Backed out changeset 055ba7efc9cd (bug 1584401) for rust build bustage. On a CLOSED TREE

This commit is contained in:
Daniel Varga 2019-10-22 22:04:40 +03:00
parent 28cc0dc938
commit 964a732b29
116 changed files with 0 additions and 34384 deletions

66
Cargo.lock generated
View File

@ -1567,16 +1567,6 @@ dependencies = [
"pkg-config 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "libloading"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
dependencies = [
"kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
"lazy_static 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
"winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "libloading"
version = "0.5.0"
@ -2038,17 +2028,6 @@ dependencies = [
"nsstring 0.1.0",
]
[[package]]
name = "num-bigint"
version = "0.1.44"
source = "registry+https://github.com/rust-lang/crates.io-index"
dependencies = [
"num-integer 0.1.39 (registry+https://github.com/rust-lang/crates.io-index)",
"num-traits 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
"rand 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
"rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "num-derive"
version = "0.3.0"
@ -2127,20 +2106,6 @@ dependencies = [
"num-traits 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "osclientcerts-static"
version = "0.1.4"
dependencies = [
"bindgen 0.51.1 (registry+https://github.com/rust-lang/crates.io-index)",
"byteorder 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
"env_logger 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)",
"lazy_static 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
"log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
"pkcs11 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
"sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)",
"winapi 0.3.6 (git+https://github.com/froydnj/winapi-rs?branch=aarch64)",
]
[[package]]
name = "owning_ref"
version = "0.4.0"
@ -2244,15 +2209,6 @@ dependencies = [
"siphasher 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "pkcs11"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
dependencies = [
"libloading 0.4.3 (registry+https://github.com/rust-lang/crates.io-index)",
"num-bigint 0.1.44 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "pkg-config"
version = "0.3.9"
@ -2381,18 +2337,6 @@ dependencies = [
"proc-macro2 1.0.5 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "rand"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
dependencies = [
"fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
"libc 0.2.60 (registry+https://github.com/rust-lang/crates.io-index)",
"rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
"rdrand 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
"winapi 0.3.6 (git+https://github.com/froydnj/winapi-rs?branch=aarch64)",
]
[[package]]
name = "rand"
version = "0.6.5"
@ -2659,11 +2603,6 @@ dependencies = [
"byteorder 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "rustc-serialize"
version = "0.3.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
[[package]]
name = "rustc_version"
version = "0.2.3"
@ -3998,7 +3937,6 @@ dependencies = [
"checksum lazycell 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b294d6fa9ee409a054354afc4352b0b9ef7ca222c69b8812cbea9e7d2bf3783f"
"checksum libc 0.2.60 (registry+https://github.com/rust-lang/crates.io-index)" = "d44e80633f007889c7eff624b709ab43c92d708caad982295768a7b13ca3b5eb"
"checksum libdbus-sys 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "18cb88963258d00f4962205dbb5933d82780d9962c8c8a064b651d2ad7189210"
"checksum libloading 0.4.3 (registry+https://github.com/rust-lang/crates.io-index)" = "fd38073de8f7965d0c17d30546d4bb6da311ab428d1c7a3fc71dff7f9d4979b9"
"checksum libloading 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)" = "9c3ad660d7cb8c5822cd83d10897b0f1f1526792737a179e73896152f85b88c2"
"checksum libudev 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ea626d3bdf40a1c5aee3bcd4f40826970cae8d80a8fec934c82a63840094dcfe"
"checksum libz-sys 1.0.25 (registry+https://github.com/rust-lang/crates.io-index)" = "2eb5e43362e38e2bca2fd5f5134c4d4564a23a5c28e9b95411652021a8675ebe"
@ -4032,7 +3970,6 @@ dependencies = [
"checksum new_debug_unreachable 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "0cdc457076c78ab54d5e0d6fa7c47981757f1e34dc39ff92787f217dede586c4"
"checksum nodrop 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)" = "9a2228dca57108069a5262f2ed8bd2e82496d2e074a06d1ccc7ce1687b6ae0a2"
"checksum nom 4.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "9c349f68f25f596b9f44cf0e7c69752a5c633b0550c3ff849518bfba0233774a"
"checksum num-bigint 0.1.44 (registry+https://github.com/rust-lang/crates.io-index)" = "e63899ad0da84ce718c14936262a41cee2c79c981fc0a0e7c7beb47d5a07e8c1"
"checksum num-derive 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "0c8b15b261814f992e33760b1fca9fe8b693d8a65299f20c9901688636cfb746"
"checksum num-integer 0.1.39 (registry+https://github.com/rust-lang/crates.io-index)" = "e83d528d2677f0518c570baf2b7abdcf0cd2d248860b68507bdcb3e91d4c0cea"
"checksum num-iter 0.1.37 (registry+https://github.com/rust-lang/crates.io-index)" = "af3fdbbc3291a5464dc57b03860ec37ca6bf915ed6ee385e7c6c052c422b2124"
@ -4053,7 +3990,6 @@ dependencies = [
"checksum phf_codegen 0.7.24 (registry+https://github.com/rust-lang/crates.io-index)" = "b03e85129e324ad4166b06b2c7491ae27fe3ec353af72e72cd1654c7225d517e"
"checksum phf_generator 0.7.24 (registry+https://github.com/rust-lang/crates.io-index)" = "09364cc93c159b8b06b1f4dd8a4398984503483891b0c26b867cf431fb132662"
"checksum phf_shared 0.7.24 (registry+https://github.com/rust-lang/crates.io-index)" = "234f71a15de2288bcb7e3b6515828d22af7ec8598ee6d24c3b526fa0a80b67a0"
"checksum pkcs11 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ff403ab0d15638fc795f4e2122e77e007fdcf17db7fee38f225f173c6e4cc1c3"
"checksum pkg-config 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)" = "3a8b4c6b8165cd1a1cd4b9b120978131389f64bdaf456435caa41e630edba903"
"checksum plain 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6"
"checksum plane-split 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ffe16a646a08f4b4dd74035b9ff8e378eb1a4012a74f14f5889e7001cdbece33"
@ -4067,7 +4003,6 @@ dependencies = [
"checksum quick-error 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "eda5fe9b71976e62bc81b781206aaa076401769b2143379d3eb2118388babac4"
"checksum quote 0.6.11 (registry+https://github.com/rust-lang/crates.io-index)" = "cdd8e04bd9c52e0342b406469d494fcb033be4bdbe5c606016defbb1681411e1"
"checksum quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "053a8c8bcc71fcce321828dc897a98ab9760bef03a4fc36693c231e5b3216cfe"
"checksum rand 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)" = "552840b97013b1a26992c11eac34bdd778e464601a4c2054b5f0bff7c6761293"
"checksum rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)" = "6d71dacdc3c88c1fde3885a3be3fbab9f35724e6ce99467f7d9c5026132184ca"
"checksum rand_chacha 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "556d3a1ca6600bfcbab7c7c91ccb085ac7fbbcd70e008a98742e7847f4f7bcef"
"checksum rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b"
@ -4096,7 +4031,6 @@ dependencies = [
"checksum rust_cascade 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "f3fe4900d38dab1ad21a515e44687dd0711e6b0ec5b214a3b1aa8857343bcf3a"
"checksum rustc-demangle 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)" = "76d7ba1feafada44f2d38eed812bd2489a03c0f5abb975799251518b68848649"
"checksum rustc-hash 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7540fc8b0c49f096ee9c961cda096467dce8084bec6bdca2fc83895fd9b28cb8"
"checksum rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)" = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda"
"checksum rustc_version 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a"
"checksum ryu 0.2.4 (registry+https://github.com/rust-lang/crates.io-index)" = "fd0568787116e13c652377b6846f5931454a363a8fdf8ae50463ee40935b278b"
"checksum safemem 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "8dca453248a96cb0749e36ccdfe2b0b4e54a61bfef89fb97ec621eb8e0a93dd9"

View File

@ -10,7 +10,6 @@ members = [
"js/src/wasm/cranelift",
"js/rust",
"js/src/frontend/binast", # Code generator.
"security/manager/ssl/osclientcerts",
"testing/geckodriver",
"toolkit/crashreporter/rust",
"toolkit/library/gtest/rust",

View File

@ -371,10 +371,6 @@ bin/libfreebl_64int_3.so
@RESPATH@/chrome/pippki@JAREXT@
@RESPATH@/chrome/pippki.manifest
#if defined(XP_WIN)
@BINPATH@/@DLL_PREFIX@osclientcerts@DLL_SUFFIX@
#endif
; For process sandboxing
#if defined(MOZ_SANDBOX)
#if defined(XP_LINUX)

View File

@ -4,9 +4,6 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
if CONFIG['OS_ARCH'] == 'WINNT':
DIRS += [ 'osclientcerts' ]
TEST_DIRS += [ 'tests' ]
XPIDL_SOURCES += [

View File

@ -1,26 +0,0 @@
[package]
name = "osclientcerts-static"
version = "0.1.4"
authors = ["Dana Keeler <dkeeler@mozilla.com>"]
edition = "2018"
description = "Platform-specific support for client authentication certificates in Firefox"
repository = "https://github.com/mozkeeler/osclientcerts"
license = "MPL-2.0"
[dependencies]
byteorder = "1.3"
env_logger = {version = "0.6", default-features = false } # disable `regex` to reduce code size
lazy_static = "1"
log = "0.4"
pkcs11 = "0.4"
sha2 = "0.8"
[target."cfg(target_os = \"windows\")".dependencies.winapi]
version = "0.3"
features = ["wincrypt"]
[build-dependencies]
bindgen = {version = "0.51.1", default-features = false} # disable `logging` to reduce code size
[lib]
crate-type = ["staticlib"]

View File

@ -1,24 +0,0 @@
/* -*- Mode: rust; rust-indent-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#[cfg(target_os = "windows")]
use bindgen;
use std::env;
#[cfg(target_os = "windows")]
use std::path::PathBuf;
#[cfg(target_os = "windows")]
fn main() {
let bindings = bindgen::Builder::default()
.header("src/wrapper-windows.h")
.whitelist_function("NCryptSignHash")
.generate()
.expect("Unable to generate bindings");
let out_path = PathBuf::from(env::var("OUT_DIR").expect("OUT_DIR unset?"));
bindings
.write_to_file(out_path.join("bindings.rs"))
.expect("Couldn't write bindings");
}

View File

@ -1,27 +0,0 @@
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
USE_LIBS += ['osclientcerts-static']
UNIFIED_SOURCES += [
'stub.cpp',
]
if CONFIG['OS_ARCH'] == 'WINNT':
OS_LIBS += [
'crypt32',
'kernel32',
'ncrypt',
'userenv',
'ws2_32',
]
SharedLibrary('osclientcerts')
NoVisibilityFlags()
SYMBOLS_FILE = 'osclientcerts.symbols'
NO_PGO = True

View File

@ -1,8 +0,0 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
// This is an intentionally empty file. It is necessary for the build system to
// successfully convert a static rust library into a dynamic library on
// Windows.

