1b5abadd","SECURITY.md":"816ea79f8c7937888ab5a972a1efb270c4bada028b448953a195359fe11d526e","benches/buffer.rs":"242f56eaeecd1d0a0f6f9419d1bf312b8d211215355022bd4aef5e5e0f53e2a5","src/3ds.rs":"e41b653723740ed89fa68f495b64125786e8dec002e3556d164c5795db62ea50","src/apple-other.rs":"3ff0abc72786a2ac063cdc5df4d18cc53dc493cd68fcb33734cf40cfdbb8f644","src/bsd_arandom.rs":"cfa0627a6b4d1f37065d415972ab813bf1c9f43979d2ff9440c92a53868123aa","src/custom.rs":"a256bd6e7e9bb560803f23a36bd437859ea8a9d8ec92608930b94b33e7314c64","src/dragonfly.rs":"047008e742a7a8050e61ed9626b9f4146dfaa0675e11d6f3680eb8af498d9a6d","src/emscripten.rs":"e0b3b44b52f54454ec3e0a9e7c5222003369d9d1575cc0652e3e7cbe1b3b6da7","src/error.rs":"ff09a7e02d7aff3e45eca6bbef6c686cc46f3c2371a0897a856e4dec4b942e46","src/error_impls.rs":"9c34832ebb99cd5e31bc5c8ffc5beb5b3fa6f7ff0226aaa1cdf8e10e6d64b324","src/espidf.rs":"915ca14cbf9299de51a3c67f34fdd252461d6545f33a7232dfb7fa247ccc0209","src/fuchsia.rs":"d307b15db9f2d67b43050ae6027779a6eb2b8a69e1e89931b55b767aa2622250","src/hermit.rs":"18fdd7917c73f8b16aa82b18003948d32f9b314da10e16ef9cd2fa077b17af00","src/hurd.rs":"1053908c4eaeae9e44078c9509aa80268caa1d66642b7c6a9a80f5b9f0e63fb0","src/js.rs":"c4cd60bcfe63f8affe947773197e288536ab205a73001059f39fc2e5688e98b6","src/lib.rs":"178b4b1dae3a41721f365ea5a4eda3f5b936b310afa4431935968e96edac3120","src/linux_android.rs":"e5f9e579bbde254fcab8f6b79b893d6b74054e023b21c56a3b2b21d8f4b4d825","src/macos.rs":"8f51e095906e751b68e837bfc63cc02b243e1698b66353566ccba507c81ddad3","src/openbsd.rs":"f6fd0aa74f704335a7e0532bf5e61a7ca90b0cbc398a9c01a0fd891b6fabca0c","src/rdrand.rs":"846ac7b8380a05a50e0592dca57338beb1634c0efc878d6d1e9421be3469a744","src/solaris_illumos.rs":"7209c8b1172fc4df5ad8a79f165556b403cdd90b9eb5f7f7f9ec97bf06f4d8d7","src/solid.rs":"58919109faf06e6d546f75f785d78d6c055e1f95110d1791d9191d1e404f1e20","src/use_file.rs":"ecfc1011b4a9c962ae9b4b75ca5149a4ee83cb0951a80224ce5417046ce11717","src/util.rs":"580fb7c4e41eb6007def8626e019829c22a63980fa4da68a1adef687c57953a2","src/util_libc.rs":"48c1fe251958c6c57b7c93d83f3648d97034feeee0d5cda0cbe7bc0ee0a73fca","src/vita.rs":"ecfa9d347ad5c480ba8ff80a9de968ae060ffb435f1e95777ee413642e62e50a","src/vxworks.rs":"984726b6dd9638a38ceda83124683419b9d69a9041ad9117a470eaec5b386ce4","src/wasi.rs":"229a58af3f13a629571fb83a0c11ef0ed696ba7a44ee2e811c9f348a19b2fb69","src/windows.rs":"dd3d833979fb6b96c04b84dbf8461d5fc819bde93ad9dc26bd0f6c282656c733","tests/common/mod.rs":"b9a36043d71963ba43a9e2899ba8eea80ff9f3284d243d9b9b9f941afa4f4aa4","tests/custom.rs":"1e944ae523b62dba53fe3daf1b964a2498c8fdd21dfa7afe53781bff2fcf276e","tests/normal.rs":"9e1c4b1e468a09ed0225370dfb6608f8b8135e0fabb09bbc1a718105164aade6","tests/rdrand.rs":"156676b57f1e6bd4d66d85b8a999f1cf7a8fb749a10b8b2b4dbbcf803e8c4cd3"},"package":"fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f"} \ No newline at end of file
diff --git a/third_party/rust/getrandom/CHANGELOG.md b/third_party/rust/getrandom/CHANGELOG.md
new file mode 100644
index 0000000000..7b1f46aabc
--- /dev/null
+++ b/third_party/rust/getrandom/CHANGELOG.md
@@ -0,0 +1,435 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.2.11] - 2023-11-08
+### Added
+- GNU/Hurd support [#370]
+
+### Changed
+- Renamed `__getrandom_internal` to `__GETRANDOM_INTERNAL` [#369]
+- Updated link to Hermit docs [#374]
+
+[#369]: https://github.com/rust-random/getrandom/pull/369
+[#370]: https://github.com/rust-random/getrandom/pull/370
+[#374]: https://github.com/rust-random/getrandom/pull/374
+
+## [0.2.10] - 2023-06-06
+### Added
+- Support for PS Vita (`armv7-sony-vita-newlibeabihf`) [#359]
+
+### Changed
+- Use getentropy from libc on Emscripten targets [#362]
+
+[#359]: https://github.com/rust-random/getrandom/pull/359
+[#362]: https://github.com/rust-random/getrandom/pull/362
+
+## [0.2.9] - 2023-04-06
+### Added
+- AIX support [#282]
+- `getrandom_uninit` function [#291]
+- `wasm64-unknown-unknown` support [#303]
+- tvOS and watchOS support [#317]
+- QNX/nto support [#325]
+- Support for `getrandom` syscall on NetBSD ≥ 10.0 [#331]
+- `RtlGenRandom` fallback for non-UWP Windows [#337]
+
+### Breaking Changes
+- Update MSRV to 1.36 [#291]
+
+### Fixed
+- Solaris/OpenBSD/Dragonfly build [#301]
+
+### Changed
+- Update MSRV to 1.36 [#291]
+- Use getentropy on Emscripten [#307]
+- Solaris: consistantly use `/dev/random` source [#310]
+- Move 3ds selection above rdrand/js/custom fallback [#312]
+- Remove buffer zeroing from Node.js implementation [#315]
+- Use `open` instead of `open64` [#326]
+- Remove #cfg from bsd_arandom.rs [#332]
+- Hermit: use `sys_read_entropy` syscall [#333]
+- Eliminate potential panic in sys_fill_exact [#334]
+- rdrand: Remove checking for 0 and !0 and instead check CPU family and do a self-test [#335]
+- Move `__getrandom_custom` definition into a const block [#344]
+- Switch the custom backend to Rust ABI [#347]
+
+[#282]: https://github.com/rust-random/getrandom/pull/282
+[#291]: https://github.com/rust-random/getrandom/pull/291
+[#301]: https://github.com/rust-random/getrandom/pull/301
+[#303]: https://github.com/rust-random/getrandom/pull/303
+[#307]: https://github.com/rust-random/getrandom/pull/307
+[#310]: https://github.com/rust-random/getrandom/pull/310
+[#312]: https://github.com/rust-random/getrandom/pull/312
+[#315]: https://github.com/rust-random/getrandom/pull/315
+[#317]: https://github.com/rust-random/getrandom/pull/317
+[#325]: https://github.com/rust-random/getrandom/pull/325
+[#326]: https://github.com/rust-random/getrandom/pull/326
+[#331]: https://github.com/rust-random/getrandom/pull/331
+[#332]: https://github.com/rust-random/getrandom/pull/332
+[#333]: https://github.com/rust-random/getrandom/pull/333
+[#334]: https://github.com/rust-random/getrandom/pull/334
+[#335]: https://github.com/rust-random/getrandom/pull/335
+[#337]: https://github.com/rust-random/getrandom/pull/337
+[#344]: https://github.com/rust-random/getrandom/pull/344
+[#347]: https://github.com/rust-random/getrandom/pull/347
+
+## [0.2.8] - 2022-10-20
+### Changed
+- The [Web Cryptography API] will now be preferred on `wasm32-unknown-unknown`
+ when using the `"js"` feature, even on Node.js [#284] [#295]
+
+### Added
+- Added benchmarks to track buffer initialization cost [#272]
+
+### Fixed
+- Use `$crate` in `register_custom_getrandom!` [#270]
+
+### Documentation
+- Add information about enabling `"js"` feature [#280]
+- Fix link to `wasm-bindgen` [#278]
+- Document the varied implementations for underlying randomness sources [#276]
+
+[Web Cryptography API]: https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API
+[#284]: https://github.com/rust-random/getrandom/pull/284
+[#295]: https://github.com/rust-random/getrandom/pull/295
+[#272]: https://github.com/rust-random/getrandom/pull/272
+[#270]: https://github.com/rust-random/getrandom/pull/270
+[#280]: https://github.com/rust-random/getrandom/pull/280
+[#278]: https://github.com/rust-random/getrandom/pull/278
+[#276]: https://github.com/rust-random/getrandom/pull/276
+
+## [0.2.7] - 2022-06-14
+### Changed
+- Update `wasi` dependency to `0.11` [#253]
+
+### Fixed
+- Use `AtomicPtr` instead of `AtomicUsize` for Strict Provenance compatibility. [#263]
+
+### Documentation
+- Add comments explaining use of fallback mechanisms [#257] [#260]
+
+[#263]: https://github.com/rust-random/getrandom/pull/263
+[#260]: https://github.com/rust-random/getrandom/pull/260
+[#253]: https://github.com/rust-random/getrandom/pull/253
+[#257]: https://github.com/rust-random/getrandom/pull/257
+
+## [0.2.6] - 2022-03-28
+### Added
+- Nintendo 3DS (`armv6k-nintendo-3ds`) support [#248]
+
+### Changed
+- Retry `open` when interrupted [#252]
+
+[#248]: https://github.com/rust-random/getrandom/pull/248
+[#252]: https://github.com/rust-random/getrandom/pull/252
+
+## [0.2.5] - 2022-02-22
+### Added
+- ESP-IDF targets (`*‑espidf`) support [#245]
+
+### Fixed
+- Webpack warning caused by dynamic require [#234]
+- Error checking on iOS for `SecRandomCopyBytes` [#244]
+
+[#234]: https://github.com/rust-random/getrandom/pull/234
+[#244]: https://github.com/rust-random/getrandom/pull/244
+[#245]: https://github.com/rust-random/getrandom/pull/245
+
+## [0.2.4] - 2021-12-13
+### Changed
+- Use explicit imports in the `js` backend [#220]
+- Use `/dev/urandom` on Redox instead of `rand:` [#222]
+- Use `NonZeroU32::new_unchecked` to convert wasi error [#233]
+
+### Added
+- SOLID targets (`*-kmc-solid_*`) support [#235]
+- Limited Hermit (`x86_64-unknown-hermit`) support [#236]
+
+[#220]: https://github.com/rust-random/getrandom/pull/220
+[#222]: https://github.com/rust-random/getrandom/pull/222
+[#233]: https://github.com/rust-random/getrandom/pull/233
+[#235]: https://github.com/rust-random/getrandom/pull/235
+[#236]: https://github.com/rust-random/getrandom/pull/236
+
+## [0.2.3] - 2021-04-10
+### Changed
+- Replace build.rs with link attributes. [#205]
+- Add support for getrandom syscall on DragonFly BSD. [#210]
+- Improve Node.js detection. [#215]
+
+[#205]: https://github.com/rust-random/getrandom/pull/205
+[#210]: https://github.com/rust-random/getrandom/pull/210
+[#215]: https://github.com/rust-random/getrandom/pull/215
+
+## [0.2.2] - 2021-01-19
+### Changed
+- Forward `rustc-dep-of-std` to dependencies. [#198]
+- Highlight feature-dependent functionality in documentation using the `doc_cfg` feature. [#200]
+
+[#198]: https://github.com/rust-random/getrandom/pull/198
+[#200]: https://github.com/rust-random/getrandom/pull/200
+
+## [0.2.1] - 2021-01-03
+### Changed
+- Update `cfg-if` to v1.0. [#166]
+- Update `wasi` to v0.10. [#167]
+
+### Fixed
+- Multithreaded WASM support. [#165]
+
+### Removed
+- Windows XP support. [#177]
+- Direct `stdweb` support. [#178]
+- CloudABI support. [#184]
+
+[#165]: https://github.com/rust-random/getrandom/pull/165
+[#166]: https://github.com/rust-random/getrandom/pull/166
+[#167]: https://github.com/rust-random/getrandom/pull/167
+[#177]: https://github.com/rust-random/getrandom/pull/177
+[#178]: https://github.com/rust-random/getrandom/pull/178
+[#184]: https://github.com/rust-random/getrandom/pull/184
+
+## [0.2.0] - 2020-09-10
+### Features for using getrandom on unsupported targets
+
+The following (off by default) Cargo features have been added:
+- `"rdrand"` - use the RDRAND instruction on `no_std` `x86`/`x86_64` targets [#133]
+- `"js"` - use JavaScript calls on `wasm32-unknown-unknown` [#149]
+ - Replaces the `stdweb` and `wasm-bindgen` features (which are removed)
+- `"custom"` - allows a user to specify a custom implementation [#109]
+
+### Breaking Changes
+- Unsupported targets no longer compile [#107]
+- Change/Add `Error` constants [#120]
+- Only impl `std` traits when the `"std"` Cargo feature is specified [#106]
+- Remove official support for Hermit, L4Re, and UEFI [#133]
+- Remove optional `"log"` dependency [#131]
+- Update minimum supported Linux kernel to 2.6.32 [#153]
+- Update MSRV to 1.34 [#159]
+
+[#106]: https://github.com/rust-random/getrandom/pull/106
+[#107]: https://github.com/rust-random/getrandom/pull/107
+[#109]: https://github.com/rust-random/getrandom/pull/109
+[#120]: https://github.com/rust-random/getrandom/pull/120
+[#131]: https://github.com/rust-random/getrandom/pull/131
+[#133]: https://github.com/rust-random/getrandom/pull/133
+[#149]: https://github.com/rust-random/getrandom/pull/149
+[#153]: https://github.com/rust-random/getrandom/pull/153
+[#159]: https://github.com/rust-random/getrandom/pull/159
+
+## [0.1.16] - 2020-12-31
+### Changed
+- Update `cfg-if` to v1.0. [#173]
+- Implement `std::error::Error` for the `Error` type on additional targets. [#169]
+
+### Fixed
+- Multithreaded WASM support. [#171]
+
+[#173]: https://github.com/rust-random/getrandom/pull/173
+[#171]: https://github.com/rust-random/getrandom/pull/171
+[#169]: https://github.com/rust-random/getrandom/pull/169
+
+## [0.1.15] - 2020-09-10
+### Changed
+- Added support for Internet Explorer 11 [#139]
+- Fix Webpack require warning with `wasm-bindgen` [#137]
+
+[#137]: https://github.com/rust-random/getrandom/pull/137
+[#139]: https://github.com/rust-random/getrandom/pull/139
+
+## [0.1.14] - 2020-01-07
+### Changed
+- Remove use of spin-locks in the `use_file` module. [#125]
+- Update `wasi` to v0.9. [#126]
+- Do not read errno value on DragonFlyBSD to fix compilation failure. [#129]
+
+[#125]: https://github.com/rust-random/getrandom/pull/125
+[#126]: https://github.com/rust-random/getrandom/pull/126
+[#129]: https://github.com/rust-random/getrandom/pull/129
+
+## [0.1.13] - 2019-08-25
+### Added
+- VxWorks targets support. [#86]
+
+### Changed
+- If zero-length slice is passed to the `getrandom` function, always return
+`Ok(())` immediately without doing any calls to the underlying operating
+system. [#104]
+- Use the `kern.arandom` sysctl on NetBSD. [#115]
+
+### Fixed
+- Bump `cfg-if` minimum version from 0.1.0 to 0.1.2. [#112]
+- Typos and bad doc links. [#117]
+
+[#86]: https://github.com/rust-random/getrandom/pull/86
+[#104]: https://github.com/rust-random/getrandom/pull/104
+[#112]: https://github.com/rust-random/getrandom/pull/112
+[#115]: https://github.com/rust-random/getrandom/pull/115
+[#117]: https://github.com/rust-random/getrandom/pull/117
+
+## [0.1.12] - 2019-08-18
+### Changed
+- Update wasi dependency from v0.5 to v0.7. [#100]
+
+[#100]: https://github.com/rust-random/getrandom/pull/100
+
+## [0.1.11] - 2019-08-25
+### Fixed
+- Implement `std`-dependent traits for selected targets even if `std`
+feature is disabled. (backward compatibility with v0.1.8) [#96]
+
+[#96]: https://github.com/rust-random/getrandom/pull/96
+
+## [0.1.10] - 2019-08-18 [YANKED]
+### Changed
+- Use the dummy implementation on `wasm32-unknown-unknown` even with the
+disabled `dummy` feature. [#90]
+
+### Fixed
+- Fix CSP error for `wasm-bindgen`. [#92]
+
+[#90]: https://github.com/rust-random/getrandom/pull/90
+[#92]: https://github.com/rust-random/getrandom/pull/92
+
+## [0.1.9] - 2019-08-14 [YANKED]
+### Changed
+- Remove `std` dependency for opening and reading files. [#58]
+- Use `wasi` instead of `libc` on WASI target. [#64]
+- By default emit a compile-time error when built for an unsupported target.
