Add a comment explaining why SecRandomCopyBytes is not used on MacOS

This commit is contained in:
Ed Barnard 2019-04-11 13:47:27 +01:00 committed by Edward Barnard
parent a7cef0bf08
commit f1da89a667

View File

@ -99,6 +99,13 @@ mod imp {
}
}
// On iOS and MacOS `SecRandomCopyBytes` calls `CCRandomCopyBytes` with
// `kCCRandomDefault`. `CCRandomCopyBytes` manages a CSPRNG which is seeded
// from `/dev/random` and which runs on its own thread accessed via GCD.
// This seems needlessly heavyweight for the purposes of generating two u64s
// once per thread in `hashmap_random_keys`. Therefore `SecRandomCopyBytes` is
// only used on iOS where direct access to `/dev/urandom` is blocked by the
// sandbox.
#[cfg(target_os = "ios")]
mod imp {
use crate::io;