View File

@ -1,9 +0,0 @@
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
DIRS += [ 'dynamic-library' ]
RustLibrary('osclientcerts-static')

View File

@ -1,600 +0,0 @@
/* -*- Mode: rust; rust-indent-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#![allow(non_camel_case_types)]
include!(concat!(env!("OUT_DIR"), "/bindings.rs"));
use pkcs11::types::*;
use sha2::{Digest, Sha256};
use std::convert::TryInto;
use std::ffi::{CStr, CString};
use std::ops::Deref;
use std::slice;
use winapi::shared::bcrypt::*;
use winapi::um::ncrypt::*;
use winapi::um::wincrypt::*;
use crate::util::*;
/// Given a `CERT_INFO`, tries to return the bytes of the subject distinguished name as formatted by
/// `CertNameToStrA` using the flag `CERT_SIMPLE_NAME_STR`. This is used as the label for the
/// certificate.
fn get_cert_subject_dn(cert_info: &CERT_INFO) -> Result<Vec<u8>, ()> {
let mut cert_info_subject = cert_info.Subject;
let subject_dn_len = unsafe {
CertNameToStrA(
X509_ASN_ENCODING,
&mut cert_info_subject,
CERT_SIMPLE_NAME_STR,
std::ptr::null_mut(),
0,
)
};
// subject_dn_len includes the terminating null byte.
let mut subject_dn_string_bytes: Vec<u8> = vec![0; subject_dn_len as usize];
let subject_dn_len = unsafe {
CertNameToStrA(
X509_ASN_ENCODING,
&mut cert_info_subject,
CERT_SIMPLE_NAME_STR,
subject_dn_string_bytes.as_mut_ptr() as *mut i8,
subject_dn_string_bytes.len().try_into().map_err(|_| ())?,
)
};
if subject_dn_len as usize != subject_dn_string_bytes.len() {
return Err(());
}
Ok(subject_dn_string_bytes)
}
/// Represents a certificate for which there exists a corresponding private key.
pub struct Cert {
/// PKCS #11 object class. Will be `CKO_CERTIFICATE`.
class: Vec<u8>,
/// Whether or not this is on a token. Will be `CK_TRUE`.
token: Vec<u8>,
/// An identifier unique to this certificate. Must be the same as the ID for the private key.
id: Vec<u8>,
/// The bytes of a human-readable label for this certificate. Will be the subject DN.
label: Vec<u8>,
/// The DER bytes of the certificate.
value: Vec<u8>,
/// The DER bytes of the issuer distinguished name of the certificate.
issuer: Vec<u8>,
/// The DER bytes of the serial number of the certificate.
serial_number: Vec<u8>,
/// The DER bytes of the subject distinguished name of the certificate.
subject: Vec<u8>,
}
impl Cert {
fn new(cert: PCCERT_CONTEXT) -> Result<Cert, ()> {
let cert = unsafe { &*cert };
let cert_info = unsafe { &*cert.pCertInfo };
let value =
unsafe { slice::from_raw_parts(cert.pbCertEncoded, cert.cbCertEncoded as usize) };
let value = value.to_vec();
let id = Sha256::digest(&value).to_vec();
let label = get_cert_subject_dn(&cert_info)?;
let issuer = unsafe {
slice::from_raw_parts(cert_info.Issuer.pbData, cert_info.Issuer.cbData as usize)
};
let issuer = issuer.to_vec();
let serial_number = unsafe {
slice::from_raw_parts(
cert_info.SerialNumber.pbData,
cert_info.SerialNumber.cbData as usize,
)
};
let serial_number = serial_number.to_vec();
let subject = unsafe {
slice::from_raw_parts(cert_info.Subject.pbData, cert_info.Subject.cbData as usize)
};
let subject = subject.to_vec();
Ok(Cert {
class: serialize_uint(CKO_CERTIFICATE)?,
token: serialize_uint(CK_TRUE)?,
id,
label,
value,
issuer,
serial_number,
subject,
})
}
fn class(&self) -> &[u8] {
&self.class
}
fn token(&self) -> &[u8] {
&self.token
}
pub fn id(&self) -> &[u8] {
&self.id
}
fn label(&self) -> &[u8] {
&self.label
}
fn value(&self) -> &[u8] {
&self.value
}
fn issuer(&self) -> &[u8] {
&self.issuer
}
fn serial_number(&self) -> &[u8] {
&self.serial_number
}
fn subject(&self) -> &[u8] {
&self.subject
}
fn matches(&self, attrs: &[(CK_ATTRIBUTE_TYPE, Vec<u8>)]) -> bool {
for (attr_type, attr_value) in attrs {
let comparison = match *attr_type {
CKA_CLASS => self.class(),
CKA_TOKEN => self.token(),
CKA_LABEL => self.label(),
CKA_ID => self.id(),
CKA_VALUE => self.value(),
CKA_ISSUER => self.issuer(),
CKA_SERIAL_NUMBER => self.serial_number(),
CKA_SUBJECT => self.subject(),
_ => return false,
};
if attr_value.as_slice() != comparison {
return false;
}
}
true
}
fn get_attribute(&self, attribute: CK_ATTRIBUTE_TYPE) -> Option<&[u8]> {
let result = match attribute {
CKA_CLASS => self.class(),
CKA_TOKEN => self.token(),
CKA_LABEL => self.label(),
CKA_ID => self.id(),
CKA_VALUE => self.value(),
CKA_ISSUER => self.issuer(),
CKA_SERIAL_NUMBER => self.serial_number(),
CKA_SUBJECT => self.subject(),
_ => return None,
};
Some(result)
}
}
struct CertContext(PCCERT_CONTEXT);
// TODO: CERT_CONTEXT may not be thread-safe (unclear) (but in any case we're protected by the mutex
// on the manager, so this should be ok?)
unsafe impl Send for CertContext {}
unsafe impl Sync for CertContext {}
impl CertContext {
fn new(cert: PCCERT_CONTEXT) -> CertContext {
CertContext(unsafe { CertDuplicateCertificateContext(cert) })
}
}
impl Drop for CertContext {
fn drop(&mut self) {
unsafe {
CertFreeCertificateContext(self.0);
}
}
}
impl Deref for CertContext {
type Target = PCCERT_CONTEXT;
fn deref(&self) -> &Self::Target {
&self.0
}
}
struct NCryptKeyHandle(NCRYPT_KEY_HANDLE);
impl NCryptKeyHandle {
fn from_cert(cert: &CertContext) -> Result<NCryptKeyHandle, ()> {
let mut key_handle = 0;
let mut key_spec = 0;
let mut must_free = 0;
unsafe {
if CryptAcquireCertificatePrivateKey(
**cert,
CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG, // currently we only support CNG
std::ptr::null_mut(),
&mut key_handle,
&mut key_spec,
&mut must_free,
) != 1
{
return Err(());
}
}
if key_spec != CERT_NCRYPT_KEY_SPEC {
error!("CryptAcquireCertificatePrivateKey returned non-ncrypt handle");
return Err(());
}
if must_free == 0 {
error!("CryptAcquireCertificatePrivateKey returned shared key handle");
return Err(());
}
Ok(NCryptKeyHandle(key_handle as NCRYPT_KEY_HANDLE))
}
}
impl Drop for NCryptKeyHandle {
fn drop(&mut self) {
unsafe {
NCryptFreeObject(self.0 as NCRYPT_HANDLE);
}
}
}
impl Deref for NCryptKeyHandle {
type Target = NCRYPT_KEY_HANDLE;
fn deref(&self) -> &Self::Target {
&self.0
}
}
/// A helper enum to identify a private key's type. We support EC and RSA.
#[derive(Debug)]
pub enum KeyType {
EC,
RSA,
}
/// Represents a private key for which there exists a corresponding certificate.
pub struct Key {
/// A handle on the OS mechanism that represents the certificate for this key.
cert: CertContext,
/// PKCS #11 object class. Will be `CKO_PRIVATE_KEY`.
class: Vec<u8>,
/// Whether or not this is on a token. Will be `CK_TRUE`.
token: Vec<u8>,
/// An identifier unique to this key. Must be the same as the ID for the certificate.
id: Vec<u8>,
/// Whether or not this key is "private" (can it be exported?). Will be CK_TRUE (it can't be
/// exported).
private: Vec<u8>,
/// PKCS #11 key type. Will be `CKK_EC` for EC, and `CKK_RSA` for RSA.
key_type: Vec<u8>,
/// If this is an RSA key, this is the value of the modulus as an unsigned integer.
modulus: Option<Vec<u8>>,
/// If this is an EC key, this is the DER bytes of the OID identifying the curve the key is on.
ec_params: Option<Vec<u8>>,
/// An enum identifying this key's type.
key_type_enum: KeyType,
}
impl Key {
fn new(cert_context: PCCERT_CONTEXT) -> Result<Key, ()> {
let cert = unsafe { *cert_context };
let cert_der =
unsafe { slice::from_raw_parts(cert.pbCertEncoded, cert.cbCertEncoded as usize) };
let id = Sha256::digest(cert_der).to_vec();
let id = id.to_vec();
let cert_info = unsafe { &*cert.pCertInfo };
let mut modulus = None;
let mut ec_params = None;
let spki = &cert_info.SubjectPublicKeyInfo;
let algorithm_oid = unsafe { CStr::from_ptr(spki.Algorithm.pszObjId) }
.to_str()
.map_err(|_| ())?;
let (key_type_enum, key_type_attribute) = if algorithm_oid == szOID_RSA_RSA {
if spki.PublicKey.cUnusedBits != 0 {
return Err(());
}
let public_key_bytes = unsafe {
std::slice::from_raw_parts(spki.PublicKey.pbData, spki.PublicKey.cbData as usize)
};
let modulus_value = read_rsa_modulus(public_key_bytes)?;
modulus = Some(modulus_value);
(KeyType::RSA, CKK_RSA)
} else if algorithm_oid == szOID_ECC_PUBLIC_KEY {
let params = &spki.Algorithm.Parameters;
ec_params = Some(
unsafe { std::slice::from_raw_parts(params.pbData, params.cbData as usize) }
.to_vec(),
);
(KeyType::EC, CKK_EC)
} else {
return Err(());
};
Ok(Key {
cert: CertContext::new(cert_context),
class: serialize_uint(CKO_PRIVATE_KEY)?,
token: serialize_uint(CK_TRUE)?,
id,
private: serialize_uint(CK_TRUE)?,
key_type: serialize_uint(key_type_attribute)?,
modulus,
ec_params,
key_type_enum,
})
}
fn class(&self) -> &[u8] {
&self.class
}
fn token(&self) -> &[u8] {
&self.token
}
pub fn id(&self) -> &[u8] {
&self.id
}
fn private(&self) -> &[u8] {
&self.private
}
fn key_type(&self) -> &[u8] {
&self.key_type
}
fn modulus(&self) -> Option<&[u8]> {
match &self.modulus {
Some(modulus) => Some(modulus.as_slice()),
None => None,
}
}
fn ec_params(&self) -> Option<&[u8]> {
match &self.ec_params {
Some(ec_params) => Some(ec_params.as_slice()),
None => None,
}
}
fn matches(&self, attrs: &[(CK_ATTRIBUTE_TYPE, Vec<u8>)]) -> bool {
for (attr_type, attr_value) in attrs {
let comparison = match *attr_type {
CKA_CLASS => self.class(),
CKA_TOKEN => self.token(),
CKA_ID => self.id(),
CKA_PRIVATE => self.private(),
CKA_KEY_TYPE => self.key_type(),
CKA_MODULUS => {
if let Some(modulus) = self.modulus() {
modulus
} else {
return false;
}
}
CKA_EC_PARAMS => {
if let Some(ec_params) = self.ec_params() {
ec_params
} else {
return false;
}
}
_ => return false,
};
if attr_value.as_slice() != comparison {
return false;
}
}
true
}
fn get_attribute(&self, attribute: CK_ATTRIBUTE_TYPE) -> Option<&[u8]> {
match attribute {
CKA_CLASS => Some(self.class()),
CKA_TOKEN => Some(self.token()),
CKA_ID => Some(self.id()),
CKA_PRIVATE => Some(self.private()),
CKA_KEY_TYPE => Some(self.key_type()),
CKA_MODULUS => self.modulus(),
CKA_EC_PARAMS => self.ec_params(),
_ => None,
}
}
pub fn get_signature_length(&self, data: &[u8]) -> Result<usize, ()> {
match self.sign_internal(data, false) {
Ok(dummy_signature_bytes) => Ok(dummy_signature_bytes.len()),
Err(()) => Err(()),
}
}
pub fn sign(&self, data: &[u8]) -> Result<Vec<u8>, ()> {
self.sign_internal(data, true)
}
/// data: the data to sign
/// do_signature: if true, actually perform the signature. Otherwise, return a `Vec<u8>` of the
/// length the signature would be, if performed.
fn sign_internal(&self, data: &[u8], do_signature: bool) -> Result<Vec<u8>, ()> {
// Acquiring a handle on the key can cause the OS to show some UI to the user, so we do this
// as late as possible (i.e. here).
let key = NCryptKeyHandle::from_cert(&self.cert)?;
// This only applies to RSA.
let mut padding_info = BCRYPT_PKCS1_PADDING_INFO {
// Because the hash algorithm is encoded in `data`, we don't have to (and don't want to)
// specify a particular algorithm here.
pszAlgId: std::ptr::null(),
};
let (padding_info_ptr, flags) = match self.key_type_enum {
KeyType::EC => (std::ptr::null_mut(), 0),
KeyType::RSA => (
&mut padding_info as *mut BCRYPT_PKCS1_PADDING_INFO,
NCRYPT_PAD_PKCS1_FLAG,
),
};
let mut data = data.to_vec();
let mut signature_len = 0;
// We call NCryptSignHash twice: the first time to get the size of the buffer we need to
// allocate and then again to actually sign the data.
let status = unsafe {
NCryptSignHash(
*key,
padding_info_ptr as *mut std::ffi::c_void,
data.as_mut_ptr(),
data.len().try_into().map_err(|_| ())?,
std::ptr::null_mut(),
0,
&mut signature_len,
flags,
)
};
// 0 is "ERROR_SUCCESS" (but "ERROR_SUCCESS" is unsigned, whereas SECURITY_STATUS is signed)
if status != 0 {
error!(
"NCryptSignHash failed trying to get signature buffer length, {}",
status
);
return Err(());
}
let mut signature = vec![0; signature_len as usize];
if !do_signature {
return Ok(signature);
}
let mut final_signature_len = signature_len;
let status = unsafe {
NCryptSignHash(
*key,
padding_info_ptr as *mut std::ffi::c_void,
data.as_mut_ptr(),
data.len().try_into().map_err(|_| ())?,
signature.as_mut_ptr(),
signature_len,
&mut final_signature_len,
flags,
)
};
if status != 0 {
error!("NCryptSignHash failed signing data {}", status);
return Err(());
}
if final_signature_len != signature_len {
error!(
"NCryptSignHash: inconsistent signature lengths? {} != {}",
final_signature_len, signature_len
);
return Err(());
}
Ok(signature)
}
}
/// A helper enum that represents the two types of PKCS #11 objects we support: certificates and
/// keys.
pub enum Object {
Cert(Cert),
Key(Key),
}
impl Object {
pub fn matches(&self, attrs: &[(CK_ATTRIBUTE_TYPE, Vec<u8>)]) -> bool {
match self {
Object::Cert(cert) => cert.matches(attrs),
Object::Key(key) => key.matches(attrs),
}
}
pub fn get_attribute(&self, attribute: CK_ATTRIBUTE_TYPE) -> Option<&[u8]> {
match self {
Object::Cert(cert) => cert.get_attribute(attribute),
Object::Key(key) => key.get_attribute(attribute),
}
}
}
struct CertStore {
handle: HCERTSTORE,
}
impl Drop for CertStore {
fn drop(&mut self) {
if !self.handle.is_null() {
unsafe {
CertCloseStore(self.handle, 0);
}
}
}
}
impl Deref for CertStore {
type Target = HCERTSTORE;
fn deref(&self) -> &Self::Target {
&self.handle
}
}
impl CertStore {
fn new(handle: HCERTSTORE) -> CertStore {
CertStore { handle }
}
}
/// Attempts to enumerate certificates with private keys exposed by the OS. Currently only looks in
/// the "My" cert store of the current user. In the future this may look in more locations.
pub fn list_objects() -> Vec<Object> {
let mut objects = Vec::new();
let location_flags = CERT_SYSTEM_STORE_CURRENT_USER // TODO: loop over multiple locations
| CERT_STORE_OPEN_EXISTING_FLAG
| CERT_STORE_READONLY_FLAG;
let store_name = match CString::new("My") {
Ok(store_name) => store_name,
Err(null_error) => {
error!("CString::new given input with a null byte: {}", null_error);
return objects;
}
};
let store = CertStore::new(unsafe {
CertOpenStore(
CERT_STORE_PROV_SYSTEM_REGISTRY_A,
0,
0,
location_flags,
store_name.as_ptr() as *const winapi::ctypes::c_void,
)
});
if store.is_null() {
error!("CertOpenStore failed");
return objects;
}
let mut cert_context: PCCERT_CONTEXT = std::ptr::null_mut();
loop {
cert_context = unsafe {
CertFindCertificateInStore(
*store,
X509_ASN_ENCODING,
CERT_FIND_HAS_PRIVATE_KEY,
CERT_FIND_ANY,
std::ptr::null_mut(),
cert_context,
)
};
if cert_context.is_null() {
break;
}
let cert = match Cert::new(cert_context) {
Ok(cert) => cert,
Err(()) => continue,
};
let key = match Key::new(cert_context) {
Ok(key) => key,
Err(()) => continue,
};
objects.push(Object::Cert(cert));
objects.push(Object::Key(key));
}
objects
}

File diff suppressed because it is too large Load Diff

View File

@ -1,221 +0,0 @@
/* -*- Mode: rust; rust-indent-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
use pkcs11::types::*;
use std::collections::{BTreeMap, BTreeSet};
#[cfg(target_os = "windows")]
use crate::backend_windows as backend;
use backend::*;
/// The `Manager` keeps track of the state of this module with respect to the PKCS #11
/// specification. This includes what sessions are open, which search and sign operations are
/// ongoing, and what objects are known and by what handle.
pub struct Manager {
/// A set of sessions. Sessions can be created (opened) and later closed.
sessions: BTreeSet<CK_SESSION_HANDLE>,
/// A map of searches to PKCS #11 object handles that match those searches.
searches: BTreeMap<CK_SESSION_HANDLE, Vec<CK_OBJECT_HANDLE>>,
/// A map of sign operations to the object handle being used by each one.
signs: BTreeMap<CK_SESSION_HANDLE, CK_OBJECT_HANDLE>,
/// A map of object handles to the underlying objects.
objects: BTreeMap<CK_OBJECT_HANDLE, Object>,
/// A set of certificate identifiers (not the same as handles).
cert_ids: BTreeSet<Vec<u8>>,
/// A set of key identifiers (not the same as handles). For each id in this set, there should be
/// a corresponding identical id in the `cert_ids` set, and vice-versa.
key_ids: BTreeSet<Vec<u8>>,
/// The next session handle to hand out.
next_session: CK_SESSION_HANDLE,
/// The next object handle to hand out.
next_handle: CK_OBJECT_HANDLE,
}
impl Manager {
pub fn new() -> Manager {
let mut manager = Manager {
sessions: BTreeSet::new(),
searches: BTreeMap::new(),
signs: BTreeMap::new(),
objects: BTreeMap::new(),
cert_ids: BTreeSet::new(),
key_ids: BTreeSet::new(),
next_session: 1,
next_handle: 1,
};
manager.find_new_objects();
manager
}
/// When a new `Manager` is created and when a new session is opened, this searches for
/// certificates and keys to expose. We de-duplicate previously-found certificates and keys by
/// keeping track of their IDs.
fn find_new_objects(&mut self) {
let objects = list_objects();
debug!("found {} objects", objects.len());
for object in objects {
match &object {
Object::Cert(cert) => {
if self.cert_ids.contains(cert.id()) {
continue;
}
self.cert_ids.insert(cert.id().to_vec());
let handle = self.get_next_handle();
self.objects.insert(handle, object);
}
Object::Key(key) => {
if self.key_ids.contains(key.id()) {
continue;
}
self.key_ids.insert(key.id().to_vec());
let handle = self.get_next_handle();
self.objects.insert(handle, object);
}
}
}
}
pub fn open_session(&mut self) -> CK_SESSION_HANDLE {
self.find_new_objects();
let next_session = self.next_session;
self.next_session += 1;
self.sessions.insert(next_session);
next_session
}
pub fn close_session(&mut self, session: CK_SESSION_HANDLE) -> Result<(), ()> {
if self.sessions.remove(&session) {
Ok(())
} else {
Err(())
}
}
pub fn close_all_sessions(&mut self) {
self.sessions.clear();
}
fn get_next_handle(&mut self) -> CK_OBJECT_HANDLE {
let next_handle = self.next_handle;
self.next_handle += 1;
next_handle
}
/// PKCS #11 specifies that search operations happen in three phases: setup, get any matches
/// (this part may be repeated if the caller uses a small buffer), and end. This implementation
/// does all of the work up front and gathers all matching objects during setup and retains them
/// until they are retrieved and consumed via `search`.
pub fn start_search(
&mut self,
session: CK_SESSION_HANDLE,
attrs: &[(CK_ATTRIBUTE_TYPE, Vec<u8>)],
) -> Result<(), ()> {
if self.searches.contains_key(&session) {
return Err(());
}
let mut handles = Vec::new();
for (handle, object) in &self.objects {
if object.matches(attrs) {
handles.push(*handle);
}
}
self.searches.insert(session, handles);
Ok(())
}
/// Given a session and a maximum number of object handles to return, attempts to retrieve up to
/// that many objects from the corresponding search. Updates the search so those objects are not
/// returned repeatedly. `max_objects` must be non-zero.
pub fn search(
&mut self,
session: CK_SESSION_HANDLE,
max_objects: usize,
) -> Result<Vec<CK_OBJECT_HANDLE>, ()> {
if max_objects == 0 {
return Err(());
}
match self.searches.get_mut(&session) {
Some(search) => {
let split_at = if max_objects >= search.len() {
0
} else {
search.len() - max_objects
};
let to_return = search.split_off(split_at);
if to_return.len() > max_objects {
error!(
"search trying to return too many handles: {} > {}",
to_return.len(),
max_objects
);
return Err(());
}
Ok(to_return)
}
None => Err(()),
}
}
pub fn clear_search(&mut self, session: CK_SESSION_HANDLE) {
self.searches.remove(&session);
}
pub fn get_object(&mut self, object_handle: CK_OBJECT_HANDLE) -> Result<&Object, ()> {
match self.objects.get(&object_handle) {
Some(object) => Ok(object),
None => Err(()),
}
}
/// The way NSS uses PKCS #11 to sign data happens in two phases: setup and sign. This
/// implementation makes a note of which key is to be used (if it exists) during setup. When the
/// caller finishes with the sign operation, this implementation retrieves the key handle and
/// performs the signature.
pub fn start_sign(
&mut self,
session: CK_SESSION_HANDLE,
key_handle: CK_OBJECT_HANDLE,
) -> Result<(), ()> {
if self.signs.contains_key(&session) {
return Err(());
}
match self.objects.get(&key_handle) {
Some(Object::Key(_)) => {}
_ => return Err(()),
};
self.signs.insert(session, key_handle);
Ok(())
}
pub fn get_signature_length(
&self,
session: CK_SESSION_HANDLE,
data: &[u8],
) -> Result<usize, ()> {
let key_handle = match self.signs.get(&session) {
Some(key_handle) => key_handle,
None => return Err(()),
};
let key = match self.objects.get(&key_handle) {
Some(Object::Key(key)) => key,
_ => return Err(()),
};
key.get_signature_length(data)
}
pub fn sign(&mut self, session: CK_SESSION_HANDLE, data: &[u8]) -> Result<Vec<u8>, ()> {
// Performing the signature (via C_Sign, which is the only way we support) finishes the sign
// operation, so it needs to be removed here.
let key_handle = match self.signs.remove(&session) {
Some(key_handle) => key_handle,
None => return Err(()),
};
let key = match self.objects.get(&key_handle) {
Some(Object::Key(key)) => key,
_ => return Err(()),
};
key.sign(data)
}
}

View File

@ -1,287 +0,0 @@
/* -*- Mode: rust; rust-indent-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
use byteorder::{BigEndian, NativeEndian, ReadBytesExt, WriteBytesExt};
use std::convert::TryInto;
// This is a helper function to take a value and lay it out in memory how
// PKCS#11 is expecting it.
pub fn serialize_uint<T: TryInto<u64>>(value: T) -> Result<Vec<u8>, ()> {
let value_size = std::mem::size_of::<T>();
let mut value_buf = Vec::with_capacity(value_size);
let value_as_u64 = value.try_into().map_err(|_| ())?;
value_buf
.write_uint::<NativeEndian>(value_as_u64, value_size)
.map_err(|_| ())?;
Ok(value_buf)
}
/// Given a slice of DER bytes representing an RSA public key, extracts the bytes of the modulus
/// as an unsigned integer. Also verifies that the public exponent is present (again as an
/// unsigned integer). Finally verifies that reading these values consumes the entirety of the
/// slice.
/// RSAPublicKey ::= SEQUENCE {
/// modulus INTEGER, -- n
/// publicExponent INTEGER -- e
/// }
pub fn read_rsa_modulus(public_key: &[u8]) -> Result<Vec<u8>, ()> {
let mut sequence = Sequence::new(public_key)?;
let modulus_value = sequence.read_unsigned_integer()?;
let _exponent = sequence.read_unsigned_integer()?;
if !sequence.at_end() {
return Err(());
}
Ok(modulus_value.to_vec())
}
/// Helper macro for reading some bytes from a slice while checking the slice is long enough.
/// Returns a pair consisting of a slice of the bytes read and a slice of the rest of the bytes
/// from the original slice.
macro_rules! try_read_bytes {
($data:ident, $len:expr) => {{
if $data.len() < $len {
return Err(());
}
$data.split_at($len)
}};
}
/// ASN.1 tag identifying an integer.
const INTEGER: u8 = 0x02;
/// ASN.1 tag identifying a sequence.
const SEQUENCE: u8 = 0x10;
/// ASN.1 tag modifier identifying an item as constructed.
const CONSTRUCTED: u8 = 0x20;
/// A helper struct for reading items from a DER SEQUENCE (in this case, all sequences are
/// assumed to be CONSTRUCTED).
struct Sequence<'a> {
/// The contents of the SEQUENCE.
contents: Der<'a>,
}
impl<'a> Sequence<'a> {
fn new(input: &'a [u8]) -> Result<Sequence<'a>, ()> {
let mut der = Der::new(input);
let sequence_bytes = der.read(SEQUENCE | CONSTRUCTED)?;
// We're assuming we want to consume the entire input for now.
if !der.at_end() {
return Err(());
}
Ok(Sequence {
contents: Der::new(sequence_bytes),
})
}
// TODO: we're not exhaustively validating this integer
fn read_unsigned_integer(&mut self) -> Result<&'a [u8], ()> {
let bytes = self.contents.read(INTEGER)?;
if bytes.is_empty() {
return Err(());
}
// There may be a leading zero (we should also check that the first bit
// of the rest of the integer is set).
if bytes[0] == 0 && bytes.len() > 1 {
let (_, integer) = bytes.split_at(1);
Ok(integer)
} else {
Ok(bytes)
}
}
fn at_end(&self) -> bool {
self.contents.at_end()
}
}
/// A helper struct for reading DER data. The contents are treated like a cursor, so its position
/// is updated as data is read.
struct Der<'a> {
contents: &'a [u8],
}
impl<'a> Der<'a> {
fn new(contents: &'a [u8]) -> Der<'a> {
Der { contents }
}
// In theory, a caller could encounter an error and try another operation, in which case we may
// be in an inconsistent state. As long as this implementation isn't exposed to code that would
// use it incorrectly (i.e. it stays in this module and we only expose a stateless API), it
// should be safe.
fn read(&mut self, tag: u8) -> Result<&'a [u8], ()> {
let contents = self.contents;
let (tag_read, rest) = try_read_bytes!(contents, 1);
if tag_read[0] != tag {
return Err(());
}
let (length1, rest) = try_read_bytes!(rest, 1);
let (length, to_read_from) = if length1[0] < 0x80 {
(length1[0] as usize, rest)
} else if length1[0] == 0x81 {
let (length, rest) = try_read_bytes!(rest, 1);
if length[0] < 0x80 {
return Err(());
}
(length[0] as usize, rest)
} else if length1[0] == 0x82 {
let (lengths, rest) = try_read_bytes!(rest, 2);
let length = (&mut &lengths[..])
.read_u16::<BigEndian>()
.map_err(|_| ())?;
if length < 256 {
return Err(());
}
(length as usize, rest)
} else {
return Err(());
};
let (contents, rest) = try_read_bytes!(to_read_from, length);
self.contents = rest;
Ok(contents)
}
fn at_end(&self) -> bool {
self.contents.is_empty()
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn der_test_empty_input() {
let input = Vec::new();
let mut der = Der::new(&input);
assert!(der.read(INTEGER).is_err());
}
#[test]
fn der_test_no_length() {
let input = vec![INTEGER];
let mut der = Der::new(&input);
assert!(der.read(INTEGER).is_err());
}
#[test]
fn der_test_empty_sequence() {
let input = vec![SEQUENCE, 0];
let mut der = Der::new(&input);
let read_result = der.read(SEQUENCE);
assert!(read_result.is_ok());
let sequence_bytes = read_result.unwrap();
assert_eq!(sequence_bytes.len(), 0);
assert!(der.at_end());
}
#[test]
fn der_test_not_at_end() {
let input = vec![SEQUENCE, 0, 1];
let mut der = Der::new(&input);
let read_result = der.read(SEQUENCE);
assert!(read_result.is_ok());
let sequence_bytes = read_result.unwrap();
assert_eq!(sequence_bytes.len(), 0);
assert!(!der.at_end());
}
#[test]
fn der_test_wrong_tag() {
let input = vec![SEQUENCE, 0];
let mut der = Der::new(&input);
assert!(der.read(INTEGER).is_err());
}
#[test]
fn der_test_truncated_two_byte_length() {
let input = vec![SEQUENCE, 0x81];
let mut der = Der::new(&input);
assert!(der.read(SEQUENCE).is_err());
}
#[test]
fn der_test_truncated_three_byte_length() {
let input = vec![SEQUENCE, 0x82, 1];
let mut der = Der::new(&input);
assert!(der.read(SEQUENCE).is_err());
}
#[test]
fn der_test_truncated_data() {
let input = vec![SEQUENCE, 20, 1];
let mut der = Der::new(&input);
assert!(der.read(SEQUENCE).is_err());
}
#[test]
fn der_test_sequence() {
let input = vec![
SEQUENCE, 20, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6, 7, 7, 8, 8, 9, 9, 0, 0,
];
let mut der = Der::new(&input);
let result = der.read(SEQUENCE);
assert!(result.is_ok());
assert_eq!(
result.unwrap(),
[1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6, 7, 7, 8, 8, 9, 9, 0, 0]
);
assert!(der.at_end());
}
#[test]
fn der_test_not_shortest_two_byte_length_encoding() {
let input = vec![SEQUENCE, 0x81, 1, 1];
let mut der = Der::new(&input);
assert!(der.read(SEQUENCE).is_err());
}
#[test]
fn der_test_not_shortest_three_byte_length_encoding() {
let input = vec![SEQUENCE, 0x82, 0, 1, 1];
let mut der = Der::new(&input);
assert!(der.read(SEQUENCE).is_err());
}
#[test]
fn der_test_indefinite_length_unsupported() {
let input = vec![SEQUENCE, 0x80, 1, 2, 3, 0x00, 0x00];
let mut der = Der::new(&input);
assert!(der.read(SEQUENCE).is_err());
}
#[test]
fn der_test_input_too_long() {
// This isn't valid DER (the contents of the SEQUENCE are truncated), but it demonstrates
// that we don't try to read too much if we're given a long length (and also that we don't
// support lengths 2^16 and up).
let input = vec![SEQUENCE, 0x83, 0x01, 0x00, 0x01, 1, 1, 1, 1];
let mut der = Der::new(&input);
assert!(der.read(SEQUENCE).is_err());
}
#[test]
fn empty_input_fails() {
let empty = Vec::new();
assert!(read_rsa_modulus(&empty).is_err());
assert!(read_ec_sig_point(&empty).is_err());
}
#[test]
fn empty_sequence_fails() {
let empty = vec![SEQUENCE | CONSTRUCTED];
assert!(read_rsa_modulus(&empty).is_err());
assert!(read_ec_sig_point(&empty).is_err());
}
#[test]
fn test_read_rsa_modulus() {
let rsa_key = include_bytes!("../test/rsa.bin");
let result = read_rsa_modulus(rsa_key);
assert!(result.is_ok());
let modulus = result.unwrap();
assert_eq!(modulus, include_bytes!("../test/modulus.bin").to_vec());
}
}

View File

@ -1,6 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include <Windows.h>
#include <ncrypt.h>

View File

@ -1,2 +0,0 @@
ºˆQ¨DŽÖAýn¶ˆ6=<Ùêä5J´ìõhWl${ÁÇ%¨àؽ±œn†òkâ¯Zukjdqz¥Z§E‡÷Õ$œ~ÍCüiÐ8 )“« ÃIäÛ¹LÂklíñ~­i±Ó:*Aî§pà <0A>ýf +°$’¤}¹ˆay<61>±W<C2B1>=Ò;Åà¸H¨7ÓˆCï'ØU·fZª~<02>/:{l—­a[·â–Àu1£ ‘Ý´Ê÷ü­%Ó ï¹§há³{/"oiã´Š•aî&Ö%<25>«N6Ë$,¿/åñ<C3A5>1¸³þI#úrQÄ1Õ¬Ú
<EFBFBD>

View File

@ -1 +0,0 @@
{"files":{"Cargo.toml":"e3db29aefcf98671c707fab96d5d5b1964b79734faeea0d8dc6d94ef7d8fbaef","LICENSE":"b29f8b01452350c20dd1af16ef83b598fea3053578ccc1c7a0ef40e57be2620f","README.mkd":"34dc610b01f8c3e56d95de1972120ca0d53cee787f636a3ce96526ab343878b5","appveyor.yml":"8382c7f1769f6cf78029a221058c4d73f35a48308b5dfc38d875facabec1c139","build.rs":"b0cab713feb1fa86fec27af607272f2964e79cca6637ae837a1dfd9d88b67dd4","src/changelog.rs":"f0cf85f7de1c9807941bb832b2827f26efff8ec8bef14a38153c3f6c9a5831b5","src/lib.rs":"baa087dec7103adafc8c548e3baa1167af6d6d6be13a147fb19b880743f67182","src/os/mod.rs":"51d733e5522dacd6069642ad66aa6d7acf6c82950c934eb040e8dfd112e6d610","src/os/unix/mod.rs":"2af876458bf0012f7c0a06e8e976aff897410e22f3776c34ab1f2aa79fbd59aa","src/os/windows/mod.rs":"06ba72c9140c063696a579df2e57532fa3e470584fa304608a4268e6ba4ff8ad","src/test_helpers.rs":"3a55052e8cd5231e97d9282b43398c2f144c57ced2d2df64bde7f482f5c778e7","src/util.rs":"0b0155448a26db4b00b2a6ca129e0e1f6f75870c56c9777d262941818c7581b7","tests/functions.rs":"4633f3673db6a5b3623ea8927b13314c25502c9fbb63bb17a5a35650ea489012","tests/markers.rs":"8e9c1b883404d9190e4f23ed39b3d6cbbccb3a07883f733b04aed4357b9c6aca","tests/nagisa32.dll":"5c69b2bd9c8a6ad04165c221075fc9fade1dd66ca697399ace528a5a62328e36","tests/nagisa64.dll":"e20b95e3036f3289421abd100760874d4f455afd33c3b5b64fec56b191f7d477","tests/windows.rs":"7711dfe19062d91356cd127546542b1b6e13aeef76ad3098f32c8a6ae319b66a"},"package":"fd38073de8f7965d0c17d30546d4bb6da311ab428d1c7a3fc71dff7f9d4979b9"}

View File

@ -1,29 +0,0 @@
# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
#
# When uploading crates to the registry Cargo will automatically
# "normalize" Cargo.toml files for maximal compatibility
# with all versions of Cargo and also rewrite `path` dependencies
# to registry (e.g. crates.io) dependencies
#
# If you believe there's an error in this file please file an
# issue against the rust-lang/cargo repository. If you're
# editing this file be aware that the upstream Cargo.toml
# will likely look very different (and much more reasonable)
[package]
name = "libloading"
version = "0.4.3"
authors = ["Simonas Kazlauskas <libloading@kazlauskas.me>"]
build = "build.rs"
description = "A safer binding to platforms dynamic library loading utilities"
documentation = "https://docs.rs/libloading/"
keywords = ["dlopen", "load", "shared", "dylib"]
license = "ISC"
repository = "https://github.com/nagisa/rust_libloading/"
[dependencies.lazy_static]
version = "1"
[target."cfg(windows)".dependencies.kernel32-sys]
version = "0.2"
[target."cfg(windows)".dependencies.winapi]
version = "0.2"

View File

@ -1,12 +0,0 @@
Copyright © 2015, Simonas Kazlauskas
Permission to use, copy, modify, and/or distribute this software for any purpose with or without
fee is hereby granted, provided that the above copyright notice and this permission notice appear
in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS
SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
THIS SOFTWARE.

View File

@ -1,27 +0,0 @@
# libloading [![Travis CI][tcii]][tci] [![Appveyor CI][acii]][aci]
[tcii]: https://travis-ci.org/nagisa/rust_libloading.svg?branch=master
[tci]: https://travis-ci.org/nagisa/rust_libloading
[acii]: https://ci.appveyor.com/api/projects/status/cnncnu58qcxb1ikf/branch/master?svg=true
[aci]: https://ci.appveyor.com/project/nagisa/rust-libloading
A memory-safer wrapper around system dynamic library loading primitives. The most important safety
guarantee by this library is prevention of dangling-`Symbol`s that may occur after a `Library` is
unloaded.
Using this library allows loading dynamic libraries (also known as shared libraries) as well as use
functions and static variables these libraries contain.
* [Documentation][docs]
* [Changelog][changelog]
[docs]: https://docs.rs/libloading/
[changelog]: https://docs.rs/libloading/*/libloading/changelog/index.html
libloading is distributed under ISC (MIT-like) license.
---
Note, that this library is not a drop-in replacement for the deprecated `dynamic_lib`. Many
dubious APIs (notably, library search path modification) were prunned and string arguments
take types that match conventions and system APIs better.

View File

@ -1,19 +0,0 @@
environment:
matrix:
- TARGET: nightly-x86_64-pc-windows-msvc
- TARGET: nightly-i686-pc-windows-msvc
- TARGET: nightly-x86_64-pc-windows-gnu
- TARGET: nightly-i686-pc-windows-gnu
- TARGET: 1.14.0-x86_64-pc-windows-msvc
- TARGET: 1.14.0-i686-pc-windows-msvc
- TARGET: 1.14.0-x86_64-pc-windows-gnu
- TARGET: 1.14.0-i686-pc-windows-gnu
install:
- ps: Start-FileDownload "https://static.rust-lang.org/dist/rust-${env:TARGET}.exe" -FileName "rust.exe"
- ps: .\rust.exe /VERYSILENT /NORESTART /DIR="C:\rust" | Out-Null
- ps: $env:PATH="$env:PATH;C:\rust\bin"
- rustc -vV
- cargo -vV
build: off
test_script:
- cargo test

View File

@ -1,23 +0,0 @@
use std::io::Write;
use std::env;
fn main(){
let target_os = env::var("CARGO_CFG_TARGET_OS");
match target_os.as_ref().map(|x| &**x) {
Ok("linux") | Ok("android") => println!("cargo:rustc-link-lib=dl"),
Ok("freebsd") | Ok("dragonfly") => println!("cargo:rustc-link-lib=c"),
// netbsd claims dl* will be available to any dynamically linked binary, but I havent
// found any libraries that have to be linked to on other platforms.
// What happens if the executable is not linked up dynamically?
Ok("openbsd") | Ok("bitrig") | Ok("netbsd") | Ok("macos") | Ok("ios") => {}
Ok("solaris") => {}
// dependencies come with winapi
Ok("windows") => {}
tos => {
writeln!(::std::io::stderr(),
"Building for an unknown target_os=`{:?}`!\nPlease report an issue ",
tos).expect("could not report the error");
::std::process::exit(0xfc);
}
}
}

View File

@ -1,79 +0,0 @@
//! Project changelog
/// Release 0.4.3 (2017-12-07)
///
/// * Bump lazy-static dependency to `^1.0`
/// * `cargo test --release` now works when testing libloading.
pub mod r0_4_3 {}
/// Release 0.4.2 (2017-09-24)
///
/// * Improved error and race-condition handling on Windows;
/// * Improved documentation about thread-safety of Library;
/// * Added `Symbol::<Option<T>::lift_option() -> Option<Symbol<T>>` convenience method.
pub mod r0_4_2 {}
/// Release 0.4.1 (2017-08-29)
///
/// * Solaris support
pub mod r0_4_1 {}
/// Release 0.4.0 (2017-05-01)
///
/// * Remove build-time dependency on target_build_utils (and by extension serde/phf);
/// * Require at least version 1.14.0 of rustc to build;
/// * Actually, it is cargo which has to be more recent here. The one shipped with rustc 1.14.0
/// is whats being required from now on.
pub mod r0_4_0 {}
/// Release 0.3.4 (2017-03-25)
///
/// * Remove rogue println!
pub mod r0_3_4 {}
/// Release 0.3.3 (2017-03-25)
///
/// * Panics when `Library::get` is called for incompatibly sized type such as named function
/// types (which are zero-sized).
pub mod r0_3_3 {}
/// Release 0.3.2 (2017-02-10)
///
/// * Minimum version required is now rustc 1.12.0;
/// * Updated dependency versions (most notably target_build_utils to 0.3.0)
pub mod r0_3_2 {}
/// Release 0.3.1 (2016-10-01)
///
/// * `Symbol<T>` and `os::*::Symbol<T>` now implement `Send` where `T: Send`;
/// * `Symbol<T>` and `os::*::Symbol<T>` now implement `Sync` where `T: Sync`;
/// * `Library` and `os::*::Library` now implement `Sync` (they were `Send` in 0.3.0 already).
pub mod r0_3_1 {}
/// Release 0.3.0 (2016-07-27)
///
/// * Greatly improved documentation, especially around platform-specific behaviours;
/// * Improved test suite by building our own library to test against;
/// * All `Library`-ies now implement `Send`.
/// * Added `impl From<os::platform::Library> for Library` and `impl From<Library> for
/// os::platform::Library` allowing wrapping and extracting the platform-specific library handle;
/// * Added methods to wrap (`Symbol::from_raw`) and unwrap (`Symbol::into_raw`) the safe `Symbol`
/// wrapper into unsafe `os::platform::Symbol`.
///
/// The last two additions focus on not restricting potential usecases of this library, allowing
/// users of the library to circumvent safety checks if need be.
///
/// ## Beaking Changes
///
/// `Library::new` defaults to `RTLD_NOW` instead of `RTLD_LAZY` on UNIX for more consistent
/// cross-platform behaviour. If a library loaded with `Library::new` had any linking errors, but
/// unresolved references werent forced to be resolved, the library wouldve “just worked”,
/// whereas now the call to `Library::new` will return an error signifying presence of such error.
///
/// ## os::platform
/// * Added `os::unix::Library::open` which allows specifying arbitrary flags (e.g. `RTLD_LAZY`);
/// * Added `os::windows::Library::get_ordinal` which allows finding a function or variable by its
/// ordinal number;
pub mod r0_3_0 {}