+This behaviour can be disabled by using the `dummy` feature. [#71]
+
+### Added
+- Add support for UWP targets. [#69]
+- Add unstable `rustc-dep-of-std` feature. [#78]
+
+[#58]: https://github.com/rust-random/getrandom/pull/58
+[#64]: https://github.com/rust-random/getrandom/pull/64
+[#69]: https://github.com/rust-random/getrandom/pull/69
+[#71]: https://github.com/rust-random/getrandom/pull/71
+[#78]: https://github.com/rust-random/getrandom/pull/78
+
+## [0.1.8] - 2019-07-29
+### Changed
+- Explicitly specify types to arguments of 'libc::syscall'. [#74]
+
+[#74]: https://github.com/rust-random/getrandom/pull/74
+
+## [0.1.7] - 2019-07-29
+### Added
+- Support for hermit and l4re. [#61]
+- `Error::raw_os_error` method, `Error::INTERNAL_START` and
+`Error::CUSTOM_START` constants. Use `libc` for retrieving OS error descriptions. [#54]
+
+### Changed
+- Remove `lazy_static` dependency and use custom structures for lock-free
+initialization. [#51] [#52]
+- Try `getrandom()` first on FreeBSD. [#57]
+
+### Removed
+- Bitrig support. [#56]
+
+### Deprecated
+- `Error::UNKNOWN`, `Error::UNAVAILABLE`. [#54]
+
+[#51]: https://github.com/rust-random/getrandom/pull/51
+[#52]: https://github.com/rust-random/getrandom/pull/52
+[#54]: https://github.com/rust-random/getrandom/pull/54
+[#56]: https://github.com/rust-random/getrandom/pull/56
+[#57]: https://github.com/rust-random/getrandom/pull/57
+[#61]: https://github.com/rust-random/getrandom/pull/61
+
+## [0.1.6] - 2019-06-30
+### Changed
+- Minor change of RDRAND AMD bug handling. [#48]
+
+[#48]: https://github.com/rust-random/getrandom/pull/48
+
+## [0.1.5] - 2019-06-29
+### Fixed
+- Use shared `File` instead of shared file descriptor. [#44]
+- Workaround for RDRAND hardware bug present on some AMD CPUs. [#43]
+
+### Changed
+- Try `getentropy` and then fallback to `/dev/random` on macOS. [#38]
+
+[#38]: https://github.com/rust-random/getrandom/issues/38
+[#43]: https://github.com/rust-random/getrandom/pull/43
+[#44]: https://github.com/rust-random/getrandom/issues/44
+
+## [0.1.4] - 2019-06-28
+### Added
+- Add support for `x86_64-unknown-uefi` target by using RDRAND with CPUID
+feature detection. [#30]
+
+### Fixed
+- Fix long buffer issues on Windows and Linux. [#31] [#32]
+- Check `EPERM` in addition to `ENOSYS` on Linux. [#37]
+
+### Changed
+- Improve efficiency by sharing file descriptor across threads. [#13]
+- Remove `cloudabi`, `winapi`, and `fuchsia-cprng` dependencies. [#40]
+- Improve RDRAND implementation. [#24]
+- Don't block during syscall detection on Linux. [#26]
+- Increase consistency with libc implementation on FreeBSD. [#36]
+- Apply `rustfmt`. [#39]
+
+[#30]: https://github.com/rust-random/getrandom/pull/30
+[#13]: https://github.com/rust-random/getrandom/issues/13
+[#40]: https://github.com/rust-random/getrandom/pull/40
+[#26]: https://github.com/rust-random/getrandom/pull/26
+[#24]: https://github.com/rust-random/getrandom/pull/24
+[#39]: https://github.com/rust-random/getrandom/pull/39
+[#36]: https://github.com/rust-random/getrandom/pull/36
+[#31]: https://github.com/rust-random/getrandom/issues/31
+[#32]: https://github.com/rust-random/getrandom/issues/32
+[#37]: https://github.com/rust-random/getrandom/issues/37
+
+## [0.1.3] - 2019-05-15
+- Update for `wasm32-unknown-wasi` being renamed to `wasm32-wasi`, and for
+ WASI being categorized as an OS.
+
+## [0.1.2] - 2019-04-06
+- Add support for `wasm32-unknown-wasi` target.
+
+## [0.1.1] - 2019-04-05
+- Enable std functionality for CloudABI by default.
+
+## [0.1.0] - 2019-03-23
+Publish initial implementation.
+
+## [0.0.0] - 2019-01-19
+Publish an empty template library.
+
+[0.2.11]: https://github.com/rust-random/getrandom/compare/v0.2.10...v0.2.11
+[0.2.10]: https://github.com/rust-random/getrandom/compare/v0.2.9...v0.2.10
+[0.2.9]: https://github.com/rust-random/getrandom/compare/v0.2.8...v0.2.9
+[0.2.8]: https://github.com/rust-random/getrandom/compare/v0.2.7...v0.2.8
+[0.2.7]: https://github.com/rust-random/getrandom/compare/v0.2.6...v0.2.7
+[0.2.6]: https://github.com/rust-random/getrandom/compare/v0.2.5...v0.2.6
+[0.2.5]: https://github.com/rust-random/getrandom/compare/v0.2.4...v0.2.5
+[0.2.4]: https://github.com/rust-random/getrandom/compare/v0.2.3...v0.2.4
+[0.2.3]: https://github.com/rust-random/getrandom/compare/v0.2.2...v0.2.3
+[0.2.2]: https://github.com/rust-random/getrandom/compare/v0.2.1...v0.2.2
+[0.2.1]: https://github.com/rust-random/getrandom/compare/v0.2.0...v0.2.1
+[0.2.0]: https://github.com/rust-random/getrandom/compare/v0.1.15...v0.2.0
+[0.1.16]: https://github.com/rust-random/getrandom/compare/v0.1.15...v0.1.16
+[0.1.15]: https://github.com/rust-random/getrandom/compare/v0.1.14...v0.1.15
+[0.1.14]: https://github.com/rust-random/getrandom/compare/v0.1.13...v0.1.14
+[0.1.13]: https://github.com/rust-random/getrandom/compare/v0.1.12...v0.1.13
+[0.1.12]: https://github.com/rust-random/getrandom/compare/v0.1.11...v0.1.12
+[0.1.11]: https://github.com/rust-random/getrandom/compare/v0.1.10...v0.1.11
+[0.1.10]: https://github.com/rust-random/getrandom/compare/v0.1.9...v0.1.10
+[0.1.9]: https://github.com/rust-random/getrandom/compare/v0.1.8...v0.1.9
+[0.1.8]: https://github.com/rust-random/getrandom/compare/v0.1.7...v0.1.8
+[0.1.7]: https://github.com/rust-random/getrandom/compare/v0.1.6...v0.1.7
+[0.1.6]: https://github.com/rust-random/getrandom/compare/v0.1.5...v0.1.6
+[0.1.5]: https://github.com/rust-random/getrandom/compare/v0.1.4...v0.1.5
+[0.1.4]: https://github.com/rust-random/getrandom/compare/v0.1.3...v0.1.4
+[0.1.3]: https://github.com/rust-random/getrandom/compare/v0.1.2...v0.1.3
+[0.1.2]: https://github.com/rust-random/getrandom/compare/v0.1.1...v0.1.2
+[0.1.1]: https://github.com/rust-random/getrandom/compare/v0.1.0...v0.1.1
+[0.1.0]: https://github.com/rust-random/getrandom/compare/v0.0.0...v0.1.0
+[0.0.0]: https://github.com/rust-random/getrandom/releases/tag/v0.0.0
diff --git a/third_party/rust/getrandom/Cargo.toml b/third_party/rust/getrandom/Cargo.toml
new file mode 100644
index 0000000000..a4c3946b73
--- /dev/null
+++ b/third_party/rust/getrandom/Cargo.toml
@@ -0,0 +1,94 @@
+# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
+#
+# When uploading crates to the registry Cargo will automatically
+# "normalize" Cargo.toml files for maximal compatibility
+# with all versions of Cargo and also rewrite `path` dependencies
+# to registry (e.g., crates.io) dependencies.
+#
+# If you are reading this file be aware that the original Cargo.toml
+# will likely look very different (and much more reasonable).
+# See Cargo.toml.orig for the original contents.
+
+[package]
+edition = "2018"
+name = "getrandom"
+version = "0.2.11"
+authors = ["The Rand Project Developers"]
+exclude = [".*"]
+description = "A small cross-platform library for retrieving random data from system source"
+documentation = "https://docs.rs/getrandom"
+readme = "README.md"
+categories = [
+ "os",
+ "no-std",
+]
+license = "MIT OR Apache-2.0"
+repository = "https://github.com/rust-random/getrandom"
+
+[package.metadata.cross.target.x86_64-unknown-netbsd]
+pre-build = [
+ "mkdir -p /tmp/netbsd",
+ "curl https://cdn.netbsd.org/pub/NetBSD/NetBSD-9.2/amd64/binary/sets/base.tar.xz -O",
+ "tar -C /tmp/netbsd -xJf base.tar.xz",
+ "cp /tmp/netbsd/usr/lib/libexecinfo.so /usr/local/x86_64-unknown-netbsd/lib",
+ "rm base.tar.xz",
+ "rm -rf /tmp/netbsd",
+]
+
+[package.metadata.docs.rs]
+features = [
+ "std",
+ "custom",
+]
+rustdoc-args = [
+ "--cfg",
+ "docsrs",
+]
+
+[dependencies.cfg-if]
+version = "1"
+
+[dependencies.compiler_builtins]
+version = "0.1"
+optional = true
+
+[dependencies.core]
+version = "1.0"
+optional = true
+package = "rustc-std-workspace-core"
+
+[features]
+custom = []
+js = [
+ "wasm-bindgen",
+ "js-sys",
+]
+rdrand = []
+rustc-dep-of-std = [
+ "compiler_builtins",
+ "core",
+ "libc/rustc-dep-of-std",
+ "wasi/rustc-dep-of-std",
+]
+std = []
+test-in-browser = []
+
+[target."cfg(all(any(target_arch = \"wasm32\", target_arch = \"wasm64\"), target_os = \"unknown\"))".dependencies.js-sys]
+version = "0.3"
+optional = true
+
+[target."cfg(all(any(target_arch = \"wasm32\", target_arch = \"wasm64\"), target_os = \"unknown\"))".dependencies.wasm-bindgen]
+version = "0.2.62"
+optional = true
+default-features = false
+
+[target."cfg(all(any(target_arch = \"wasm32\", target_arch = \"wasm64\"), target_os = \"unknown\"))".dev-dependencies.wasm-bindgen-test]
+version = "0.3.18"
+
+[target."cfg(target_os = \"wasi\")".dependencies.wasi]
+version = "0.11"
+default-features = false
+
+[target."cfg(unix)".dependencies.libc]
+version = "0.2.149"
+default-features = false
diff --git a/third_party/rust/getrandom/LICENSE-APACHE b/third_party/rust/getrandom/LICENSE-APACHE
new file mode 100644
index 0000000000..17d74680f8
--- /dev/null
+++ b/third_party/rust/getrandom/LICENSE-APACHE
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ https://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/third_party/rust/getrandom/LICENSE-MIT b/third_party/rust/getrandom/LICENSE-MIT
new file mode 100644
index 0000000000..d93b5baf34
--- /dev/null
+++ b/third_party/rust/getrandom/LICENSE-MIT
@@ -0,0 +1,26 @@
+Copyright 2018 Developers of the Rand project
+Copyright (c) 2014 The Rust Project Developers
+
+Permission is hereby granted, free of charge, to any
+person obtaining a copy of this software and associated
+documentation files (the "Software"), to deal in the
+Software without restriction, including without
+limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software
+is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice
+shall be included in all copies or substantial portions
+of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
+ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
+TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
+SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
diff --git a/third_party/rust/getrandom/README.md b/third_party/rust/getrandom/README.md
new file mode 100644
index 0000000000..c43ad42eb8
--- /dev/null
+++ b/third_party/rust/getrandom/README.md
@@ -0,0 +1,64 @@
+# getrandom
+
+[![Build Status]][GitHub Actions] [![Crate]][crates.io] [![Documentation]][docs.rs] [![Dependency Status]][deps.rs] [![Downloads]][crates.io] [![License]][LICENSE-MIT]
+
+[GitHub Actions]: https://github.com/rust-random/getrandom/actions?query=workflow:Tests+branch:master
+[Build Status]: https://github.com/rust-random/getrandom/actions/workflows/tests.yml/badge.svg?branch=master
+[crates.io]: https://crates.io/crates/getrandom
+[Crate]: https://img.shields.io/crates/v/getrandom
+[docs.rs]: https://docs.rs/getrandom
+[Documentation]: https://docs.rs/getrandom/badge.svg
+[deps.rs]: https://deps.rs/repo/github/rust-random/getrandom
+[Dependency Status]: https://deps.rs/repo/github/rust-random/getrandom/status.svg
+[Downloads]: https://img.shields.io/crates/d/getrandom
+[LICENSE-MIT]: https://raw.githubusercontent.com/rust-random/getrandom/master/LICENSE-MIT
+[License]: https://img.shields.io/crates/l/getrandom
+
+
+A Rust library for retrieving random data from (operating) system sources. It is
+assumed that the system always provides high-quality cryptographically secure random
+data, ideally backed by hardware entropy sources. This crate derives its name
+from Linux's `getrandom` function, but is cross-platform, roughly supporting
+the same set of platforms as Rust's `std` lib.
+
+This is a low-level API. Most users should prefer using high-level random-number
+library like [`rand`].
+
+[`rand`]: https://crates.io/crates/rand
+
+## Usage
+
+Add this to your `Cargo.toml`:
+
+```toml
+[dependencies]
+getrandom = "0.2"
+```
+
+Then invoke the `getrandom` function:
+
+```rust
+fn get_random_buf() -> Result<[u8; 32], getrandom::Error> {
+ let mut buf = [0u8; 32];
+ getrandom::getrandom(&mut buf)?;
+ Ok(buf)
+}
+```
+
+For more information about supported targets, entropy sources, `no_std` targets,
+crate features, WASM support and Custom RNGs see the
+[`getrandom` documentation](https://docs.rs/getrandom/latest) and
+[`getrandom::Error` documentation](https://docs.rs/getrandom/latest/getrandom/struct.Error.html).
+
+## Minimum Supported Rust Version
+
+This crate requires Rust 1.36.0 or later.
+
+# License
+
+The `getrandom` library is distributed under either of
+
+ * [Apache License, Version 2.0](LICENSE-APACHE)
+ * [MIT license](LICENSE-MIT)
+
+at your option.
diff --git a/third_party/rust/getrandom/SECURITY.md b/third_party/rust/getrandom/SECURITY.md
new file mode 100644
index 0000000000..19bfb9a27a
--- /dev/null
+++ b/third_party/rust/getrandom/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+Security updates are applied only to the latest release.
+
+## Reporting a Vulnerability
+
+If you have discovered a security vulnerability in this project, please report it privately. **Do not disclose it as a public issue.** This gives us time to work with you to fix the issue before public exposure, reducing the chance that the exploit will be used before a patch is released.
+
+Please disclose it at [security advisory](https://github.com/rust-random/getrandom/security/advisories/new).
+
+This project is maintained by a team of volunteers on a reasonable-effort basis. As such, please give us at least 90 days to work on a fix before public exposure.
diff --git a/third_party/rust/getrandom/benches/buffer.rs b/third_party/rust/getrandom/benches/buffer.rs
new file mode 100644
index 0000000000..b32be4336c
--- /dev/null
+++ b/third_party/rust/getrandom/benches/buffer.rs
@@ -0,0 +1,71 @@
+#![feature(test, maybe_uninit_uninit_array_transpose)]
+extern crate test;
+
+use std::mem::MaybeUninit;
+
+// Call getrandom on a zero-initialized stack buffer
+#[inline(always)]
+fn bench_getrandom<const N: usize>() {
+ let mut buf = [0u8; N];
+ getrandom::getrandom(&mut buf).unwrap();
+ test::black_box(&buf as &[u8]);
+}
+
+// Call getrandom_uninit on an uninitialized stack buffer
+#[inline(always)]
+fn bench_getrandom_uninit<const N: usize>() {
+ let mut uninit = [MaybeUninit::uninit(); N];
+ let buf: &[u8] = getrandom::getrandom_uninit(&mut uninit).unwrap();
+ test::black_box(buf);
+}
+
+// We benchmark using #[inline(never)] "inner" functions for two reasons:
+// - Avoiding inlining reduces a source of variance when running benchmarks.
+// - It is _much_ easier to get the assembly or IR for the inner loop.
+//
+// For example, using cargo-show-asm (https://github.com/pacak/cargo-show-asm),
+// we can get the assembly for a particular benchmark's inner loop by running:
+// cargo asm --bench buffer --release buffer::p384::bench_getrandom::inner
+macro_rules! bench {
+ ( $name:ident, $size:expr ) => {
+ pub mod $name {
+ #[bench]
+ pub fn bench_getrandom(b: &mut test::Bencher) {
+ #[inline(never)]
+ fn inner() {
+ super::bench_getrandom::<{ $size }>()
+ }
+
+ b.bytes = $size as u64;
+ b.iter(inner);
+ }
+ #[bench]
+ pub fn bench_getrandom_uninit(b: &mut test::Bencher) {
+ #[inline(never)]
+ fn inner() {
+ super::bench_getrandom_uninit::<{ $size }>()
+ }
+
+ b.bytes = $size as u64;
+ b.iter(inner);
+ }
+ }
+ };
+}
+
+// 16 bytes (128 bits) is the size of an 128-bit AES key/nonce.
+bench!(aes128, 128 / 8);
+
+// 32 bytes (256 bits) is the seed sized used for rand::thread_rng
+// and the `random` value in a ClientHello/ServerHello for TLS.
+// This is also the size of a 256-bit AES/HMAC/P-256/Curve25519 key
+// and/or nonce.
+bench!(p256, 256 / 8);
+
+// A P-384/HMAC-384 key and/or nonce.
+bench!(p384, 384 / 8);
+
+// Initializing larger buffers is not the primary use case of this library, as
+// this should normally be done by a userspace CSPRNG. However, we have a test
+// here to see the effects of a lower (amortized) syscall overhead.
+bench!(page, 4096);
diff --git a/third_party/rust/getrandom/src/3ds.rs b/third_party/rust/getrandom/src/3ds.rs
new file mode 100644
index 0000000000..87a32a1e80
--- /dev/null
+++ b/third_party/rust/getrandom/src/3ds.rs
@@ -0,0 +1,18 @@
+// Copyright 2021 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for Nintendo 3DS
+use crate::util_libc::sys_fill_exact;
+use crate::Error;
+use core::mem::MaybeUninit;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ sys_fill_exact(dest, |buf| unsafe {
+ libc::getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
+ })
+}
diff --git a/third_party/rust/getrandom/src/apple-other.rs b/third_party/rust/getrandom/src/apple-other.rs
new file mode 100644
index 0000000000..8f904859ca
--- /dev/null
+++ b/third_party/rust/getrandom/src/apple-other.rs
@@ -0,0 +1,27 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for iOS
+use crate::Error;
+use core::{ffi::c_void, mem::MaybeUninit, ptr::null};
+
+#[link(name = "Security", kind = "framework")]
+extern "C" {
+ fn SecRandomCopyBytes(rnd: *const c_void, count: usize, bytes: *mut u8) -> i32;
+}
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ // Apple's documentation guarantees kSecRandomDefault is a synonym for NULL.
+ let ret = unsafe { SecRandomCopyBytes(null(), dest.len(), dest.as_mut_ptr() as *mut u8) };
+ // errSecSuccess (from SecBase.h) is always zero.
+ if ret != 0 {
+ Err(Error::IOS_SEC_RANDOM)
+ } else {
+ Ok(())
+ }
+}
diff --git a/third_party/rust/getrandom/src/bsd_arandom.rs b/third_party/rust/getrandom/src/bsd_arandom.rs
new file mode 100644
index 0000000000..5314c48f19
--- /dev/null
+++ b/third_party/rust/getrandom/src/bsd_arandom.rs
@@ -0,0 +1,54 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for FreeBSD and NetBSD
+use crate::{
+ util_libc::{sys_fill_exact, Weak},
+ Error,
+};
+use core::{mem::MaybeUninit, ptr};
+
+fn kern_arnd(buf: &mut [MaybeUninit<u8>]) -> libc::ssize_t {
+ static MIB: [libc::c_int; 2] = [libc::CTL_KERN, libc::KERN_ARND];
+ let mut len = buf.len();
+ let ret = unsafe {
+ libc::sysctl(
+ MIB.as_ptr(),
+ MIB.len() as libc::c_uint,
+ buf.as_mut_ptr() as *mut _,
+ &mut len,
+ ptr::null(),
+ 0,
+ )
+ };
+ if ret == -1 {
+ -1
+ } else {
+ len as libc::ssize_t
+ }
+}
+
+type GetRandomFn = unsafe extern "C" fn(*mut u8, libc::size_t, libc::c_uint) -> libc::ssize_t;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ // getrandom(2) was introduced in FreeBSD 12.0 and NetBSD 10.0
+ static GETRANDOM: Weak = unsafe { Weak::new("getrandom\0") };
+ if let Some(fptr) = GETRANDOM.ptr() {
+ let func: GetRandomFn = unsafe { core::mem::transmute(fptr) };
+ return sys_fill_exact(dest, |buf| unsafe {
+ func(buf.as_mut_ptr() as *mut u8, buf.len(), 0)
+ });
+ }
+
+ // Both FreeBSD and NetBSD will only return up to 256 bytes at a time, and
+ // older NetBSD kernels will fail on longer buffers.
+ for chunk in dest.chunks_mut(256) {
+ sys_fill_exact(chunk, kern_arnd)?
+ }
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/src/custom.rs b/third_party/rust/getrandom/src/custom.rs
new file mode 100644
index 0000000000..66e4256fad
--- /dev/null
+++ b/third_party/rust/getrandom/src/custom.rs
@@ -0,0 +1,114 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! An implementation which calls out to an externally defined function.
+use crate::{util::uninit_slice_fill_zero, Error};
+use core::{mem::MaybeUninit, num::NonZeroU32};
+
+/// Register a function to be invoked by `getrandom` on unsupported targets.
+///
+/// ## Writing a custom `getrandom` implementation
+///
+/// The function to register must have the same signature as
+/// [`getrandom::getrandom`](crate::getrandom). The function can be defined
+/// wherever you want, either in root crate or a dependent crate.
+///
+/// For example, if we wanted a `failure-getrandom` crate containing an
+/// implementation that always fails, we would first depend on `getrandom`
+/// (for the [`Error`] type) in `failure-getrandom/Cargo.toml`:
+/// ```toml
+/// [dependencies]
+/// getrandom = "0.2"
+/// ```
+/// Note that the crate containing this function does **not** need to enable the
+/// `"custom"` Cargo feature.
+///
+/// Next, in `failure-getrandom/src/lib.rs`, we define our function:
+/// ```rust
+/// use core::num::NonZeroU32;
+/// use getrandom::Error;
+///
+/// // Some application-specific error code
+/// const MY_CUSTOM_ERROR_CODE: u32 = Error::CUSTOM_START + 42;
+/// pub fn always_fail(buf: &mut [u8]) -> Result<(), Error> {
+/// let code = NonZeroU32::new(MY_CUSTOM_ERROR_CODE).unwrap();
+/// Err(Error::from(code))
+/// }
+/// ```
+///
+/// ## Registering a custom `getrandom` implementation
+///
+/// Functions can only be registered in the root binary crate. Attempting to
+/// register a function in a non-root crate will result in a linker error.
+/// This is similar to
+/// [`#[panic_handler]`](https://doc.rust-lang.org/nomicon/panic-handler.html) or
+/// [`#[global_allocator]`](https://doc.rust-lang.org/edition-guide/rust-2018/platform-and-target-support/global-allocators.html),
+/// where helper crates define handlers/allocators but only the binary crate
+/// actually _uses_ the functionality.
+///
+/// To register the function, we first depend on `failure-getrandom` _and_
+/// `getrandom` in `Cargo.toml`:
+/// ```toml
+/// [dependencies]
+/// failure-getrandom = "0.1"
+/// getrandom = { version = "0.2", features = ["custom"] }
+/// ```
+///
+/// Then, we register the function in `src/main.rs`:
+/// ```rust
+/// # mod failure_getrandom { pub fn always_fail(_: &mut [u8]) -> Result<(), getrandom::Error> { unimplemented!() } }
+/// use failure_getrandom::always_fail;
+/// use getrandom::register_custom_getrandom;
+///
+/// register_custom_getrandom!(always_fail);
+/// ```
+///
+/// Now any user of `getrandom` (direct or indirect) on this target will use the
+/// registered function. As noted in the
+/// [top-level documentation](index.html#custom-implementations) this
+/// registration only has an effect on unsupported targets.
+#[macro_export]
+#[cfg_attr(docsrs, doc(cfg(feature = "custom")))]
+macro_rules! register_custom_getrandom {
+ ($path:path) => {
+ // TODO(MSRV 1.37): change to unnamed block
+ const __GETRANDOM_INTERNAL: () = {
+ // We use Rust ABI to be safe against potential panics in the passed function.
+ #[no_mangle]
+ unsafe fn __getrandom_custom(dest: *mut u8, len: usize) -> u32 {
+ // Make sure the passed function has the type of getrandom::getrandom
+ type F = fn(&mut [u8]) -> ::core::result::Result<(), $crate::Error>;
+ let _: F = $crate::getrandom;
+ let f: F = $path;
+ let slice = ::core::slice::from_raw_parts_mut(dest, len);
+ match f(slice) {
+ Ok(()) => 0,
+ Err(e) => e.code().get(),
+ }
+ }
+ };
+ };
+}
+
+#[allow(dead_code)]
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ extern "Rust" {
+ fn __getrandom_custom(dest: *mut u8, len: usize) -> u32;
+ }
+ // Previously we always passed a valid, initialized slice to
+ // `__getrandom_custom`. Ensure `dest` has been initialized for backward
+ // compatibility with implementations that rely on that (e.g. Rust
+ // implementations that construct a `&mut [u8]` slice from `dest` and
+ // `len`).
+ let dest = uninit_slice_fill_zero(dest);
+ let ret = unsafe { __getrandom_custom(dest.as_mut_ptr(), dest.len()) };
+ match NonZeroU32::new(ret) {
+ None => Ok(()),
+ Some(code) => Err(Error::from(code)),
+ }
+}
diff --git a/third_party/rust/getrandom/src/dragonfly.rs b/third_party/rust/getrandom/src/dragonfly.rs
new file mode 100644
index 0000000000..d3ef00aa9c
--- /dev/null
+++ b/third_party/rust/getrandom/src/dragonfly.rs
@@ -0,0 +1,30 @@
+// Copyright 2021 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for DragonFly BSD
+use crate::{
+ use_file,
+ util_libc::{sys_fill_exact, Weak},
+ Error,
+};
+use core::mem::MaybeUninit;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ static GETRANDOM: Weak = unsafe { Weak::new("getrandom\0") };
+ type GetRandomFn = unsafe extern "C" fn(*mut u8, libc::size_t, libc::c_uint) -> libc::ssize_t;
+
+ // getrandom(2) was introduced in DragonflyBSD 5.7
+ if let Some(fptr) = GETRANDOM.ptr() {
+ let func: GetRandomFn = unsafe { core::mem::transmute(fptr) };
+ return sys_fill_exact(dest, |buf| unsafe {
+ func(buf.as_mut_ptr() as *mut u8, buf.len(), 0)
+ });
+ } else {
+ use_file::getrandom_inner(dest)
+ }
+}
diff --git a/third_party/rust/getrandom/src/emscripten.rs b/third_party/rust/getrandom/src/emscripten.rs
new file mode 100644
index 0000000000..30221c6e19
--- /dev/null
+++ b/third_party/rust/getrandom/src/emscripten.rs
@@ -0,0 +1,13 @@
+//! Implementation for Emscripten
+use crate::{util_libc::last_os_error, Error};
+use core::mem::MaybeUninit;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ // Emscripten 2.0.5 added getentropy, so we can use it unconditionally.
+ // Unlike other getentropy implementations, there is no max buffer length.
+ let ret = unsafe { libc::getentropy(dest.as_mut_ptr() as *mut libc::c_void, dest.len()) };
+ if ret < 0 {
+ return Err(last_os_error());
+ }
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/src/error.rs b/third_party/rust/getrandom/src/error.rs
new file mode 100644
index 0000000000..ab39a3c33a
--- /dev/null
+++ b/third_party/rust/getrandom/src/error.rs
@@ -0,0 +1,191 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+use core::{fmt, num::NonZeroU32};
+
+/// A small and `no_std` compatible error type
+///
+/// The [`Error::raw_os_error()`] will indicate if the error is from the OS, and
+/// if so, which error code the OS gave the application. If such an error is
+/// encountered, please consult with your system documentation.
