Add a crate which wraps getrandom but always compiles

In the next commit we'll drop the `ahash` dependency in favor of directly calling `getrandom` to seed our hash tables. However, we'd like to depend on `getrandom` only on certain platforms *and* only when certain features (no-std) are set. This introduces an indirection crate to do so, allowing us to depend on it only when `no-std` is set but only depending on `getrandom` on platforms which it supports.
TheBlueMatt · Feb 12, 2024 · 6181758 · 6181758
1 parent 0c2a715
commit 6181758
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 0 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -10,6 +10,7 @@ members = [
     "lightning-background-processor",
     "lightning-rapid-gossip-sync",
     "lightning-custom-message",
+    "possiblyrandom",
 ]
 
 exclude = [

diff --git a/possiblyrandom/Cargo.toml b/possiblyrandom/Cargo.toml
@@ -0,0 +1,21 @@
+[package]
+name = "possiblyrandom"
+version = "0.1.0"
+authors = ["Matt Corallo"]
+license = "MIT OR Apache-2.0"
+repository = "https://github.com/lightningdevkit/rust-lightning/"
+description = """
+A crate which wraps getrandom and always compiles, returning 0s when no randomness is available.
+"""
+edition = "2021"
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
+[dependencies]
+getrandom = { version = "0.2", optional = true, default-features = false }
+
+# Enable getrandom if we are on a platform that (likely) supports it
+[target.'cfg(not(any(target_os = "unknown", target_os = "none")))'.dependencies]
+getrandom = { version = "0.2", default-features = false }
diff --git a/possiblyrandom/src/lib.rs b/possiblyrandom/src/lib.rs
@@ -0,0 +1,38 @@
+// This file is Copyright its original authors, visible in version control
+// history.
+//
+// This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
+// or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
+// You may not use this file except in accordance with one or both of these
+// licenses.
+
+//! [`getrandom`] provides access to OS randomness, but will fail to compile on platforms which do
+//! not support fetching OS randomness. This is exactly what you want when you're doing
+//! cryptographic operations, but when you're just opportunistically randomizing, we're fine with
+//! compiling and simply disabling randomization.
+//!
+//! This crate does that, returning only possibly-random data.
+//!
+//! Note that this crate only enables getrandom on a subset of platforms it supports. As getrandom
+//! evolves this crate is unlikely to carefully track all getrandom-supported platforms, however
+//! will use random data on popular platforms.
+
+#[cfg(feature = "getrandom")]
+extern crate getrandom;
+
+/// Possibly fills `dest` with random data. May fill it with zeros.
+#[cfg(feature = "getrandom")]
+#[inline]
+pub fn getpossiblyrandom(dest: &mut [u8]) {
+	if getrandom::getrandom(dest).is_err() {
+		dest.fill(0);
+	}
+}
+
+/// Possibly fills `dest` with random data. May fill it with zeros.
+#[cfg(not(feature = "getrandom"))]
+#[inline]
+pub fn getpossiblyrandom(dest: &mut [u8]) {
+	dest.fill(0);
+}