View File

@ -1,314 +0,0 @@
//! A memory-safer wrapper around system dynamic library loading primitives.
//!
//! Using this library allows loading [dynamic libraries](struct.Library.html) (also known as
//! shared libraries) as well as use functions and static variables these libraries contain.
//!
//! While the library does expose a cross-platform interface to load a library and find stuff
//! inside it, little is done to paper over the platform differences, especially where library
//! loading is involved. The documentation for each function will attempt to document such
//! differences on the best-effort basis.
//!
//! Less safe, platform specific bindings are also available. See the
//! [`os::platform`](os/index.html) module for details.
//!
//! # Usage
//!
//! Add dependency to this library to your `Cargo.toml`:
//!
//! ```toml
//! [dependencies]
//! libloading = "0.4"
//! ```
//!
//! Then inside your project
//!
//! ```no_run
//! extern crate libloading as lib;
//!
//! fn call_dynamic() -> lib::Result<u32> {
//! let lib = lib::Library::new("/path/to/liblibrary.so")?;
//! unsafe {
//! let func: lib::Symbol<unsafe extern fn() -> u32> = lib.get(b"my_func")?;
//! Ok(func())
//! }
//! }
//! ```
//!
//! The compiler will ensure that the loaded `function` will not outlive the `Library` it comes
//! from, preventing a common cause of undefined behaviour and memory safety problems.
use std::ffi::OsStr;
use std::fmt;
use std::ops;
use std::marker;
#[cfg(unix)]
#[macro_use]
extern crate lazy_static;
#[cfg(unix)]
use self::os::unix as imp;
#[cfg(windows)]
use self::os::windows as imp;
pub mod os;
pub mod changelog;
mod util;
pub type Result<T> = ::std::io::Result<T>;
/// A loaded dynamic library.
pub struct Library(imp::Library);
impl Library {
/// Find and load a dynamic library.
///
/// The `filename` argument may be any of:
///
/// * A library filename;
/// * Absolute path to the library;
/// * Relative (to the current working directory) path to the library.
///
/// ## Thread-safety
///
/// The implementation strives to be as MT-safe as sanely possible, however due to certain
/// error-handling related resources not always being safe, this library is not MT-safe either.
///
/// * On Windows Vista and earlier error handling falls back to [`SetErrorMode`], which is not
/// MT-safe. MT-scenarios involving this function may cause a traditional data race;
/// * On some UNIX targets `dlerror` might not be MT-safe, resulting in garbage error messages
/// in certain MT-scenarios.
///
/// [`SetErrorMode`]: https://msdn.microsoft.com/en-us/library/windows/desktop/ms680621(v=vs.85).aspx
///
/// Calling this function from multiple threads is not safe if used in conjunction with
/// path-less filename and library search path is modified (`SetDllDirectory` function on
/// Windows, `{DY,}LD_LIBRARY_PATH` environment variable on UNIX).
///
/// ## Platform-specific behaviour
///
/// When a plain library filename is supplied, locations where library is searched for is
/// platform specific and cannot be adjusted in a portable manner.
///
/// ### Windows
///
/// If the `filename` specifies a library filename without path and with extension omitted,
/// `.dll` extension is implicitly added. This behaviour may be suppressed by appending a
/// trailing `.` to the `filename`.
///
/// If the library contains thread local variables (MSVCs `_declspec(thread)`, Rusts
/// `#[thread_local]` attributes), loading the library will fail on versions prior to Windows
/// Vista.
///
/// ## Tips
///
/// Distributing your dynamic libraries under a filename common to all platforms (e.g.
/// `awesome.module`) allows to avoid code which has to account for platforms conventional
/// library filenames.
///
/// Strive to specify absolute or relative path to your library, unless system-wide libraries
/// are being loaded. Platform-dependent library search locations combined with various quirks
/// related to path-less filenames may cause flaky code.
///
/// ## Examples
///
/// ```no_run
/// # use ::libloading::Library;
/// // Any of the following are valid.
/// let _ = Library::new("/path/to/awesome.module").unwrap();
/// let _ = Library::new("../awesome.module").unwrap();
/// let _ = Library::new("libsomelib.so.1").unwrap();
/// ```
pub fn new<P: AsRef<OsStr>>(filename: P) -> Result<Library> {
imp::Library::new(filename).map(From::from)
}
/// Get a pointer to function or static variable by symbol name.
///
/// The `symbol` may not contain any null bytes, with an exception of last byte. A null
/// terminated `symbol` may avoid a string allocation in some cases.
///
/// Symbol is interpreted as-is; no mangling is done. This means that symbols like `x::y` are
/// most likely invalid.
///
/// ## Unsafety
///
/// Pointer to a value of arbitrary type is returned. Using a value with wrong type is
/// undefined.
///
/// ## Platform-specific behaviour
///
/// On Linux and Windows, a TLS variable acts just like any regular static variable. OS X uses
/// some sort of lazy initialization scheme, which makes loading TLS variables this way
/// impossible. Using a TLS variable loaded this way on OS X is undefined behaviour.
///
/// ## Examples
///
/// Given a loaded library:
///
/// ```no_run
/// # use ::libloading::Library;
/// let lib = Library::new("/path/to/awesome.module").unwrap();
/// ```
///
/// Loading and using a function looks like this:
///
/// ```no_run
/// # use ::libloading::{Library, Symbol};
/// # let lib = Library::new("/path/to/awesome.module").unwrap();
/// unsafe {
/// let awesome_function: Symbol<unsafe extern fn(f64) -> f64> =
/// lib.get(b"awesome_function\0").unwrap();
/// awesome_function(0.42);
/// }
/// ```
///
/// A static variable may also be loaded and inspected:
///
/// ```no_run
/// # use ::libloading::{Library, Symbol};
/// # let lib = Library::new("/path/to/awesome.module").unwrap();
/// unsafe {
/// let awesome_variable: Symbol<*mut f64> = lib.get(b"awesome_variable\0").unwrap();
/// **awesome_variable = 42.0;
/// };
/// ```
pub unsafe fn get<'lib, T>(&'lib self, symbol: &[u8]) -> Result<Symbol<'lib, T>> {
self.0.get(symbol).map(|from| Symbol::from_raw(from, self))
}
}
impl fmt::Debug for Library {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
self.0.fmt(f)
}
}
impl From<imp::Library> for Library {
fn from(lib: imp::Library) -> Library {
Library(lib)
}
}
impl From<Library> for imp::Library {
fn from(lib: Library) -> imp::Library {
lib.0
}
}
unsafe impl Send for Library {}
unsafe impl Sync for Library {}
/// Symbol from a library.
///
/// This type is a safeguard against using dynamically loaded symbols after a `Library` is
/// unloaded. Primary method to create an instance of a `Symbol` is via `Library::get`.
///
/// Due to implementation of the `Deref` trait, an instance of `Symbol` may be used as if it was a
/// function or variable directly, without taking care to “extract” function or variable manually
/// most of the time.
///
/// See [`Library::get`] for details.
///
/// [`Library::get`]: ./struct.Library.html#method.get
pub struct Symbol<'lib, T: 'lib> {
inner: imp::Symbol<T>,
pd: marker::PhantomData<&'lib T>
}
impl<'lib, T> Symbol<'lib, T> {
/// Extract the wrapped `os::platform::Symbol`.
///
/// ## Unsafety
/// Using this function relinquishes all the lifetime guarantees. It is up to programmer to
/// ensure the resulting `Symbol` is not used past the lifetime of the `Library` this symbol
/// was loaded from.
///
/// ## Examples
///
/// ```no_run
/// # use ::libloading::{Library, Symbol};
/// let lib = Library::new("/path/to/awesome.module").unwrap();
/// unsafe {
/// let symbol: Symbol<*mut u32> = lib.get(b"symbol\0").unwrap();
/// let symbol = symbol.into_raw();
/// }
/// ```
pub unsafe fn into_raw(self) -> imp::Symbol<T> {
self.inner
}
/// Wrap the `os::platform::Symbol` into this safe wrapper.
///
/// Note that, in order to create association between the symbol and the library this symbol
/// came from, this function requires reference to the library provided.
///
/// ## Unsafety
///
/// It is invalid to provide a reference to any other value other than the library the `sym`
/// was loaded from. Doing so invalidates any lifetime guarantees.
///
/// ## Examples
///
/// ```no_run
/// # use ::libloading::{Library, Symbol};
/// let lib = Library::new("/path/to/awesome.module").unwrap();
/// unsafe {
/// let symbol: Symbol<*mut u32> = lib.get(b"symbol\0").unwrap();
/// let symbol = symbol.into_raw();
/// let symbol = Symbol::from_raw(symbol, &lib);
/// }
/// ```
pub unsafe fn from_raw<L>(sym: imp::Symbol<T>, _: &'lib L) -> Symbol<'lib, T> {
Symbol {
inner: sym,
pd: marker::PhantomData
}
}
}
impl<'lib, T> Symbol<'lib, Option<T>> {
/// Lift Option out of the symbol.
///
/// ## Examples
///
/// ```no_run
/// # use ::libloading::{Library, Symbol};
/// let lib = Library::new("/path/to/awesome.module").unwrap();
/// unsafe {
/// let symbol: Symbol<Option<*mut u32>> = lib.get(b"symbol\0").unwrap();
/// let symbol: Symbol<*mut u32> = symbol.lift_option().expect("static is not null");
/// }
/// ```
pub fn lift_option(self) -> Option<Symbol<'lib, T>> {
self.inner.lift_option().map(|is| Symbol {
inner: is,
pd: marker::PhantomData,
})
}
}
impl<'lib, T> Clone for Symbol<'lib, T> {
fn clone(&self) -> Symbol<'lib, T> {
Symbol {
inner: self.inner.clone(),
pd: marker::PhantomData
}
}
}
// FIXME: implement FnOnce for callable stuff instead.
impl<'lib, T> ops::Deref for Symbol<'lib, T> {
type Target = T;
fn deref(&self) -> &T {
ops::Deref::deref(&self.inner)
}
}
impl<'lib, T> fmt::Debug for Symbol<'lib, T> {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
self.inner.fmt(f)
}
}
unsafe impl<'lib, T: Send> Send for Symbol<'lib, T> {}
unsafe impl<'lib, T: Sync> Sync for Symbol<'lib, T> {}

View File

@ -1,45 +0,0 @@
//! Unsafe, platform specific bindings to dynamic library loading facilities.
//!
//! These modules expose more extensive, powerful, less principled bindings to the dynamic
//! library loading facilities. Use of these bindings come at the cost of less (in most cases,
//! none at all) safety guarantees, which are provided by the top-level bindings.
//!
//! # Examples
//!
//! Using these modules will likely involve conditional compilation:
//!
//! ```ignore
//! # extern crate libloading;
//! #[cfg(unix)]
//! use libloading::os::unix::*;
//! #[cfg(windows)]
//! use libloading::os::windows::*;
//! ```
macro_rules! unix {
($item: item) => {
/// UNIX implementation of dynamic library loading.
///
/// This module should be expanded with more UNIX-specific functionality in the future.
$item
}
}
macro_rules! windows {
($item: item) => {
/// Windows implementation of dynamic library loading.
///
/// This module should be expanded with more Windows-specific functionality in the future.
$item
}
}
#[cfg(unix)]
unix!(pub mod unix;);
#[cfg(unix)]
windows!(pub mod windows {});
#[cfg(windows)]
windows!(pub mod windows;);
#[cfg(windows)]
unix!(pub mod unix {});

View File

@ -1,285 +0,0 @@
use util::{ensure_compatible_types, cstr_cow_from_bytes};
use std::ffi::{CStr, OsStr};
use std::{fmt, io, marker, mem, ptr};
use std::os::raw;
use std::os::unix::ffi::OsStrExt;
use std::sync::Mutex;
lazy_static! {
static ref DLERROR_MUTEX: Mutex<()> = Mutex::new(());
}
// libdl is crazy.
//
// First of all, whole error handling scheme in libdl is done via setting and querying some global
// state, therefore it is not safe to use libdl in MT-capable environment at all. Only in POSIX
// 2008+TC1 a thread-local state was allowed, which for our purposes is way too late.
fn with_dlerror<T, F>(closure: F) -> Result<T, Option<io::Error>>
where F: FnOnce() -> Option<T> {
// We will guard all uses of libdl library with our own mutex. This makes libdl
// safe to use in MT programs provided the only way a program uses libdl is via this library.
let _lock = DLERROR_MUTEX.lock();
// While we could could call libdl here to clear the previous error value, only the dlsym
// depends on it being cleared beforehand and only in some cases too. We will instead clear the
// error inside the dlsym binding instead.
//
// In all the other cases, clearing the error here will only be hiding misuse of these bindings
// or the libdl.
closure().ok_or_else(|| unsafe {
// This code will only get executed if the `closure` returns `None`.
let error = dlerror();
if error.is_null() {
// In non-dlsym case this may happen when therere bugs in our bindings or theres
// non-libloading user of libdl; possibly in another thread.
None
} else {
// You cant even rely on error string being static here; call to subsequent dlerror
// may invalidate or overwrite the error message. Why couldnt they simply give up the
// ownership over the message?
// TODO: should do locale-aware conversion here. OTOH Rust doesnt seem to work well in
// any system that uses non-utf8 locale, so I doubt theres a problem here.
let message = CStr::from_ptr(error).to_string_lossy().into_owned();
Some(io::Error::new(io::ErrorKind::Other, message))
// Since we do a copy of the error string above, maybe we should call dlerror again to
// let libdl know it may free its copy of the string now?
}
})
}
/// A platform-specific equivalent of the cross-platform `Library`.
pub struct Library {
handle: *mut raw::c_void
}
unsafe impl Send for Library {}
// That being said... this section in the volume 2 of POSIX.1-2008 states:
//
// > All functions defined by this volume of POSIX.1-2008 shall be thread-safe, except that the
// > following functions need not be thread-safe.
//
// With notable absence of any dl* function other than dlerror in the list. By “this volume”
// I suppose they refer precisely to the “volume 2”. dl* family of functions are specified
// by this same volume, so the conclusion is indeed that dl* functions are required by POSIX
// to be thread-safe. Great!
//
// See for more details:
//
// * https://github.com/nagisa/rust_libloading/pull/17
// * http://pubs.opengroup.org/onlinepubs/9699919799/functions/V2_chap02.html#tag_15_09_01
unsafe impl Sync for Library {}
impl Library {
/// Find and load a shared library (module).
///
/// Locations where library is searched for is platform specific and cant be adjusted
/// portably.
///
/// Corresponds to `dlopen(filename, RTLD_NOW)`.
#[inline]
pub fn new<P: AsRef<OsStr>>(filename: P) -> ::Result<Library> {
Library::open(Some(filename), RTLD_NOW)
}
/// Load the dynamic libraries linked into main program.
///
/// This allows retrieving symbols from any **dynamic** library linked into the program,
/// without specifying the exact library.
///
/// Corresponds to `dlopen(NULL, RTLD_NOW)`.
#[inline]
pub fn this() -> Library {
Library::open(None::<&OsStr>, RTLD_NOW).unwrap()
}
/// Find and load a shared library (module).
///
/// Locations where library is searched for is platform specific and cant be adjusted
/// portably.
///
/// If the `filename` is None, null pointer is passed to `dlopen`.
///
/// Corresponds to `dlopen(filename, flags)`.
pub fn open<P>(filename: Option<P>, flags: raw::c_int) -> ::Result<Library>
where P: AsRef<OsStr> {
let filename = match filename {
None => None,
Some(ref f) => Some(try!(cstr_cow_from_bytes(f.as_ref().as_bytes()))),
};
with_dlerror(move || {
let result = unsafe {
let r = dlopen(match filename {
None => ptr::null(),
Some(ref f) => f.as_ptr()
}, flags);
// ensure filename lives until dlopen completes
drop(filename);
r
};
if result.is_null() {
None
} else {
Some(Library {
handle: result
})
}
}).map_err(|e| e.unwrap_or_else(||
panic!("dlopen failed but dlerror did not report anything")
))
}
/// Get a pointer to function or static variable by symbol name.
///
/// The `symbol` may not contain any null bytes, with an exception of last byte. A null
/// terminated `symbol` may avoid a string allocation in some cases.
///
/// Symbol is interpreted as-is; no mangling is done. This means that symbols like `x::y` are
/// most likely invalid.
///
/// ## Unsafety
///
/// Pointer to a value of arbitrary type is returned. Using a value with wrong type is
/// undefined.
///
/// ## Platform-specific behaviour
///
/// OS X uses some sort of lazy initialization scheme, which makes loading TLS variables
/// impossible. Using a TLS variable loaded this way on OS X is undefined behaviour.
pub unsafe fn get<T>(&self, symbol: &[u8]) -> ::Result<Symbol<T>> {
ensure_compatible_types::<T, *mut raw::c_void>();
let symbol = try!(cstr_cow_from_bytes(symbol));
// `dlsym` may return nullptr in two cases: when a symbol genuinely points to a null
// pointer or the symbol cannot be found. In order to detect this case a double dlerror
// pattern must be used, which is, sadly, a little bit racy.
//
// We try to leave as little space as possible for this to occur, but we cant exactly
// fully prevent it.
match with_dlerror(|| {
dlerror();
let symbol = dlsym(self.handle, symbol.as_ptr());
if symbol.is_null() {
None
} else {
Some(Symbol {
pointer: symbol,
pd: marker::PhantomData
})
}
}) {
Err(None) => Ok(Symbol {
pointer: ptr::null_mut(),
pd: marker::PhantomData
}),
Err(Some(e)) => Err(e),
Ok(x) => Ok(x)
}
}
}
impl Drop for Library {
fn drop(&mut self) {
with_dlerror(|| if unsafe { dlclose(self.handle) } == 0 {
Some(())
} else {
None
}).unwrap();
}
}
impl fmt::Debug for Library {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
f.write_str(&format!("Library@{:p}", self.handle))
}
}
/// Symbol from a library.
///
/// A major difference compared to the cross-platform `Symbol` is that this does not ensure the
/// `Symbol` does not outlive `Library` it comes from.
pub struct Symbol<T> {
pointer: *mut raw::c_void,
pd: marker::PhantomData<T>
}
impl<T> Symbol<Option<T>> {
/// Lift Option out of the symbol.
pub fn lift_option(self) -> Option<Symbol<T>> {
if self.pointer.is_null() {
None
} else {
Some(Symbol {
pointer: self.pointer,
pd: marker::PhantomData,
})
}
}
}
unsafe impl<T: Send> Send for Symbol<T> {}
unsafe impl<T: Sync> Sync for Symbol<T> {}
impl<T> Clone for Symbol<T> {
fn clone(&self) -> Symbol<T> {
Symbol { ..*self }
}
}
impl<T> ::std::ops::Deref for Symbol<T> {
type Target = T;
fn deref(&self) -> &T {
unsafe {
// Additional reference level for a dereference on `deref` return value.
mem::transmute(&self.pointer)
}
}
}
impl<T> fmt::Debug for Symbol<T> {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
unsafe {
let mut info: DlInfo = mem::uninitialized();
if dladdr(self.pointer, &mut info) != 0 {
if info.dli_sname.is_null() {
f.write_str(&format!("Symbol@{:p} from {:?}",
self.pointer,
CStr::from_ptr(info.dli_fname)))
} else {
f.write_str(&format!("Symbol {:?}@{:p} from {:?}",
CStr::from_ptr(info.dli_sname), self.pointer,
CStr::from_ptr(info.dli_fname)))
}
} else {
f.write_str(&format!("Symbol@{:p}", self.pointer))
}
}
}
}
// Platform specific things
extern {
fn dlopen(filename: *const raw::c_char, flags: raw::c_int) -> *mut raw::c_void;
fn dlclose(handle: *mut raw::c_void) -> raw::c_int;
fn dlsym(handle: *mut raw::c_void, symbol: *const raw::c_char) -> *mut raw::c_void;
fn dlerror() -> *mut raw::c_char;
fn dladdr(addr: *mut raw::c_void, info: *mut DlInfo) -> raw::c_int;
}
#[cfg(not(target_os="android"))]
const RTLD_NOW: raw::c_int = 2;
#[cfg(target_os="android")]
const RTLD_NOW: raw::c_int = 0;
#[repr(C)]
struct DlInfo {
dli_fname: *const raw::c_char,
dli_fbase: *mut raw::c_void,
dli_sname: *const raw::c_char,
dli_saddr: *mut raw::c_void
}
#[test]
fn this() {
Library::this();
}

