-
Notifications
You must be signed in to change notification settings - Fork 466
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update rand #263
Update rand #263
Conversation
Because the When we eventually release a |
See also #262 |
The reason why so many duplicates for this issue/pr exist is that since no cryptographic rust code exists without an explicit dependency to rand, your policy is literally forcing all users of the library to use an outdated version. |
@hdevalence What is the motivation for supporting userspace CSPRNGs? You could get rid of the dependency on rand by using the |
Any more complex protocols to specify some test vectors by pulling randomness from some stream cipher like |
@vks There are lots of reasons to support userspace CSPRNGs, such as the reasons @burdges mentioned, or the reasons I described on this page. The bigger design principle is separation of concerns (apparently not a design principle for Ring, in this and other ways). The functionality of an elliptic curve library should be focused on elliptic curve operations, not on providing an RNG. These are orthogonal problems and they should be implemented orthogonally, which is why this API is designed to accept an arbitrary RNG implementation. @Silur Thanks for the input, but nobody is "literally forcing" anybody to do anything. |
If I understand, rand_core 0.4 to 0.5 aka rand 0.6 to 0.7 occurred largely due to adding |
I think rand_core v0.5 looks like nonsense rust-random/rand#854 so yeah maybe everyone should skip rand 0.7 until this gets sorted out. |
I've no clue about rand 0.6 -> 0.7 but at least rand_core 0.4 -> 0.5 adding |
Defaults to on
No description provided.