+///
+/// Internally this type is a NonZeroU32, with certain values reserved for
+/// certain purposes, see [`Error::INTERNAL_START`] and [`Error::CUSTOM_START`].
+///
+/// *If this crate's `"std"` Cargo feature is enabled*, then:
+/// - [`getrandom::Error`][Error] implements
+/// [`std::error::Error`](https://doc.rust-lang.org/std/error/trait.Error.html)
+/// - [`std::io::Error`](https://doc.rust-lang.org/std/io/struct.Error.html) implements
+/// [`From<getrandom::Error>`](https://doc.rust-lang.org/std/convert/trait.From.html).
+#[derive(Copy, Clone, Eq, PartialEq)]
+pub struct Error(NonZeroU32);
+
+const fn internal_error(n: u16) -> Error {
+ // SAFETY: code > 0 as INTERNAL_START > 0 and adding n won't overflow a u32.
+ let code = Error::INTERNAL_START + (n as u32);
+ Error(unsafe { NonZeroU32::new_unchecked(code) })
+}
+
+impl Error {
+ /// This target/platform is not supported by `getrandom`.
+ pub const UNSUPPORTED: Error = internal_error(0);
+ /// The platform-specific `errno` returned a non-positive value.
+ pub const ERRNO_NOT_POSITIVE: Error = internal_error(1);
+ /// Call to iOS [`SecRandomCopyBytes`](https://developer.apple.com/documentation/security/1399291-secrandomcopybytes) failed.
+ pub const IOS_SEC_RANDOM: Error = internal_error(3);
+ /// Call to Windows [`RtlGenRandom`](https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-rtlgenrandom) failed.
+ pub const WINDOWS_RTL_GEN_RANDOM: Error = internal_error(4);
+ /// RDRAND instruction failed due to a hardware issue.
+ pub const FAILED_RDRAND: Error = internal_error(5);
+ /// RDRAND instruction unsupported on this target.
+ pub const NO_RDRAND: Error = internal_error(6);
+ /// The environment does not support the Web Crypto API.
+ pub const WEB_CRYPTO: Error = internal_error(7);
+ /// Calling Web Crypto API `crypto.getRandomValues` failed.
+ pub const WEB_GET_RANDOM_VALUES: Error = internal_error(8);
+ /// On VxWorks, call to `randSecure` failed (random number generator is not yet initialized).
+ pub const VXWORKS_RAND_SECURE: Error = internal_error(11);
+ /// Node.js does not have the `crypto` CommonJS module.
+ pub const NODE_CRYPTO: Error = internal_error(12);
+ /// Calling Node.js function `crypto.randomFillSync` failed.
+ pub const NODE_RANDOM_FILL_SYNC: Error = internal_error(13);
+ /// Called from an ES module on Node.js. This is unsupported, see:
+ /// <https://docs.rs/getrandom#nodejs-es-module-support>.
+ pub const NODE_ES_MODULE: Error = internal_error(14);
+
+ /// Codes below this point represent OS Errors (i.e. positive i32 values).
+ /// Codes at or above this point, but below [`Error::CUSTOM_START`] are
+ /// reserved for use by the `rand` and `getrandom` crates.
+ pub const INTERNAL_START: u32 = 1 << 31;
+
+ /// Codes at or above this point can be used by users to define their own
+ /// custom errors.
+ pub const CUSTOM_START: u32 = (1 << 31) + (1 << 30);
+
+ /// Extract the raw OS error code (if this error came from the OS)
+ ///
+ /// This method is identical to [`std::io::Error::raw_os_error()`][1], except
+ /// that it works in `no_std` contexts. If this method returns `None`, the
+ /// error value can still be formatted via the `Display` implementation.
+ ///
+ /// [1]: https://doc.rust-lang.org/std/io/struct.Error.html#method.raw_os_error
+ #[inline]
+ pub fn raw_os_error(self) -> Option<i32> {
+ if self.0.get() < Self::INTERNAL_START {
+ match () {
+ #[cfg(target_os = "solid_asp3")]
+ // On SOLID, negate the error code again to obtain the original
+ // error code.
+ () => Some(-(self.0.get() as i32)),
+ #[cfg(not(target_os = "solid_asp3"))]
+ () => Some(self.0.get() as i32),
+ }
+ } else {
+ None
+ }
+ }
+
+ /// Extract the bare error code.
+ ///
+ /// This code can either come from the underlying OS, or be a custom error.
+ /// Use [`Error::raw_os_error()`] to disambiguate.
+ #[inline]
+ pub const fn code(self) -> NonZeroU32 {
+ self.0
+ }
+}
+
+cfg_if! {
+ if #[cfg(unix)] {
+ fn os_err(errno: i32, buf: &mut [u8]) -> Option<&str> {
+ let buf_ptr = buf.as_mut_ptr() as *mut libc::c_char;
+ if unsafe { libc::strerror_r(errno, buf_ptr, buf.len()) } != 0 {
+ return None;
+ }
+
+ // Take up to trailing null byte
+ let n = buf.len();
+ let idx = buf.iter().position(|&b| b == 0).unwrap_or(n);
+ core::str::from_utf8(&buf[..idx]).ok()
+ }
+ } else {
+ fn os_err(_errno: i32, _buf: &mut [u8]) -> Option<&str> {
+ None
+ }
+ }
+}
+
+impl fmt::Debug for Error {
+ fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+ let mut dbg = f.debug_struct("Error");
+ if let Some(errno) = self.raw_os_error() {
+ dbg.field("os_error", &errno);
+ let mut buf = [0u8; 128];
+ if let Some(err) = os_err(errno, &mut buf) {
+ dbg.field("description", &err);
+ }
+ } else if let Some(desc) = internal_desc(*self) {
+ dbg.field("internal_code", &self.0.get());
+ dbg.field("description", &desc);
+ } else {
+ dbg.field("unknown_code", &self.0.get());
+ }
+ dbg.finish()
+ }
+}
+
+impl fmt::Display for Error {
+ fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+ if let Some(errno) = self.raw_os_error() {
+ let mut buf = [0u8; 128];
+ match os_err(errno, &mut buf) {
+ Some(err) => err.fmt(f),
+ None => write!(f, "OS Error: {}", errno),
+ }
+ } else if let Some(desc) = internal_desc(*self) {
+ f.write_str(desc)
+ } else {
+ write!(f, "Unknown Error: {}", self.0.get())
+ }
+ }
+}
+
+impl From<NonZeroU32> for Error {
+ fn from(code: NonZeroU32) -> Self {
+ Self(code)
+ }
+}
+
+fn internal_desc(error: Error) -> Option<&'static str> {
+ match error {
+ Error::UNSUPPORTED => Some("getrandom: this target is not supported"),
+ Error::ERRNO_NOT_POSITIVE => Some("errno: did not return a positive value"),
+ Error::IOS_SEC_RANDOM => Some("SecRandomCopyBytes: iOS Security framework failure"),
+ Error::WINDOWS_RTL_GEN_RANDOM => Some("RtlGenRandom: Windows system function failure"),
+ Error::FAILED_RDRAND => Some("RDRAND: failed multiple times: CPU issue likely"),
+ Error::NO_RDRAND => Some("RDRAND: instruction not supported"),
+ Error::WEB_CRYPTO => Some("Web Crypto API is unavailable"),
+ Error::WEB_GET_RANDOM_VALUES => Some("Calling Web API crypto.getRandomValues failed"),
+ Error::VXWORKS_RAND_SECURE => Some("randSecure: VxWorks RNG module is not initialized"),
+ Error::NODE_CRYPTO => Some("Node.js crypto CommonJS module is unavailable"),
+ Error::NODE_RANDOM_FILL_SYNC => Some("Calling Node.js API crypto.randomFillSync failed"),
+ Error::NODE_ES_MODULE => Some("Node.js ES modules are not directly supported, see https://docs.rs/getrandom#nodejs-es-module-support"),
+ _ => None,
+ }
+}
+
+#[cfg(test)]
+mod tests {
+ use super::Error;
+ use core::mem::size_of;
+
+ #[test]
+ fn test_size() {
+ assert_eq!(size_of::<Error>(), 4);
+ assert_eq!(size_of::<Result<(), Error>>(), 4);
+ }
+}
diff --git a/third_party/rust/getrandom/src/error_impls.rs b/third_party/rust/getrandom/src/error_impls.rs
new file mode 100644
index 0000000000..61f46d2279
--- /dev/null
+++ b/third_party/rust/getrandom/src/error_impls.rs
@@ -0,0 +1,24 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+#![cfg_attr(docsrs, doc(cfg(feature = "std")))]
+extern crate std;
+
+use crate::Error;
+use core::convert::From;
+use std::io;
+
+impl From<Error> for io::Error {
+ fn from(err: Error) -> Self {
+ match err.raw_os_error() {
+ Some(errno) => io::Error::from_raw_os_error(errno),
+ None => io::Error::new(io::ErrorKind::Other, err),
+ }
+ }
+}
+
+impl std::error::Error for Error {}
diff --git a/third_party/rust/getrandom/src/espidf.rs b/third_party/rust/getrandom/src/espidf.rs
new file mode 100644
index 0000000000..d074dc4cec
--- /dev/null
+++ b/third_party/rust/getrandom/src/espidf.rs
@@ -0,0 +1,26 @@
+// Copyright 2021 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for ESP-IDF
+use crate::Error;
+use core::{ffi::c_void, mem::MaybeUninit};
+
+extern "C" {
+ fn esp_fill_random(buf: *mut c_void, len: usize) -> u32;
+}
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ // Not that NOT enabling WiFi, BT, or the voltage noise entropy source (via `bootloader_random_enable`)
+ // will cause ESP-IDF to return pseudo-random numbers based on the voltage noise entropy, after the initial boot process:
+ // https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/random.html
+ //
+ // However tracking if some of these entropy sources is enabled is way too difficult to implement here
+ unsafe { esp_fill_random(dest.as_mut_ptr().cast(), dest.len()) };
+
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/src/fuchsia.rs b/third_party/rust/getrandom/src/fuchsia.rs
new file mode 100644
index 0000000000..5a135f3430
--- /dev/null
+++ b/third_party/rust/getrandom/src/fuchsia.rs
@@ -0,0 +1,21 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for Fuchsia Zircon
+use crate::Error;
+use core::mem::MaybeUninit;
+
+#[link(name = "zircon")]
+extern "C" {
+ fn zx_cprng_draw(buffer: *mut u8, length: usize);
+}
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ unsafe { zx_cprng_draw(dest.as_mut_ptr() as *mut u8, dest.len()) }
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/src/hermit.rs b/third_party/rust/getrandom/src/hermit.rs
new file mode 100644
index 0000000000..570b03d9a5
--- /dev/null
+++ b/third_party/rust/getrandom/src/hermit.rs
@@ -0,0 +1,21 @@
+use crate::Error;
+use core::{cmp::min, mem::MaybeUninit, num::NonZeroU32};
+
+extern "C" {
+ fn sys_read_entropy(buffer: *mut u8, length: usize, flags: u32) -> isize;
+}
+
+pub fn getrandom_inner(mut dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ while !dest.is_empty() {
+ let res = unsafe { sys_read_entropy(dest.as_mut_ptr() as *mut u8, dest.len(), 0) };
+ if res < 0 {
+ // SAFETY: all Hermit error codes use i32 under the hood:
+ // https://github.com/hermitcore/libhermit-rs/blob/master/src/errno.rs
+ let code = unsafe { NonZeroU32::new_unchecked((-res) as u32) };
+ return Err(code.into());
+ }
+ let len = min(res as usize, dest.len());
+ dest = &mut dest[len..];
+ }
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/src/hurd.rs b/third_party/rust/getrandom/src/hurd.rs
new file mode 100644
index 0000000000..842b9bc481
--- /dev/null
+++ b/third_party/rust/getrandom/src/hurd.rs
@@ -0,0 +1,18 @@
+// Copyright 2021 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for GNU/Hurd
+use crate::util_libc::sys_fill_exact;
+use crate::Error;
+use core::mem::MaybeUninit;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ sys_fill_exact(dest, |buf| unsafe {
+ libc::getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
+ })
+}
diff --git a/third_party/rust/getrandom/src/js.rs b/third_party/rust/getrandom/src/js.rs
new file mode 100644
index 0000000000..d031282261
--- /dev/null
+++ b/third_party/rust/getrandom/src/js.rs
@@ -0,0 +1,161 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+use crate::Error;
+
+extern crate std;
+use std::{mem::MaybeUninit, thread_local};
+
+use js_sys::{global, Function, Uint8Array};
+use wasm_bindgen::{prelude::wasm_bindgen, JsCast, JsValue};
+
+// Size of our temporary Uint8Array buffer used with WebCrypto methods
+// Maximum is 65536 bytes see https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues
+const WEB_CRYPTO_BUFFER_SIZE: usize = 256;
+// Node.js's crypto.randomFillSync requires the size to be less than 2**31.
+const NODE_MAX_BUFFER_SIZE: usize = (1 << 31) - 1;
+
+enum RngSource {
+ Node(NodeCrypto),
+ Web(WebCrypto, Uint8Array),
+}
+
+// JsValues are always per-thread, so we initialize RngSource for each thread.
+// See: https://github.com/rustwasm/wasm-bindgen/pull/955
+thread_local!(
+ static RNG_SOURCE: Result<RngSource, Error> = getrandom_init();
+);
+
+pub(crate) fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ RNG_SOURCE.with(|result| {
+ let source = result.as_ref().map_err(|&e| e)?;
+
+ match source {
+ RngSource::Node(n) => {
+ for chunk in dest.chunks_mut(NODE_MAX_BUFFER_SIZE) {
+ // SAFETY: chunk is never used directly, the memory is only
+ // modified via the Uint8Array view, which is passed
+ // directly to JavaScript. Also, crypto.randomFillSync does
+ // not resize the buffer. We know the length is less than
+ // u32::MAX because of the chunking above.
+ // Note that this uses the fact that JavaScript doesn't
+ // have a notion of "uninitialized memory", this is purely
+ // a Rust/C/C++ concept.
+ let res = n.random_fill_sync(unsafe {
+ Uint8Array::view_mut_raw(chunk.as_mut_ptr() as *mut u8, chunk.len())
+ });
+ if res.is_err() {
+ return Err(Error::NODE_RANDOM_FILL_SYNC);
+ }
+ }
+ }
+ RngSource::Web(crypto, buf) => {
+ // getRandomValues does not work with all types of WASM memory,
+ // so we initially write to browser memory to avoid exceptions.
+ for chunk in dest.chunks_mut(WEB_CRYPTO_BUFFER_SIZE) {
+ // The chunk can be smaller than buf's length, so we call to
+ // JS to create a smaller view of buf without allocation.
+ let sub_buf = buf.subarray(0, chunk.len() as u32);
+
+ if crypto.get_random_values(&sub_buf).is_err() {
+ return Err(Error::WEB_GET_RANDOM_VALUES);
+ }
+
+ // SAFETY: `sub_buf`'s length is the same length as `chunk`
+ unsafe { sub_buf.raw_copy_to_ptr(chunk.as_mut_ptr() as *mut u8) };
+ }
+ }
+ };
+ Ok(())
+ })
+}
+
+fn getrandom_init() -> Result<RngSource, Error> {
+ let global: Global = global().unchecked_into();
+
+ // Get the Web Crypto interface if we are in a browser, Web Worker, Deno,
+ // or another environment that supports the Web Cryptography API. This
+ // also allows for user-provided polyfills in unsupported environments.
