Add a comment explaining why SecRandomCopyBytes is not used on MacOS
This commit is contained in:
Ed Barnard
Edward Barnard
parent
a7cef0bf08
commit
f1da89a667
1 changed files with 7 additions and 0 deletions
|
|
@ -99,6 +99,13 @@ mod imp {
|
|||
}
|
||||
}
|
||||
|
||||
// On iOS and MacOS `SecRandomCopyBytes` calls `CCRandomCopyBytes` with
|
||||
// `kCCRandomDefault`. `CCRandomCopyBytes` manages a CSPRNG which is seeded
|
||||
// from `/dev/random` and which runs on its own thread accessed via GCD.
|
||||
// This seems needlessly heavyweight for the purposes of generating two u64s
|
||||
// once per thread in `hashmap_random_keys`. Therefore `SecRandomCopyBytes` is
|
||||
// only used on iOS where direct access to `/dev/urandom` is blocked by the
|
||||
// sandbox.
|
||||
#[cfg(target_os = "ios")]
|
||||
mod imp {
|
||||
use crate::io;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue