Odin
Odin copied to clipboard
odin-lang
added rand_bytes for darwin
Is this a good idea to rely on libc? @zhibog
I can't speak for @zhibog, but Go purports to use getentropy(2) on macOS.
On Linux, FreeBSD, Dragonfly, NetBSD and Solaris, Reader uses getrandom(2) if available, /dev/urandom otherwise. On OpenBSD and macOS, Reader uses getentropy(2). On other Unix-like systems, Reader reads from /dev/urandom. On Windows systems, Reader uses the RtlGenRandom API. On JS/Wasm, Reader uses the Web Crypto API. On WASIP1/Wasm, Reader uses random_get from wasi_snapshot_preview1.
See also Apple security guidance, the call's man page. It's defined in sys/random.h.
The man page for arc4random on macos says:
These functions use a cryptographic pseudo-random number generator to generate high quality random bytes very quickly. One data pool is used for all consumers in a process, so that consumption under program flow can act as additional stirring. The subsystem is re-seeded from the kernel random number subsystem on a regular basis, and also upon fork(2).
This family of functions provides higher quality random data than those described in rand(3), random(3), and rand48(3). They can be called in almost all environments, including chroot(2), and their use is encouraged over all other standard library functions for random numbers.
and also:
The original version of this random number generator used the RC4 (also known as ARC4) algorithm. In OS X 10.12 it was replaced with the NIST-approved AES cipher, and it may be replaced again in the future as cryptographic techniques advance. A good mnemonic is “A Replacement Call for Random”
@gingerBill I'd try to avoid libc as much as I can, but having said that I have little experience developing on/for OSX, so I don't have a strong opinion on this.