+ let crypto = match global.crypto() {
+ // Standard Web Crypto interface
+ c if c.is_object() => c,
+ // Node.js CommonJS Crypto module
+ _ if is_node(&global) => {
+ // If module.require isn't a valid function, we are in an ES module.
+ match Module::require_fn().and_then(JsCast::dyn_into::<Function>) {
+ Ok(require_fn) => match require_fn.call1(&global, &JsValue::from_str("crypto")) {
+ Ok(n) => return Ok(RngSource::Node(n.unchecked_into())),
+ Err(_) => return Err(Error::NODE_CRYPTO),
+ },
+ Err(_) => return Err(Error::NODE_ES_MODULE),
+ }
+ }
+ // IE 11 Workaround
+ _ => match global.ms_crypto() {
+ c if c.is_object() => c,
+ _ => return Err(Error::WEB_CRYPTO),
+ },
+ };
+
+ let buf = Uint8Array::new_with_length(WEB_CRYPTO_BUFFER_SIZE as u32);
+ Ok(RngSource::Web(crypto, buf))
+}
+
+// Taken from https://www.npmjs.com/package/browser-or-node
+fn is_node(global: &Global) -> bool {
+ let process = global.process();
+ if process.is_object() {
+ let versions = process.versions();
+ if versions.is_object() {
+ return versions.node().is_string();
+ }
+ }
+ false
+}
+
+#[wasm_bindgen]
+extern "C" {
+ // Return type of js_sys::global()
+ type Global;
+
+ // Web Crypto API: Crypto interface (https://www.w3.org/TR/WebCryptoAPI/)
+ type WebCrypto;
+ // Getters for the WebCrypto API
+ #[wasm_bindgen(method, getter)]
+ fn crypto(this: &Global) -> WebCrypto;
+ #[wasm_bindgen(method, getter, js_name = msCrypto)]
+ fn ms_crypto(this: &Global) -> WebCrypto;
+ // Crypto.getRandomValues()
+ #[wasm_bindgen(method, js_name = getRandomValues, catch)]
+ fn get_random_values(this: &WebCrypto, buf: &Uint8Array) -> Result<(), JsValue>;
+
+ // Node JS crypto module (https://nodejs.org/api/crypto.html)
+ type NodeCrypto;
+ // crypto.randomFillSync()
+ #[wasm_bindgen(method, js_name = randomFillSync, catch)]
+ fn random_fill_sync(this: &NodeCrypto, buf: Uint8Array) -> Result<(), JsValue>;
+
+ // Ideally, we would just use `fn require(s: &str)` here. However, doing
+ // this causes a Webpack warning. So we instead return the function itself
+ // and manually invoke it using call1. This also lets us to check that the
+ // function actually exists, allowing for better error messages. See:
+ // https://github.com/rust-random/getrandom/issues/224
+ // https://github.com/rust-random/getrandom/issues/256
+ type Module;
+ #[wasm_bindgen(getter, static_method_of = Module, js_class = module, js_name = require, catch)]
+ fn require_fn() -> Result<JsValue, JsValue>;
+
+ // Node JS process Object (https://nodejs.org/api/process.html)
+ #[wasm_bindgen(method, getter)]
+ fn process(this: &Global) -> Process;
+ type Process;
+ #[wasm_bindgen(method, getter)]
+ fn versions(this: &Process) -> Versions;
+ type Versions;
+ #[wasm_bindgen(method, getter)]
+ fn node(this: &Versions) -> JsValue;
+}
diff --git a/third_party/rust/getrandom/src/lib.rs b/third_party/rust/getrandom/src/lib.rs
new file mode 100644
index 0000000000..10cc227377
--- /dev/null
+++ b/third_party/rust/getrandom/src/lib.rs
@@ -0,0 +1,351 @@
+// Copyright 2019 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Interface to the operating system's random number generator.
+//!
+//! # Supported targets
+//!
+//! | Target | Target Triple | Implementation
+//! | ----------------- | ------------------ | --------------
+//! | Linux, Android | `*‑linux‑*` | [`getrandom`][1] system call if available, otherwise [`/dev/urandom`][2] after successfully polling `/dev/random`
+//! | Windows | `*‑windows‑*` | [`BCryptGenRandom`]
+//! | macOS | `*‑apple‑darwin` | [`getentropy`][3] if available, otherwise [`/dev/urandom`][4] (identical to `/dev/random`)
+//! | iOS, tvOS, watchOS | `*‑apple‑ios`, `*-apple-tvos`, `*-apple-watchos` | [`SecRandomCopyBytes`]
+//! | FreeBSD | `*‑freebsd` | [`getrandom`][5] if available, otherwise [`kern.arandom`][6]
+//! | OpenBSD | `*‑openbsd` | [`getentropy`][7]
+//! | NetBSD | `*‑netbsd` | [`getrandom`][16] if available, otherwise [`kern.arandom`][8]
+//! | Dragonfly BSD | `*‑dragonfly` | [`getrandom`][9] if available, otherwise [`/dev/urandom`][10] (identical to `/dev/random`)
+//! | Solaris, illumos | `*‑solaris`, `*‑illumos` | [`getrandom`][11] if available, otherwise [`/dev/random`][12]
+//! | Fuchsia OS | `*‑fuchsia` | [`cprng_draw`]
+//! | Redox | `*‑redox` | `/dev/urandom`
+//! | Haiku | `*‑haiku` | `/dev/urandom` (identical to `/dev/random`)
+//! | Hermit | `*-hermit` | [`sys_read_entropy`]
+//! | Hurd | `*-hurd-*` | [`getrandom`][17]
+//! | SGX | `x86_64‑*‑sgx` | [`RDRAND`]
+//! | VxWorks | `*‑wrs‑vxworks‑*` | `randABytes` after checking entropy pool initialization with `randSecure`
+//! | ESP-IDF | `*‑espidf` | [`esp_fill_random`]
+//! | Emscripten | `*‑emscripten` | [`getentropy`][13]
+//! | WASI | `wasm32‑wasi` | [`random_get`]
+//! | Web Browser and Node.js | `wasm*‑*‑unknown` | [`Crypto.getRandomValues`] if available, then [`crypto.randomFillSync`] if on Node.js, see [WebAssembly support]
+//! | SOLID | `*-kmc-solid_*` | `SOLID_RNG_SampleRandomBytes`
+//! | Nintendo 3DS | `armv6k-nintendo-3ds` | [`getrandom`][1]
+//! | PS Vita | `armv7-sony-vita-newlibeabihf` | [`getentropy`][13]
+//! | QNX Neutrino | `*‑nto-qnx*` | [`/dev/urandom`][14] (identical to `/dev/random`)
+//! | AIX | `*-ibm-aix` | [`/dev/urandom`][15]
+//!
+//! There is no blanket implementation on `unix` targets that reads from
+//! `/dev/urandom`. This ensures all supported targets are using the recommended
+//! interface and respect maximum buffer sizes.
+//!
+//! Pull Requests that add support for new targets to `getrandom` are always welcome.
+//!
+//! ## Unsupported targets
+//!
+//! By default, `getrandom` will not compile on unsupported targets, but certain
+//! features allow a user to select a "fallback" implementation if no supported
+//! implementation exists.
+//!
+//! All of the below mechanisms only affect unsupported
+//! targets. Supported targets will _always_ use their supported implementations.
+//! This prevents a crate from overriding a secure source of randomness
+//! (either accidentally or intentionally).
+//!
+//! ### RDRAND on x86
+//!
+//! *If the `rdrand` Cargo feature is enabled*, `getrandom` will fallback to using
+//! the [`RDRAND`] instruction to get randomness on `no_std` `x86`/`x86_64`
+//! targets. This feature has no effect on other CPU architectures.
+//!
+//! ### WebAssembly support
+//!
+//! This crate fully supports the
+//! [`wasm32-wasi`](https://github.com/CraneStation/wasi) and
+//! [`wasm32-unknown-emscripten`](https://www.hellorust.com/setup/emscripten/)
+//! targets. However, the `wasm32-unknown-unknown` target (i.e. the target used
+//! by `wasm-pack`) is not automatically
+//! supported since, from the target name alone, we cannot deduce which
+//! JavaScript interface is in use (or if JavaScript is available at all).
+//!
+//! Instead, *if the `js` Cargo feature is enabled*, this crate will assume
+//! that you are building for an environment containing JavaScript, and will
+//! call the appropriate methods. Both web browser (main window and Web Workers)
+//! and Node.js environments are supported, invoking the methods
+//! [described above](#supported-targets) using the [`wasm-bindgen`] toolchain.
+//!
+//! To enable the `js` Cargo feature, add the following to the `dependencies`
+//! section in your `Cargo.toml` file:
+//! ```toml
+//! [dependencies]
+//! getrandom = { version = "0.2", features = ["js"] }
+//! ```
+//!
+//! This can be done even if `getrandom` is not a direct dependency. Cargo
+//! allows crates to enable features for indirect dependencies.
+//!
+//! This feature should only be enabled for binary, test, or benchmark crates.
+//! Library crates should generally not enable this feature, leaving such a
+//! decision to *users* of their library. Also, libraries should not introduce
+//! their own `js` features *just* to enable `getrandom`'s `js` feature.
+//!
+//! This feature has no effect on targets other than `wasm32-unknown-unknown`.
+//!
+//! #### Node.js ES module support
+//!
+//! Node.js supports both [CommonJS modules] and [ES modules]. Due to
+//! limitations in wasm-bindgen's [`module`] support, we cannot directly
+//! support ES Modules running on Node.js. However, on Node v15 and later, the
+//! module author can add a simple shim to support the Web Cryptography API:
+//! ```js
+//! import { webcrypto } from 'node:crypto'
+//! globalThis.crypto = webcrypto
+//! ```
+//! This crate will then use the provided `webcrypto` implementation.
+//!
+//! ### Custom implementations
+//!
+//! The [`register_custom_getrandom!`] macro allows a user to mark their own
+//! function as the backing implementation for [`getrandom`]. See the macro's
+//! documentation for more information about writing and registering your own
+//! custom implementations.
+//!
+//! Note that registering a custom implementation only has an effect on targets
+//! that would otherwise not compile. Any supported targets (including those
+//! using `rdrand` and `js` Cargo features) continue using their normal
+//! implementations even if a function is registered.
+//!
+//! ## Early boot
+//!
+//! Sometimes, early in the boot process, the OS has not collected enough
+//! entropy to securely seed its RNG. This is especially common on virtual
+//! machines, where standard "random" events are hard to come by.
+//!
+//! Some operating system interfaces always block until the RNG is securely
+//! seeded. This can take anywhere from a few seconds to more than a minute.
+//! A few (Linux, NetBSD and Solaris) offer a choice between blocking and
+//! getting an error; in these cases, we always choose to block.
+//!
+//! On Linux (when the `getrandom` system call is not available), reading from
+//! `/dev/urandom` never blocks, even when the OS hasn't collected enough
+//! entropy yet. To avoid returning low-entropy bytes, we first poll
+//! `/dev/random` and only switch to `/dev/urandom` once this has succeeded.
+//!
+//! On OpenBSD, this kind of entropy accounting isn't available, and on
+//! NetBSD, blocking on it is discouraged. On these platforms, nonblocking
+//! interfaces are used, even when reliable entropy may not be available.
+//! On the platforms where it is used, the reliability of entropy accounting
+//! itself isn't free from controversy. This library provides randomness
+//! sourced according to the platform's best practices, but each platform has
+//! its own limits on the grade of randomness it can promise in environments
+//! with few sources of entropy.
+//!
+//! ## Error handling
+//!
+//! We always choose failure over returning known insecure "random" bytes. In
+//! general, on supported platforms, failure is highly unlikely, though not
+//! impossible. If an error does occur, then it is likely that it will occur
+//! on every call to `getrandom`, hence after the first successful call one
+//! can be reasonably confident that no errors will occur.
+//!
+//! [1]: http://man7.org/linux/man-pages/man2/getrandom.2.html
+//! [2]: http://man7.org/linux/man-pages/man4/urandom.4.html
+//! [3]: https://www.unix.com/man-page/mojave/2/getentropy/
+//! [4]: https://www.unix.com/man-page/mojave/4/urandom/
+//! [5]: https://www.freebsd.org/cgi/man.cgi?query=getrandom&manpath=FreeBSD+12.0-stable
+//! [6]: https://www.freebsd.org/cgi/man.cgi?query=random&sektion=4
+//! [7]: https://man.openbsd.org/getentropy.2
+//! [8]: https://man.netbsd.org/sysctl.7
+//! [9]: https://leaf.dragonflybsd.org/cgi/web-man?command=getrandom
+//! [10]: https://leaf.dragonflybsd.org/cgi/web-man?command=random&section=4
+//! [11]: https://docs.oracle.com/cd/E88353_01/html/E37841/getrandom-2.html
+//! [12]: https://docs.oracle.com/cd/E86824_01/html/E54777/random-7d.html
+//! [13]: https://github.com/emscripten-core/emscripten/pull/12240
+//! [14]: https://www.qnx.com/developers/docs/7.1/index.html#com.qnx.doc.neutrino.utilities/topic/r/random.html
+//! [15]: https://www.ibm.com/docs/en/aix/7.3?topic=files-random-urandom-devices
+//! [16]: https://man.netbsd.org/getrandom.2
+//! [17]: https://www.gnu.org/software/libc/manual/html_mono/libc.html#index-getrandom
+//!
+//! [`BCryptGenRandom`]: https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom
+//! [`Crypto.getRandomValues`]: https://www.w3.org/TR/WebCryptoAPI/#Crypto-method-getRandomValues
+//! [`RDRAND`]: https://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide
+//! [`SecRandomCopyBytes`]: https://developer.apple.com/documentation/security/1399291-secrandomcopybytes?language=objc
+//! [`cprng_draw`]: https://fuchsia.dev/fuchsia-src/zircon/syscalls/cprng_draw
+//! [`crypto.randomFillSync`]: https://nodejs.org/api/crypto.html#cryptorandomfillsyncbuffer-offset-size
+//! [`esp_fill_random`]: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/random.html#_CPPv415esp_fill_randomPv6size_t
+//! [`random_get`]: https://github.com/WebAssembly/WASI/blob/main/phases/snapshot/docs.md#-random_getbuf-pointeru8-buf_len-size---errno
+//! [WebAssembly support]: #webassembly-support
+//! [`wasm-bindgen`]: https://github.com/rustwasm/wasm-bindgen
+//! [`module`]: https://rustwasm.github.io/wasm-bindgen/reference/attributes/on-js-imports/module.html
+//! [CommonJS modules]: https://nodejs.org/api/modules.html
+//! [ES modules]: https://nodejs.org/api/esm.html
+//! [`sys_read_entropy`]: https://github.com/hermit-os/kernel/blob/315f58ff5efc81d9bf0618af85a59963ff55f8b1/src/syscalls/entropy.rs#L47-L55
+
+#![doc(
+ html_logo_url = "https://www.rust-lang.org/logos/rust-logo-128x128-blk.png",
+ html_favicon_url = "https://www.rust-lang.org/favicon.ico",
+ html_root_url = "https://docs.rs/getrandom/0.2.11"
+)]
+#![no_std]
+#![warn(rust_2018_idioms, unused_lifetimes, missing_docs)]
+#![cfg_attr(docsrs, feature(doc_cfg))]
+
+#[macro_use]
+extern crate cfg_if;
+
+use crate::util::{slice_as_uninit_mut, slice_assume_init_mut};
+use core::mem::MaybeUninit;
+
+mod error;
+mod util;
+// To prevent a breaking change when targets are added, we always export the
+// register_custom_getrandom macro, so old Custom RNG crates continue to build.
