mozilla-central/third_party/rust/getrandom/src/backends/windows.rs

Source code

Revision control

Copy as Markdown

Other Tools

//! Implementation for Windows 10 and later
//!
//! On Windows 10 and later, ProcessPrng "is the primary interface to the
//! user-mode per-processor PRNGs" and only requires bcryptprimitives.dll,
//! making it a better option than the other Windows RNG APIs:
//! - Requires bcrypt.dll (which loads bcryptprimitives.dll anyway)
//! - Can cause crashes/hangs as BCrypt accesses the Windows Registry:
//! - Causes issues inside sandboxed code:
//! - Deprecated and not available on UWP targets
//! - Requires advapi32.lib/advapi32.dll (in addition to bcryptprimitives.dll)
//! - Thin wrapper around ProcessPrng
//! - Deprecated and not available on UWP targets
//! - Requires advapi32.dll (in addition to bcryptprimitives.dll)
//! - Requires using name "SystemFunction036"
//! - Thin wrapper around ProcessPrng
//!
//! For more information see the Windows RNG Whitepaper: https://aka.ms/win10rng
use crate::Error;
use core::mem::MaybeUninit;
pub use crate::util::{inner_u32, inner_u64};
// Binding to the Windows.Win32.Security.Cryptography.ProcessPrng API. As
// bcryptprimitives.dll lacks an import library, we use the windows-targets
// crate to link to it.
//
// TODO(MSRV 1.71): Migrate to linking as raw-dylib directly.
windows_targets::link!("bcryptprimitives.dll" "system" fn ProcessPrng(pbdata: *mut u8, cbdata: usize) -> i32);
pub fn fill_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
let result = unsafe { ProcessPrng(dest.as_mut_ptr().cast::<u8>(), dest.len()) };
// Since Windows 10, calls to the user-mode RNG are guaranteed to never
// fail during runtime (rare windows W); `ProcessPrng` will only ever
// return 1 (which is how windows represents TRUE).
// See the bottom of page 6 of the aforementioned Windows RNG
// whitepaper for more information.
debug_assert!(result == 1);
Ok(())
}