Add a crate which wraps getrandom but always compiles

TheBlueMatt · TheBlueMatt · commit 618175845b3b · 2024-02-12T22:37:09.000Z
In the next commit we'll drop the `ahash` dependency in favor of
directly calling `getrandom` to seed our hash tables. However,
we'd like to depend on `getrandom` only on certain platforms *and*
only when certain features (no-std) are set.

This introduces an indirection crate to do so, allowing us to
depend on it only when `no-std` is set but only depending on
`getrandom` on platforms which it supports.
diff --git a/Cargo.toml b/Cargo.toml
@@ -10,6 +10,7 @@ members = [
     "lightning-background-processor",
     "lightning-rapid-gossip-sync",
     "lightning-custom-message",
+    "possiblyrandom",
 ]
 
 exclude = [
diff --git a/possiblyrandom/Cargo.toml b/possiblyrandom/Cargo.toml
@@ -0,0 +1,21 @@
+[package]
+name = "possiblyrandom"
+version = "0.1.0"
+authors = ["Matt Corallo"]
+license = "MIT OR Apache-2.0"
+repository = "https://github.com/lightningdevkit/rust-lightning/"
+description = """
+A crate which wraps getrandom and always compiles, returning 0s when no randomness is available.
+"""
+edition = "2021"
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
+[dependencies]
+getrandom = { version = "0.2", optional = true, default-features = false }
+
+# Enable getrandom if we are on a platform that (likely) supports it
+[target.'cfg(not(any(target_os = "unknown", target_os = "none")))'.dependencies]
+getrandom = { version = "0.2", default-features = false }
diff --git a/possiblyrandom/src/lib.rs b/possiblyrandom/src/lib.rs
@@ -0,0 +1,38 @@
+// This file is Copyright its original authors, visible in version control
+// history.
+//
+// This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
+// or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
+// You may not use this file except in accordance with one or both of these
+// licenses.
+
+//! [`getrandom`] provides access to OS randomness, but will fail to compile on platforms which do
+//! not support fetching OS randomness. This is exactly what you want when you're doing
+//! cryptographic operations, but when you're just opportunistically randomizing, we're fine with
+//! compiling and simply disabling randomization.
+//!
+//! This crate does that, returning only possibly-random data.
+//!
+//! Note that this crate only enables getrandom on a subset of platforms it supports. As getrandom
+//! evolves this crate is unlikely to carefully track all getrandom-supported platforms, however
+//! will use random data on popular platforms.
+
+#[cfg(feature = "getrandom")]
+extern crate getrandom;
+
+/// Possibly fills `dest` with random data. May fill it with zeros.
+#[cfg(feature = "getrandom")]
+#[inline]
+pub fn getpossiblyrandom(dest: &mut [u8]) {
+	if getrandom::getrandom(dest).is_err() {
+		dest.fill(0);
+	}
+}
+
+/// Possibly fills `dest` with random data. May fill it with zeros.
+#[cfg(not(feature = "getrandom"))]
+#[inline]
+pub fn getpossiblyrandom(dest: &mut [u8]) {
+	dest.fill(0);
+}

Original file line number	Diff line number	Diff line change
`@@ -10,6 +10,7 @@ members = [`
`10`	`10`	`"lightning-background-processor",`
`11`	`11`	`"lightning-rapid-gossip-sync",`
`12`	`12`	`"lightning-custom-message",`
	`13`	`+ "possiblyrandom",`
`13`	`14`	`]`
`14`	`15`
`15`	`16`	`exclude = [`