+#[cfg(feature = "custom")]
+mod custom;
+#[cfg(feature = "std")]
+mod error_impls;
+
+pub use crate::error::Error;
+
+// System-specific implementations.
+//
+// These should all provide getrandom_inner with the signature
+// `fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error>`.
+// The function MUST fully initialize `dest` when `Ok(())` is returned.
+// The function MUST NOT ever write uninitialized bytes into `dest`,
+// regardless of what value it returns.
+cfg_if! {
+ if #[cfg(any(target_os = "haiku", target_os = "redox", target_os = "nto", target_os = "aix"))] {
+ mod util_libc;
+ #[path = "use_file.rs"] mod imp;
+ } else if #[cfg(any(target_os = "android", target_os = "linux"))] {
+ mod util_libc;
+ mod use_file;
+ #[path = "linux_android.rs"] mod imp;
+ } else if #[cfg(any(target_os = "illumos", target_os = "solaris"))] {
+ mod util_libc;
+ mod use_file;
+ #[path = "solaris_illumos.rs"] mod imp;
+ } else if #[cfg(any(target_os = "freebsd", target_os = "netbsd"))] {
+ mod util_libc;
+ #[path = "bsd_arandom.rs"] mod imp;
+ } else if #[cfg(target_os = "dragonfly")] {
+ mod util_libc;
+ mod use_file;
+ #[path = "dragonfly.rs"] mod imp;
+ } else if #[cfg(target_os = "fuchsia")] {
+ #[path = "fuchsia.rs"] mod imp;
+ } else if #[cfg(any(target_os = "ios", target_os = "watchos", target_os = "tvos"))] {
+ #[path = "apple-other.rs"] mod imp;
+ } else if #[cfg(target_os = "macos")] {
+ mod util_libc;
+ mod use_file;
+ #[path = "macos.rs"] mod imp;
+ } else if #[cfg(target_os = "openbsd")] {
+ mod util_libc;
+ #[path = "openbsd.rs"] mod imp;
+ } else if #[cfg(all(target_arch = "wasm32", target_os = "wasi"))] {
+ #[path = "wasi.rs"] mod imp;
+ } else if #[cfg(target_os = "hermit")] {
+ #[path = "hermit.rs"] mod imp;
+ } else if #[cfg(target_os = "vxworks")] {
+ mod util_libc;
+ #[path = "vxworks.rs"] mod imp;
+ } else if #[cfg(target_os = "solid_asp3")] {
+ #[path = "solid.rs"] mod imp;
+ } else if #[cfg(target_os = "espidf")] {
+ #[path = "espidf.rs"] mod imp;
+ } else if #[cfg(windows)] {
+ #[path = "windows.rs"] mod imp;
+ } else if #[cfg(all(target_os = "horizon", target_arch = "arm"))] {
+ // We check for target_arch = "arm" because the Nintendo Switch also
+ // uses Horizon OS (it is aarch64).
+ mod util_libc;
+ #[path = "3ds.rs"] mod imp;
+ } else if #[cfg(target_os = "vita")] {
+ mod util_libc;
+ #[path = "vita.rs"] mod imp;
+ } else if #[cfg(target_os = "emscripten")] {
+ mod util_libc;
+ #[path = "emscripten.rs"] mod imp;
+ } else if #[cfg(all(target_arch = "x86_64", target_env = "sgx"))] {
+ #[path = "rdrand.rs"] mod imp;
+ } else if #[cfg(all(feature = "rdrand",
+ any(target_arch = "x86_64", target_arch = "x86")))] {
+ #[path = "rdrand.rs"] mod imp;
+ } else if #[cfg(all(feature = "js",
+ any(target_arch = "wasm32", target_arch = "wasm64"),
+ target_os = "unknown"))] {
+ #[path = "js.rs"] mod imp;
+ } else if #[cfg(target_os = "hurd")] {
+ mod util_libc;
+ #[path = "hurd.rs"] mod imp;
+ } else if #[cfg(feature = "custom")] {
+ use custom as imp;
+ } else if #[cfg(all(any(target_arch = "wasm32", target_arch = "wasm64"),
+ target_os = "unknown"))] {
+ compile_error!("the wasm*-unknown-unknown targets are not supported by \
+ default, you may need to enable the \"js\" feature. \
+ For more information see: \
+ https://docs.rs/getrandom/#webassembly-support");
+ } else {
+ compile_error!("target is not supported, for more information see: \
+ https://docs.rs/getrandom/#unsupported-targets");
+ }
+}
+
+/// Fill `dest` with random bytes from the system's preferred random number
+/// source.
+///
+/// This function returns an error on any failure, including partial reads. We
+/// make no guarantees regarding the contents of `dest` on error. If `dest` is
+/// empty, `getrandom` immediately returns success, making no calls to the
+/// underlying operating system.
+///
+/// Blocking is possible, at least during early boot; see module documentation.
+///
+/// In general, `getrandom` will be fast enough for interactive usage, though
+/// significantly slower than a user-space CSPRNG; for the latter consider
+/// [`rand::thread_rng`](https://docs.rs/rand/*/rand/fn.thread_rng.html).
+#[inline]
+pub fn getrandom(dest: &mut [u8]) -> Result<(), Error> {
+ // SAFETY: The `&mut MaybeUninit<_>` reference doesn't escape, and
+ // `getrandom_uninit` guarantees it will never de-initialize any part of
+ // `dest`.
+ getrandom_uninit(unsafe { slice_as_uninit_mut(dest) })?;
+ Ok(())
+}
+
+/// Version of the `getrandom` function which fills `dest` with random bytes
+/// returns a mutable reference to those bytes.
+///
+/// On successful completion this function is guaranteed to return a slice
+/// which points to the same memory as `dest` and has the same length.
+/// In other words, it's safe to assume that `dest` is initialized after
+/// this function has returned `Ok`.
+///
+/// No part of `dest` will ever be de-initialized at any point, regardless
+/// of what is returned.
+///
+/// # Examples
+///
+/// ```ignore
+/// # // We ignore this test since `uninit_array` is unstable.
+/// #![feature(maybe_uninit_uninit_array)]
+/// # fn main() -> Result<(), getrandom::Error> {
+/// let mut buf = core::mem::MaybeUninit::uninit_array::<1024>();
+/// let buf: &mut [u8] = getrandom::getrandom_uninit(&mut buf)?;
+/// # Ok(()) }
+/// ```
+#[inline]
+pub fn getrandom_uninit(dest: &mut [MaybeUninit<u8>]) -> Result<&mut [u8], Error> {
+ if !dest.is_empty() {
+ imp::getrandom_inner(dest)?;
+ }
+ // SAFETY: `dest` has been fully initialized by `imp::getrandom_inner`
+ // since it returned `Ok`.
+ Ok(unsafe { slice_assume_init_mut(dest) })
+}
diff --git a/third_party/rust/getrandom/src/linux_android.rs b/third_party/rust/getrandom/src/linux_android.rs
new file mode 100644
index 0000000000..e81f1e1533
--- /dev/null
+++ b/third_party/rust/getrandom/src/linux_android.rs
@@ -0,0 +1,48 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for Linux / Android
+use crate::{
+ util::LazyBool,
+ util_libc::{last_os_error, sys_fill_exact},
+ {use_file, Error},
+};
+use core::mem::MaybeUninit;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ // getrandom(2) was introduced in Linux 3.17
+ static HAS_GETRANDOM: LazyBool = LazyBool::new();
+ if HAS_GETRANDOM.unsync_init(is_getrandom_available) {
+ sys_fill_exact(dest, |buf| unsafe {
+ getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
+ })
+ } else {
+ use_file::getrandom_inner(dest)
+ }
+}
+
+fn is_getrandom_available() -> bool {
+ let res = unsafe { getrandom(core::ptr::null_mut(), 0, libc::GRND_NONBLOCK) };
+ if res < 0 {
+ match last_os_error().raw_os_error() {
+ Some(libc::ENOSYS) => false, // No kernel support
+ Some(libc::EPERM) => false, // Blocked by seccomp
+ _ => true,
+ }
+ } else {
+ true
+ }
+}
+
+unsafe fn getrandom(
+ buf: *mut libc::c_void,
+ buflen: libc::size_t,
+ flags: libc::c_uint,
+) -> libc::ssize_t {
+ libc::syscall(libc::SYS_getrandom, buf, buflen, flags) as libc::ssize_t
+}
diff --git a/third_party/rust/getrandom/src/macos.rs b/third_party/rust/getrandom/src/macos.rs
new file mode 100644
index 0000000000..312f9b27f0
--- /dev/null
+++ b/third_party/rust/getrandom/src/macos.rs
@@ -0,0 +1,36 @@
+// Copyright 2019 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for macOS
+use crate::{
+ use_file,
+ util_libc::{last_os_error, Weak},
+ Error,
+};
+use core::mem::{self, MaybeUninit};
+
+type GetEntropyFn = unsafe extern "C" fn(*mut u8, libc::size_t) -> libc::c_int;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ // getentropy(2) was added in 10.12, Rust supports 10.7+
+ static GETENTROPY: Weak = unsafe { Weak::new("getentropy\0") };
+ if let Some(fptr) = GETENTROPY.ptr() {
+ let func: GetEntropyFn = unsafe { mem::transmute(fptr) };
+ for chunk in dest.chunks_mut(256) {
+ let ret = unsafe { func(chunk.as_mut_ptr() as *mut u8, chunk.len()) };
+ if ret != 0 {
+ return Err(last_os_error());
+ }
+ }
+ Ok(())
+ } else {
+ // We fallback to reading from /dev/random instead of SecRandomCopyBytes
+ // to avoid high startup costs and linking the Security framework.
+ use_file::getrandom_inner(dest)
+ }
+}
diff --git a/third_party/rust/getrandom/src/openbsd.rs b/third_party/rust/getrandom/src/openbsd.rs
new file mode 100644
index 0000000000..7a76f61d5b
--- /dev/null
+++ b/third_party/rust/getrandom/src/openbsd.rs
@@ -0,0 +1,22 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for OpenBSD
+use crate::{util_libc::last_os_error, Error};
+use core::mem::MaybeUninit;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ // getentropy(2) was added in OpenBSD 5.6, so we can use it unconditionally.
+ for chunk in dest.chunks_mut(256) {
+ let ret = unsafe { libc::getentropy(chunk.as_mut_ptr() as *mut libc::c_void, chunk.len()) };
+ if ret == -1 {
+ return Err(last_os_error());
+ }
+ }
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/src/rdrand.rs b/third_party/rust/getrandom/src/rdrand.rs
new file mode 100644
index 0000000000..69f6a5d13e
--- /dev/null
+++ b/third_party/rust/getrandom/src/rdrand.rs
@@ -0,0 +1,130 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+use crate::{
+ util::{slice_as_uninit, LazyBool},
+ Error,
+};
+use core::mem::{size_of, MaybeUninit};
+
+cfg_if! {
+ if #[cfg(target_arch = "x86_64")] {
+ use core::arch::x86_64 as arch;
+ use arch::_rdrand64_step as rdrand_step;
+ } else if #[cfg(target_arch = "x86")] {
+ use core::arch::x86 as arch;
+ use arch::_rdrand32_step as rdrand_step;
+ }
+}
+
+// Recommendation from "Intel® Digital Random Number Generator (DRNG) Software
+// Implementation Guide" - Section 5.2.1 and "Intel® 64 and IA-32 Architectures
+// Software Developer’s Manual" - Volume 1 - Section 7.3.17.1.
+const RETRY_LIMIT: usize = 10;
+
+#[target_feature(enable = "rdrand")]
+unsafe fn rdrand() -> Option<usize> {
+ for _ in 0..RETRY_LIMIT {
+ let mut val = 0;
+ if rdrand_step(&mut val) == 1 {
+ return Some(val as usize);
+ }
+ }
+ None
+}
+
+// "rdrand" target feature requires "+rdrand" flag, see https://github.com/rust-lang/rust/issues/49653.
+#[cfg(all(target_env = "sgx", not(target_feature = "rdrand")))]
+compile_error!(
+ "SGX targets require 'rdrand' target feature. Enable by using -C target-feature=+rdrand."
+);
+
+// Run a small self-test to make sure we aren't repeating values
+// Adapted from Linux's test in arch/x86/kernel/cpu/rdrand.c
+// Fails with probability < 2^(-90) on 32-bit systems
+#[target_feature(enable = "rdrand")]
+unsafe fn self_test() -> bool {
+ // On AMD, RDRAND returns 0xFF...FF on failure, count it as a collision.
+ let mut prev = !0; // TODO(MSRV 1.43): Move to usize::MAX
+ let mut fails = 0;
+ for _ in 0..8 {
+ match rdrand() {
+ Some(val) if val == prev => fails += 1,
+ Some(val) => prev = val,
+ None => return false,
+ };
+ }
+ fails <= 2
+}
+
+fn is_rdrand_good() -> bool {
+ #[cfg(not(target_feature = "rdrand"))]
+ {
+ // SAFETY: All Rust x86 targets are new enough to have CPUID, and we
+ // check that leaf 1 is supported before using it.
+ let cpuid0 = unsafe { arch::__cpuid(0) };
+ if cpuid0.eax < 1 {
+ return false;
+ }
+ let cpuid1 = unsafe { arch::__cpuid(1) };
+
+ let vendor_id = [
+ cpuid0.ebx.to_le_bytes(),
+ cpuid0.edx.to_le_bytes(),
+ cpuid0.ecx.to_le_bytes(),
+ ];
+ if vendor_id == [*b"Auth", *b"enti", *b"cAMD"] {
+ let mut family = (cpuid1.eax >> 8) & 0xF;
+ if family == 0xF {
+ family += (cpuid1.eax >> 20) & 0xFF;
+ }
+ // AMD CPUs families before 17h (Zen) sometimes fail to set CF when
+ // RDRAND fails after suspend. Don't use RDRAND on those families.
+ // See https://bugzilla.redhat.com/show_bug.cgi?id=1150286
+ if family < 0x17 {
+ return false;
+ }
+ }
+
+ const RDRAND_FLAG: u32 = 1 << 30;
+ if cpuid1.ecx & RDRAND_FLAG == 0 {
+ return false;
+ }
+ }
+
+ // SAFETY: We have already checked that rdrand is available.
+ unsafe { self_test() }
+}
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ static RDRAND_GOOD: LazyBool = LazyBool::new();
+ if !RDRAND_GOOD.unsync_init(is_rdrand_good) {
+ return Err(Error::NO_RDRAND);
+ }
+ // SAFETY: After this point, we know rdrand is supported.
+ unsafe { rdrand_exact(dest) }.ok_or(Error::FAILED_RDRAND)
+}
+
+// TODO: make this function safe when we have feature(target_feature_11)
+#[target_feature(enable = "rdrand")]
+unsafe fn rdrand_exact(dest: &mut [MaybeUninit<u8>]) -> Option<()> {
+ // We use chunks_exact_mut instead of chunks_mut as it allows almost all
+ // calls to memcpy to be elided by the compiler.
+ let mut chunks = dest.chunks_exact_mut(size_of::<usize>());
+ for chunk in chunks.by_ref() {
+ let src = rdrand()?.to_ne_bytes();
+ chunk.copy_from_slice(slice_as_uninit(&src));
+ }
+
+ let tail = chunks.into_remainder();
+ let n = tail.len();
+ if n > 0 {
+ let src = rdrand()?.to_ne_bytes();
+ tail.copy_from_slice(slice_as_uninit(&src[..n]));
+ }
+ Some(())
+}
diff --git a/third_party/rust/getrandom/src/solaris_illumos.rs b/third_party/rust/getrandom/src/solaris_illumos.rs
new file mode 100644
index 0000000000..501c610d77
--- /dev/null
+++ b/third_party/rust/getrandom/src/solaris_illumos.rs
@@ -0,0 +1,49 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for the Solaris family
+//!
+//! `/dev/random` uses the Hash_DRBG with SHA512 algorithm from NIST SP 800-90A.
+//! `/dev/urandom` uses the FIPS 186-2 algorithm, which is considered less
+//! secure. We choose to read from `/dev/random` (and use GRND_RANDOM).
+//!
+//! Solaris 11.3 and late-2018 illumos added the getrandom(2) libc function.
+//! To make sure we can compile on both Solaris and its derivatives, as well as
+//! function, we check for the existence of getrandom(2) in libc by calling
+//! libc::dlsym.
+use crate::{
+ use_file,
+ util_libc::{sys_fill_exact, Weak},
+ Error,
+};
+use core::mem::{self, MaybeUninit};
+
+static GETRANDOM: Weak = unsafe { Weak::new("getrandom\0") };
+type GetRandomFn =
+ unsafe extern "C" fn(*mut libc::c_void, libc::size_t, libc::c_uint) -> libc::ssize_t;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ if let Some(fptr) = GETRANDOM.ptr() {
+ let func: GetRandomFn = unsafe { mem::transmute(fptr) };
+ // 256 bytes is the lowest common denominator across all the Solaris
+ // derived platforms for atomically obtaining random data.
+ for chunk in dest.chunks_mut(256) {
+ sys_fill_exact(chunk, |buf| unsafe {
+ // A cast is needed for the flags as libc uses the wrong type.
+ func(
+ buf.as_mut_ptr() as *mut libc::c_void,
+ buf.len(),
+ libc::GRND_RANDOM as libc::c_uint,
+ )
+ })?
+ }
+ Ok(())
+ } else {
+ use_file::getrandom_inner(dest)
+ }
+}
diff --git a/third_party/rust/getrandom/src/solid.rs b/third_party/rust/getrandom/src/solid.rs
new file mode 100644
index 0000000000..aeccc4e2bd
--- /dev/null
+++ b/third_party/rust/getrandom/src/solid.rs
@@ -0,0 +1,26 @@
+// Copyright 2021 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for SOLID
+use crate::Error;
+use core::{mem::MaybeUninit, num::NonZeroU32};
+
+extern "C" {
+ pub fn SOLID_RNG_SampleRandomBytes(buffer: *mut u8, length: usize) -> i32;
+}
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ let ret = unsafe { SOLID_RNG_SampleRandomBytes(dest.as_mut_ptr() as *mut u8, dest.len()) };
+ if ret >= 0 {
+ Ok(())
+ } else {
+ // ITRON error numbers are always negative, so we negate it so that it
+ // falls in the dedicated OS error range (1..INTERNAL_START).
+ Err(NonZeroU32::new((-ret) as u32).unwrap().into())
+ }
+}
diff --git a/third_party/rust/getrandom/src/use_file.rs b/third_party/rust/getrandom/src/use_file.rs
new file mode 100644
index 0000000000..a6ef0d2350
--- /dev/null
+++ b/third_party/rust/getrandom/src/use_file.rs
@@ -0,0 +1,138 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementations that just need to read from a file
+use crate::{
+ util::LazyUsize,
+ util_libc::{open_readonly, sys_fill_exact},
+ Error,
+};
+use core::{
+ cell::UnsafeCell,
+ mem::MaybeUninit,
+ sync::atomic::{AtomicUsize, Ordering::Relaxed},
+};
+
+// We prefer using /dev/urandom and only use /dev/random if the OS
+// documentation indicates that /dev/urandom is insecure.
+// On Solaris/Illumos, see src/solaris_illumos.rs
+// On Dragonfly, Haiku, macOS, and QNX Neutrino the devices are identical.
+#[cfg(any(target_os = "solaris", target_os = "illumos"))]
+const FILE_PATH: &str = "/dev/random\0";
+#[cfg(any(
+ target_os = "aix",
+ target_os = "android",
+ target_os = "linux",
+ target_os = "redox",
+ target_os = "dragonfly",
+ target_os = "haiku",
+ target_os = "macos",
+ target_os = "nto",
+))]
+const FILE_PATH: &str = "/dev/urandom\0";
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ let fd = get_rng_fd()?;
+ sys_fill_exact(dest, |buf| unsafe {
+ libc::read(fd, buf.as_mut_ptr() as *mut libc::c_void, buf.len())
+ })
+}
+
+// Returns the file descriptor for the device file used to retrieve random
+// bytes. The file will be opened exactly once. All subsequent calls will
+// return the same file descriptor. This file descriptor is never closed.
+fn get_rng_fd() -> Result<libc::c_int, Error> {
+ static FD: AtomicUsize = AtomicUsize::new(LazyUsize::UNINIT);
+ fn get_fd() -> Option<libc::c_int> {
+ match FD.load(Relaxed) {
+ LazyUsize::UNINIT => None,
+ val => Some(val as libc::c_int),
+ }
+ }
+
+ // Use double-checked locking to avoid acquiring the lock if possible.
+ if let Some(fd) = get_fd() {
+ return Ok(fd);
+ }
+
+ // SAFETY: We use the mutex only in this method, and we always unlock it
+ // before returning, making sure we don't violate the pthread_mutex_t API.
+ static MUTEX: Mutex = Mutex::new();
+ unsafe { MUTEX.lock() };
+ let _guard = DropGuard(|| unsafe { MUTEX.unlock() });
+
+ if let Some(fd) = get_fd() {
+ return Ok(fd);
+ }
+
+ // On Linux, /dev/urandom might return insecure values.
+ #[cfg(any(target_os = "android", target_os = "linux"))]
+ wait_until_rng_ready()?;
+
+ let fd = unsafe { open_readonly(FILE_PATH)? };
+ // The fd always fits in a usize without conflicting with UNINIT.
+ debug_assert!(fd >= 0 && (fd as usize) < LazyUsize::UNINIT);
+ FD.store(fd as usize, Relaxed);
+
+ Ok(fd)
+}
+
+// Succeeds once /dev/urandom is safe to read from
+#[cfg(any(target_os = "android", target_os = "linux"))]
+fn wait_until_rng_ready() -> Result<(), Error> {
+ // Poll /dev/random to make sure it is ok to read from /dev/urandom.
+ let fd = unsafe { open_readonly("/dev/random\0")? };
+ let mut pfd = libc::pollfd {
+ fd,
+ events: libc::POLLIN,
+ revents: 0,
+ };
+ let _guard = DropGuard(|| unsafe {
+ libc::close(fd);
+ });
+
+ loop {
+ // A negative timeout means an infinite timeout.
+ let res = unsafe { libc::poll(&mut pfd, 1, -1) };
+ if res >= 0 {
+ debug_assert_eq!(res, 1); // We only used one fd, and cannot timeout.
+ return Ok(());
+ }
+ let err = crate::util_libc::last_os_error();
+ match err.raw_os_error() {
+ Some(libc::EINTR) | Some(libc::EAGAIN) => continue,
+ _ => return Err(err),
+ }
+ }
+}
+
+struct Mutex(UnsafeCell<libc::pthread_mutex_t>);
+
+impl Mutex {
+ const fn new() -> Self {
+ Self(UnsafeCell::new(libc::PTHREAD_MUTEX_INITIALIZER))
+ }
+ unsafe fn lock(&self) {
+ let r = libc::pthread_mutex_lock(self.0.get());
+ debug_assert_eq!(r, 0);
+ }
+ unsafe fn unlock(&self) {
+ let r = libc::pthread_mutex_unlock(self.0.get());
+ debug_assert_eq!(r, 0);
+ }
+}
+
+unsafe impl Sync for Mutex {}
+
+struct DropGuard<F: FnMut()>(F);
+
+impl<F: FnMut()> Drop for DropGuard<F> {
+ fn drop(&mut self) {
+ self.0()
+ }
+}
diff --git a/third_party/rust/getrandom/src/util.rs b/third_party/rust/getrandom/src/util.rs
new file mode 100644
index 0000000000..3162afad35
--- /dev/null
+++ b/third_party/rust/getrandom/src/util.rs
@@ -0,0 +1,101 @@
+// Copyright 2019 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+#![allow(dead_code)]
+use core::{
+ mem::MaybeUninit,
+ ptr,
+ sync::atomic::{AtomicUsize, Ordering::Relaxed},
+};
+
+// This structure represents a lazily initialized static usize value. Useful
+// when it is preferable to just rerun initialization instead of locking.
+// Both unsync_init and sync_init will invoke an init() function until it
+// succeeds, then return the cached value for future calls.
+//
+// Both methods support init() "failing". If the init() method returns UNINIT,
+// that value will be returned as normal, but will not be cached.
+//
+// Users should only depend on the _value_ returned by init() functions.
+// Specifically, for the following init() function:
+// fn init() -> usize {
+// a();
+// let v = b();
+// c();
+// v
+// }
+// the effects of c() or writes to shared memory will not necessarily be
+// observed and additional synchronization methods with be needed.
+pub struct LazyUsize(AtomicUsize);
+
+impl LazyUsize {
+ pub const fn new() -> Self {
+ Self(AtomicUsize::new(Self::UNINIT))
+ }
+
+ // The initialization is not completed.
+ pub const UNINIT: usize = usize::max_value();
+
+ // Runs the init() function at least once, returning the value of some run
+ // of init(). Multiple callers can run their init() functions in parallel.
+ // init() should always return the same value, if it succeeds.
+ pub fn unsync_init(&self, init: impl FnOnce() -> usize) -> usize {
+ // Relaxed ordering is fine, as we only have a single atomic variable.
+ let mut val = self.0.load(Relaxed);
+ if val == Self::UNINIT {
+ val = init();
+ self.0.store(val, Relaxed);
+ }
+ val
+ }
+}
+
+// Identical to LazyUsize except with bool instead of usize.
+pub struct LazyBool(LazyUsize);
+
+impl LazyBool {
+ pub const fn new() -> Self {
+ Self(LazyUsize::new())
+ }
+
+ pub fn unsync_init(&self, init: impl FnOnce() -> bool) -> bool {
+ self.0.unsync_init(|| init() as usize) != 0
+ }
+}
+
+/// Polyfill for `maybe_uninit_slice` feature's
+/// `MaybeUninit::slice_assume_init_mut`. Every element of `slice` must have
+/// been initialized.
+#[inline(always)]
+pub unsafe fn slice_assume_init_mut<T>(slice: &mut [MaybeUninit<T>]) -> &mut [T] {
+ // SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
+ &mut *(slice as *mut [MaybeUninit<T>] as *mut [T])
+}
+
+#[inline]
+pub fn uninit_slice_fill_zero(slice: &mut [MaybeUninit<u8>]) -> &mut [u8] {
+ unsafe { ptr::write_bytes(slice.as_mut_ptr(), 0, slice.len()) };
+ unsafe { slice_assume_init_mut(slice) }
+}
+
+#[inline(always)]
+pub fn slice_as_uninit<T>(slice: &[T]) -> &[MaybeUninit<T>] {
+ // SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
+ // There is no risk of writing a `MaybeUninit<T>` into the result since
+ // the result isn't mutable.
+ unsafe { &*(slice as *const [T] as *const [MaybeUninit<T>]) }
+}
+
+/// View an mutable initialized array as potentially-uninitialized.
+///
+/// This is unsafe because it allows assigning uninitialized values into
+/// `slice`, which would be undefined behavior.
+#[inline(always)]
+pub unsafe fn slice_as_uninit_mut<T>(slice: &mut [T]) -> &mut [MaybeUninit<T>] {
+ // SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
+ &mut *(slice as *mut [T] as *mut [MaybeUninit<T>])
+}
diff --git a/third_party/rust/getrandom/src/util_libc.rs b/third_party/rust/getrandom/src/util_libc.rs
new file mode 100644
index 0000000000..99bee3824b
--- /dev/null
+++ b/third_party/rust/getrandom/src/util_libc.rs
@@ -0,0 +1,159 @@
+// Copyright 2019 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+#![allow(dead_code)]
+use crate::Error;
+use core::{
+ cmp::min,
+ mem::MaybeUninit,
+ num::NonZeroU32,
+ ptr::NonNull,
+ sync::atomic::{fence, AtomicPtr, Ordering},
+};
+use libc::c_void;
+
+cfg_if! {
+ if #[cfg(any(target_os = "netbsd", target_os = "openbsd", target_os = "android"))] {
+ use libc::__errno as errno_location;
+ } else if #[cfg(any(target_os = "linux", target_os = "emscripten", target_os = "hurd", target_os = "redox"))] {
+ use libc::__errno_location as errno_location;
+ } else if #[cfg(any(target_os = "solaris", target_os = "illumos"))] {
+ use libc::___errno as errno_location;
+ } else if #[cfg(any(target_os = "macos", target_os = "freebsd"))] {
+ use libc::__error as errno_location;
+ } else if #[cfg(target_os = "haiku")] {
+ use libc::_errnop as errno_location;
+ } else if #[cfg(target_os = "nto")] {
+ use libc::__get_errno_ptr as errno_location;
+ } else if #[cfg(any(all(target_os = "horizon", target_arch = "arm"), target_os = "vita"))] {
+ extern "C" {
+ // Not provided by libc: https://github.com/rust-lang/libc/issues/1995
+ fn __errno() -> *mut libc::c_int;
+ }
+ use __errno as errno_location;
+ } else if #[cfg(target_os = "aix")] {
+ use libc::_Errno as errno_location;
+ }
+}
+
+cfg_if! {
+ if #[cfg(target_os = "vxworks")] {
+ use libc::errnoGet as get_errno;
+ } else if #[cfg(target_os = "dragonfly")] {
+ // Until rust-lang/rust#29594 is stable, we cannot get the errno value
+ // on DragonFlyBSD. So we just return an out-of-range errno.
+ unsafe fn get_errno() -> libc::c_int { -1 }
+ } else {
+ unsafe fn get_errno() -> libc::c_int { *errno_location() }
+ }
+}
+
+pub fn last_os_error() -> Error {
+ let errno = unsafe { get_errno() };
+ if errno > 0 {
+ Error::from(NonZeroU32::new(errno as u32).unwrap())
+ } else {
+ Error::ERRNO_NOT_POSITIVE
+ }
+}
+
+// Fill a buffer by repeatedly invoking a system call. The `sys_fill` function:
+// - should return -1 and set errno on failure
+// - should return the number of bytes written on success
+pub fn sys_fill_exact(
+ mut buf: &mut [MaybeUninit<u8>],
+ sys_fill: impl Fn(&mut [MaybeUninit<u8>]) -> libc::ssize_t,
+) -> Result<(), Error> {
+ while !buf.is_empty() {
+ let res = sys_fill(buf);
+ if res < 0 {
+ let err = last_os_error();
+ // We should try again if the call was interrupted.
+ if err.raw_os_error() != Some(libc::EINTR) {
+ return Err(err);
+ }
+ } else {
+ // We don't check for EOF (ret = 0) as the data we are reading
+ // should be an infinite stream of random bytes.
+ let len = min(res as usize, buf.len());
+ buf = &mut buf[len..];
+ }
+ }
+ Ok(())
+}
+
+// A "weak" binding to a C function that may or may not be present at runtime.
+// Used for supporting newer OS features while still building on older systems.
+// Based off of the DlsymWeak struct in libstd:
+// https://github.com/rust-lang/rust/blob/1.61.0/library/std/src/sys/unix/weak.rs#L84
+// except that the caller must manually cast self.ptr() to a function pointer.
+pub struct Weak {
+ name: &'static str,
+ addr: AtomicPtr<c_void>,
+}
+
+impl Weak {
+ // A non-null pointer value which indicates we are uninitialized. This
+ // constant should ideally not be a valid address of a function pointer.
+ // However, if by chance libc::dlsym does return UNINIT, there will not
+ // be undefined behavior. libc::dlsym will just be called each time ptr()
+ // is called. This would be inefficient, but correct.
+ // TODO: Replace with core::ptr::invalid_mut(1) when that is stable.
+ const UNINIT: *mut c_void = 1 as *mut c_void;
+
+ // Construct a binding to a C function with a given name. This function is
+ // unsafe because `name` _must_ be null terminated.
+ pub const unsafe fn new(name: &'static str) -> Self {
+ Self {
+ name,
+ addr: AtomicPtr::new(Self::UNINIT),
+ }
+ }
+
+ // Return the address of a function if present at runtime. Otherwise,
+ // return None. Multiple callers can call ptr() concurrently. It will
+ // always return _some_ value returned by libc::dlsym. However, the
+ // dlsym function may be called multiple times.
+ pub fn ptr(&self) -> Option<NonNull<c_void>> {
+ // Despite having only a single atomic variable (self.addr), we still
+ // cannot always use Ordering::Relaxed, as we need to make sure a
+ // successful call to dlsym() is "ordered before" any data read through
+ // the returned pointer (which occurs when the function is called).
+ // Our implementation mirrors that of the one in libstd, meaning that
+ // the use of non-Relaxed operations is probably unnecessary.
+ match self.addr.load(Ordering::Relaxed) {
+ Self::UNINIT => {
+ let symbol = self.name.as_ptr() as *const _;
+ let addr = unsafe { libc::dlsym(libc::RTLD_DEFAULT, symbol) };
+ // Synchronizes with the Acquire fence below
+ self.addr.store(addr, Ordering::Release);
+ NonNull::new(addr)
+ }
+ addr => {
+ let func = NonNull::new(addr)?;
+ fence(Ordering::Acquire);
+ Some(func)
+ }
+ }
+ }
+}
+
+// SAFETY: path must be null terminated, FD must be manually closed.
+pub unsafe fn open_readonly(path: &str) -> Result<libc::c_int, Error> {
+ debug_assert_eq!(path.as_bytes().last(), Some(&0));
+ loop {
+ let fd = libc::open(path.as_ptr() as *const _, libc::O_RDONLY | libc::O_CLOEXEC);
+ if fd >= 0 {
+ return Ok(fd);
+ }
+ let err = last_os_error();
+ // We should try again if open() was interrupted.
+ if err.raw_os_error() != Some(libc::EINTR) {
+ return Err(err);
+ }
+ }
+}
diff --git a/third_party/rust/getrandom/src/vita.rs b/third_party/rust/getrandom/src/vita.rs
new file mode 100644
index 0000000000..4f19b9cb08
--- /dev/null
+++ b/third_party/rust/getrandom/src/vita.rs
@@ -0,0 +1,21 @@
+// Copyright 2021 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for PS Vita
+use crate::{util_libc::last_os_error, Error};
+use core::mem::MaybeUninit;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ for chunk in dest.chunks_mut(256) {
+ let ret = unsafe { libc::getentropy(chunk.as_mut_ptr() as *mut libc::c_void, chunk.len()) };
+ if ret == -1 {
+ return Err(last_os_error());
+ }
+ }
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/src/vxworks.rs b/third_party/rust/getrandom/src/vxworks.rs
new file mode 100644
index 0000000000..9b2090fb0a
--- /dev/null
+++ b/third_party/rust/getrandom/src/vxworks.rs
@@ -0,0 +1,37 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for VxWorks
+use crate::{util_libc::last_os_error, Error};
+use core::{
+ mem::MaybeUninit,
+ sync::atomic::{AtomicBool, Ordering::Relaxed},
+};
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ static RNG_INIT: AtomicBool = AtomicBool::new(false);
+ while !RNG_INIT.load(Relaxed) {
+ let ret = unsafe { libc::randSecure() };
+ if ret < 0 {
+ return Err(Error::VXWORKS_RAND_SECURE);
+ } else if ret > 0 {
+ RNG_INIT.store(true, Relaxed);
+ break;
+ }
+ unsafe { libc::usleep(10) };
+ }
+
+ // Prevent overflow of i32
+ for chunk in dest.chunks_mut(i32::max_value() as usize) {
+ let ret = unsafe { libc::randABytes(chunk.as_mut_ptr() as *mut u8, chunk.len() as i32) };
+ if ret != 0 {
+ return Err(last_os_error());
+ }
+ }
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/src/wasi.rs b/third_party/rust/getrandom/src/wasi.rs
new file mode 100644
index 0000000000..9276ee74f8
--- /dev/null
+++ b/third_party/rust/getrandom/src/wasi.rs
@@ -0,0 +1,25 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+//! Implementation for WASI
+use crate::Error;
+use core::{
+ mem::MaybeUninit,
+ num::{NonZeroU16, NonZeroU32},
+};
+use wasi::random_get;
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ unsafe { random_get(dest.as_mut_ptr() as *mut u8, dest.len()) }.map_err(|e| {
+ // The WASI errno will always be non-zero, but we check just in case.
+ match NonZeroU16::new(e.raw()) {
+ Some(r) => Error::from(NonZeroU32::from(r)),
+ None => Error::ERRNO_NOT_POSITIVE,
+ }
+ })
+}
diff --git a/third_party/rust/getrandom/src/windows.rs b/third_party/rust/getrandom/src/windows.rs
new file mode 100644
index 0000000000..92d70429e4
--- /dev/null
+++ b/third_party/rust/getrandom/src/windows.rs
@@ -0,0 +1,66 @@
+// Copyright 2018 Developers of the Rand project.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+use crate::Error;
+use core::{ffi::c_void, mem::MaybeUninit, num::NonZeroU32, ptr};
+
+const BCRYPT_USE_SYSTEM_PREFERRED_RNG: u32 = 0x00000002;
+
+#[link(name = "bcrypt")]
+extern "system" {
+ fn BCryptGenRandom(
+ hAlgorithm: *mut c_void,
+ pBuffer: *mut u8,
+ cbBuffer: u32,
+ dwFlags: u32,
+ ) -> u32;
+}
+
+// Forbidden when targetting UWP
+#[cfg(not(target_vendor = "uwp"))]
+#[link(name = "advapi32")]
+extern "system" {
+ #[link_name = "SystemFunction036"]
+ fn RtlGenRandom(RandomBuffer: *mut c_void, RandomBufferLength: u32) -> u8;
+}
+
+pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
+ // Prevent overflow of u32
+ for chunk in dest.chunks_mut(u32::max_value() as usize) {
+ // BCryptGenRandom was introduced in Windows Vista
+ let ret = unsafe {
+ BCryptGenRandom(
+ ptr::null_mut(),
+ chunk.as_mut_ptr() as *mut u8,
+ chunk.len() as u32,
+ BCRYPT_USE_SYSTEM_PREFERRED_RNG,
+ )
+ };
+ // NTSTATUS codes use the two highest bits for severity status.
+ if ret >> 30 == 0b11 {
+ // Failed. Try RtlGenRandom as a fallback.
+ #[cfg(not(target_vendor = "uwp"))]
+ {
+ let ret =
+ unsafe { RtlGenRandom(chunk.as_mut_ptr() as *mut c_void, chunk.len() as u32) };
+ if ret != 0 {
+ continue;
+ }
+ }
+ // We zeroize the highest bit, so the error code will reside
+ // inside the range designated for OS codes.
+ let code = ret ^ (1 << 31);
+ // SAFETY: the second highest bit is always equal to one,
+ // so it's impossible to get zero. Unfortunately the type
+ // system does not have a way to express this yet.
+ let code = unsafe { NonZeroU32::new_unchecked(code) };
+ return Err(Error::from(code));
+ }
+ }
+ Ok(())
+}
diff --git a/third_party/rust/getrandom/tests/common/mod.rs b/third_party/rust/getrandom/tests/common/mod.rs
new file mode 100644
index 0000000000..666f7f5702
--- /dev/null
+++ b/third_party/rust/getrandom/tests/common/mod.rs
@@ -0,0 +1,100 @@
+use super::getrandom_impl;
+
+#[cfg(all(target_arch = "wasm32", target_os = "unknown"))]
+use wasm_bindgen_test::wasm_bindgen_test as test;
+
+#[cfg(feature = "test-in-browser")]
+wasm_bindgen_test::wasm_bindgen_test_configure!(run_in_browser);
+
+#[test]
+fn test_zero() {
+ // Test that APIs are happy with zero-length requests
+ getrandom_impl(&mut [0u8; 0]).unwrap();
+}
+
+// Return the number of bits in which s1 and s2 differ
+#[cfg(not(feature = "custom"))]
+fn num_diff_bits(s1: &[u8], s2: &[u8]) -> usize {
+ assert_eq!(s1.len(), s2.len());
+ s1.iter()
+ .zip(s2.iter())
+ .map(|(a, b)| (a ^ b).count_ones() as usize)
+ .sum()
+}
+
+// Tests the quality of calling getrandom on two large buffers
+#[test]
+#[cfg(not(feature = "custom"))]
+fn test_diff() {
+ let mut v1 = [0u8; 1000];
+ getrandom_impl(&mut v1).unwrap();
+
+ let mut v2 = [0u8; 1000];
+ getrandom_impl(&mut v2).unwrap();
+
+ // Between 3.5 and 4.5 bits per byte should differ. Probability of failure:
+ // ~ 2^(-94) = 2 * CDF[BinomialDistribution[8000, 0.5], 3500]
+ let d = num_diff_bits(&v1, &v2);
+ assert!(d > 3500);
+ assert!(d < 4500);
+}
+
+// Tests the quality of calling getrandom repeatedly on small buffers
+#[test]
+#[cfg(not(feature = "custom"))]
+fn test_small() {
+ // For each buffer size, get at least 256 bytes and check that between
+ // 3 and 5 bits per byte differ. Probability of failure:
+ // ~ 2^(-91) = 64 * 2 * CDF[BinomialDistribution[8*256, 0.5], 3*256]
+ for size in 1..=64 {
+ let mut num_bytes = 0;
+ let mut diff_bits = 0;
+ while num_bytes < 256 {
+ let mut s1 = vec![0u8; size];
+ getrandom_impl(&mut s1).unwrap();
+ let mut s2 = vec![0u8; size];
+ getrandom_impl(&mut s2).unwrap();
+
+ num_bytes += size;
+ diff_bits += num_diff_bits(&s1, &s2);
+ }
+ assert!(diff_bits > 3 * num_bytes);
+ assert!(diff_bits < 5 * num_bytes);
+ }
+}
+
+#[test]
+fn test_huge() {
+ let mut huge = [0u8; 100_000];
+ getrandom_impl(&mut huge).unwrap();
+}
+
+// On WASM, the thread API always fails/panics
+#[cfg(not(target_arch = "wasm32"))]
+#[test]
+fn test_multithreading() {
+ extern crate std;
+ use std::{sync::mpsc::channel, thread, vec};
+
+ let mut txs = vec![];
+ for _ in 0..20 {
+ let (tx, rx) = channel();
+ txs.push(tx);
+
+ thread::spawn(move || {
+ // wait until all the tasks are ready to go.
+ rx.recv().unwrap();
+ let mut v = [0u8; 1000];
+
+ for _ in 0..100 {
+ getrandom_impl(&mut v).unwrap();
+ thread::yield_now();
+ }
+ });
+ }
+
+ // start all the tasks
+ for tx in txs.iter() {
+ tx.send(()).unwrap();
+ }
+}
diff --git a/third_party/rust/getrandom/tests/custom.rs b/third_party/rust/getrandom/tests/custom.rs
new file mode 100644
index 0000000000..b085094be8
--- /dev/null
+++ b/third_party/rust/getrandom/tests/custom.rs
@@ -0,0 +1,54 @@
+// Test that a custom handler works on wasm32-unknown-unknown
+#![cfg(all(
+ target_arch = "wasm32",
+ target_os = "unknown",
+ feature = "custom",
+ not(feature = "js")
+))]
+
+use wasm_bindgen_test::wasm_bindgen_test as test;
+
+use core::num::NonZeroU32;
+use getrandom::{getrandom, register_custom_getrandom, Error};
+
+fn len7_err() -> Error {
+ NonZeroU32::new(Error::INTERNAL_START + 7).unwrap().into()
+}
+
+fn super_insecure_rng(buf: &mut [u8]) -> Result<(), Error> {
+ // `getrandom` guarantees it will not call any implementation if the output
+ // buffer is empty.
+ assert!(!buf.is_empty());
+ // Length 7 buffers return a custom error
+ if buf.len() == 7 {
+ return Err(len7_err());
+ }
+ // Otherwise, fill bytes based on input length
+ let mut start = buf.len() as u8;
+ for b in buf {
+ *b = start;
+ start = start.wrapping_mul(3);
+ }
+ Ok(())
+}
+
+register_custom_getrandom!(super_insecure_rng);
+
+use getrandom::getrandom as getrandom_impl;
+mod common;
+
+#[test]
+fn custom_rng_output() {
+ let mut buf = [0u8; 4];
+ assert_eq!(getrandom(&mut buf), Ok(()));
+ assert_eq!(buf, [4, 12, 36, 108]);
+
+ let mut buf = [0u8; 3];
+ assert_eq!(getrandom(&mut buf), Ok(()));
+ assert_eq!(buf, [3, 9, 27]);
+}
+
+#[test]
+fn rng_err_output() {
+ assert_eq!(getrandom(&mut [0; 7]), Err(len7_err()));
+}
diff --git a/third_party/rust/getrandom/tests/normal.rs b/third_party/rust/getrandom/tests/normal.rs
new file mode 100644
index 0000000000..5fff13b38e
--- /dev/null
+++ b/third_party/rust/getrandom/tests/normal.rs
@@ -0,0 +1,11 @@
+// Don't test on custom wasm32-unknown-unknown
+#![cfg(not(all(
+ target_arch = "wasm32",
+ target_os = "unknown",
+ feature = "custom",
+ not(feature = "js")
+)))]
+
+// Use the normal getrandom implementation on this architecture.
+use getrandom::getrandom as getrandom_impl;
+mod common;
diff --git a/third_party/rust/getrandom/tests/rdrand.rs b/third_party/rust/getrandom/tests/rdrand.rs
new file mode 100644
index 0000000000..25678683f3
--- /dev/null
+++ b/third_party/rust/getrandom/tests/rdrand.rs
@@ -0,0 +1,20 @@
+// We only test the RDRAND-based RNG source on supported architectures.
+#![cfg(any(target_arch = "x86_64", target_arch = "x86"))]
+
+// rdrand.rs expects to be part of the getrandom main crate, so we need these
+// additional imports to get rdrand.rs to compile.
+use getrandom::Error;
+#[macro_use]
+extern crate cfg_if;
+#[path = "../src/rdrand.rs"]
+mod rdrand;
+#[path = "../src/util.rs"]
+mod util;
+
+// The rdrand implementation has the signature of getrandom_uninit(), but our
+// tests expect getrandom_impl() to have the signature of getrandom().
+fn getrandom_impl(dest: &mut [u8]) -> Result<(), Error> {
+ rdrand::getrandom_inner(unsafe { util::slice_as_uninit_mut(dest) })?;
+ Ok(())
+}
+mod common;