View File

@ -1,284 +0,0 @@
extern crate winapi;
extern crate kernel32;
use util::{ensure_compatible_types, cstr_cow_from_bytes};
use std::ffi::{OsStr, OsString};
use std::{fmt, io, marker, mem, ptr};
use std::os::windows::ffi::{OsStrExt, OsStringExt};
use std::sync::atomic::{AtomicBool, ATOMIC_BOOL_INIT, Ordering};
/// A platform-specific equivalent of the cross-platform `Library`.
pub struct Library(winapi::HMODULE);
unsafe impl Send for Library {}
// Now, this is sort-of-tricky. MSDN documentation does not really make any claims as to safety of
// the Win32 APIs. Sadly, whomever I asked, even current and former Microsoft employees, couldnt
// say for sure, whether the Win32 APIs used to implement `Library` are thread-safe or not.
//
// My investigation ended up with a question about thread-safety properties of the API involved
// being sent to an internal (to MS) general question mailing-list. The conclusion of the mail is
// as such:
//
// * Nobody inside MS (at least out of all the people who have seen the question) knows for
// sure either;
// * However, the general consensus between MS developers is that one can rely on the API being
// thread-safe. In case it is not thread-safe it should be considered a bug on the Windows
// part. (NB: bugs filled at https://connect.microsoft.com/ against Windows Server)
unsafe impl Sync for Library {}
impl Library {
/// Find and load a shared library (module).
///
/// Corresponds to `LoadLibraryW(filename)`.
#[inline]
pub fn new<P: AsRef<OsStr>>(filename: P) -> ::Result<Library> {
let wide_filename: Vec<u16> = filename.as_ref().encode_wide().chain(Some(0)).collect();
let _guard = ErrorModeGuard::new();
let ret = with_get_last_error(|| {
// Make sure no winapi calls as a result of drop happen inside this closure, because
// otherwise that might change the return value of the GetLastError.
let handle = unsafe { kernel32::LoadLibraryW(wide_filename.as_ptr()) };
if handle.is_null() {
None
} else {
Some(Library(handle))
}
}).map_err(|e| e.unwrap_or_else(||
panic!("LoadLibraryW failed but GetLastError did not report the error")
));
drop(wide_filename); // Drop wide_filename here to ensure it doesnt get moved and dropped
// inside the closure by mistake. See comment inside the closure.
ret
}
/// Get a pointer to function or static variable by symbol name.
///
/// The `symbol` may not contain any null bytes, with an exception of last byte. A null
/// terminated `symbol` may avoid a string allocation in some cases.
///
/// Symbol is interpreted as-is; no mangling is done. This means that symbols like `x::y` are
/// most likely invalid.
///
/// ## Unsafety
///
/// Pointer to a value of arbitrary type is returned. Using a value with wrong type is
/// undefined.
pub unsafe fn get<T>(&self, symbol: &[u8]) -> ::Result<Symbol<T>> {
ensure_compatible_types::<T, winapi::FARPROC>();
let symbol = try!(cstr_cow_from_bytes(symbol));
with_get_last_error(|| {
let symbol = kernel32::GetProcAddress(self.0, symbol.as_ptr());
if symbol.is_null() {
None
} else {
Some(Symbol {
pointer: symbol,
pd: marker::PhantomData
})
}
}).map_err(|e| e.unwrap_or_else(||
panic!("GetProcAddress failed but GetLastError did not report the error")
))
}
/// Get a pointer to function or static variable by ordinal number.
///
/// ## Unsafety
///
/// Pointer to a value of arbitrary type is returned. Using a value with wrong type is
/// undefined.
pub unsafe fn get_ordinal<T>(&self, ordinal: winapi::WORD) -> ::Result<Symbol<T>> {
ensure_compatible_types::<T, winapi::FARPROC>();
with_get_last_error(|| {
let ordinal = ordinal as usize as *mut _;
let symbol = kernel32::GetProcAddress(self.0, ordinal);
if symbol.is_null() {
None
} else {
Some(Symbol {
pointer: symbol,
pd: marker::PhantomData
})
}
}).map_err(|e| e.unwrap_or_else(||
panic!("GetProcAddress failed but GetLastError did not report the error")
))
}
}
impl Drop for Library {
fn drop(&mut self) {
with_get_last_error(|| {
if unsafe { kernel32::FreeLibrary(self.0) == 0 } {
None
} else {
Some(())
}
}).unwrap()
}
}
impl fmt::Debug for Library {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
unsafe {
let mut buf: [winapi::WCHAR; 1024] = mem::uninitialized();
let len = kernel32::GetModuleFileNameW(self.0,
(&mut buf[..]).as_mut_ptr(), 1024) as usize;
if len == 0 {
f.write_str(&format!("Library@{:p}", self.0))
} else {
let string: OsString = OsString::from_wide(&buf[..len]);
f.write_str(&format!("Library@{:p} from {:?}", self.0, string))
}
}
}
}
/// Symbol from a library.
///
/// A major difference compared to the cross-platform `Symbol` is that this does not ensure the
/// `Symbol` does not outlive `Library` it comes from.
pub struct Symbol<T> {
pointer: winapi::FARPROC,
pd: marker::PhantomData<T>
}
impl<T> Symbol<Option<T>> {
/// Lift Option out of the symbol.
pub fn lift_option(self) -> Option<Symbol<T>> {
if self.pointer.is_null() {
None
} else {
Some(Symbol {
pointer: self.pointer,
pd: marker::PhantomData,
})
}
}
}
unsafe impl<T: Send> Send for Symbol<T> {}
unsafe impl<T: Sync> Sync for Symbol<T> {}
impl<T> Clone for Symbol<T> {
fn clone(&self) -> Symbol<T> {
Symbol { ..*self }
}
}
impl<T> ::std::ops::Deref for Symbol<T> {
type Target = T;
fn deref(&self) -> &T {
unsafe {
// Additional reference level for a dereference on `deref` return value.
mem::transmute(&self.pointer)
}
}
}
impl<T> fmt::Debug for Symbol<T> {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
f.write_str(&format!("Symbol@{:p}", self.pointer))
}
}
static USE_ERRORMODE: AtomicBool = ATOMIC_BOOL_INIT;
struct ErrorModeGuard(winapi::DWORD);
impl ErrorModeGuard {
fn new() -> Option<ErrorModeGuard> {
const SEM_FAILCE: winapi::DWORD = 1;
unsafe {
if !USE_ERRORMODE.load(Ordering::Acquire) {
let mut previous_mode = 0;
let success = kernel32::SetThreadErrorMode(SEM_FAILCE, &mut previous_mode) != 0;
if !success && kernel32::GetLastError() == winapi::ERROR_CALL_NOT_IMPLEMENTED {
USE_ERRORMODE.store(true, Ordering::Release);
} else if !success {
// SetThreadErrorMode failed with some other error? How in the world is it
// possible for what is essentially a simple variable swap to fail?
// For now we just ignore the error -- the worst that can happen here is
// the previous mode staying on and user seeing a dialog error on older Windows
// machines.
return None;
} else if previous_mode == SEM_FAILCE {
return None;
} else {
return Some(ErrorModeGuard(previous_mode));
}
}
match kernel32::SetErrorMode(SEM_FAILCE) {
SEM_FAILCE => {
// This is important to reduce racy-ness when this library is used on multiple
// threads. In particular this helps with following race condition:
//
// T1: SetErrorMode(SEM_FAILCE)
// T2: SetErrorMode(SEM_FAILCE)
// T1: SetErrorMode(old_mode) # not SEM_FAILCE
// T2: SetErrorMode(SEM_FAILCE) # restores to SEM_FAILCE on drop
//
// This is still somewhat racy in a sense that T1 might resture the error
// mode before T2 finishes loading the library, but that is less of a
// concern it will only end up in end user seeing a dialog.
//
// Also, SetErrorMode itself is probably not an atomic operation.
None
}
a => Some(ErrorModeGuard(a))
}
}
}
}
impl Drop for ErrorModeGuard {
fn drop(&mut self) {
unsafe {
if !USE_ERRORMODE.load(Ordering::Relaxed) {
kernel32::SetThreadErrorMode(self.0, ptr::null_mut());
} else {
kernel32::SetErrorMode(self.0);
}
}
}
}
fn with_get_last_error<T, F>(closure: F) -> Result<T, Option<io::Error>>
where F: FnOnce() -> Option<T> {
closure().ok_or_else(|| {
let error = unsafe { kernel32::GetLastError() };
if error == 0 {
None
} else {
Some(io::Error::from_raw_os_error(error as i32))
}
})
}
#[test]
fn works_getlasterror() {
let lib = Library::new("kernel32.dll").unwrap();
let gle: Symbol<unsafe extern "system" fn() -> winapi::DWORD> = unsafe {
lib.get(b"GetLastError").unwrap()
};
unsafe {
kernel32::SetLastError(42);
assert_eq!(kernel32::GetLastError(), gle())
}
}
#[test]
fn works_getlasterror0() {
let lib = Library::new("kernel32.dll").unwrap();
let gle: Symbol<unsafe extern "system" fn() -> winapi::DWORD> = unsafe {
lib.get(b"GetLastError\0").unwrap()
};
unsafe {
kernel32::SetLastError(42);
assert_eq!(kernel32::GetLastError(), gle())
}
}

View File

@ -1,49 +0,0 @@
//! This is a separate file containing helpers for tests of this library. It is built into a
//! dynamic library by the build.rs script.
#![crate_type="dylib"] // FIXME: should become a cdylib in due time
#![cfg_attr(test_nightly, feature(thread_local))]
#[no_mangle]
pub static mut TEST_STATIC_U32: u32 = 0;
#[no_mangle]
pub static mut TEST_STATIC_PTR: *mut () = 0 as *mut _;
#[cfg(test_nightly)]
#[thread_local]
#[no_mangle]
pub static mut TEST_THREAD_LOCAL: u32 = 0;
#[no_mangle]
pub extern "C" fn test_identity_u32(x: u32) -> u32 {
x
}
#[repr(C)]
pub struct S {
a: u64,
b: u32,
c: u16,
d: u8
}
#[no_mangle]
pub extern "C" fn test_identity_struct(x: S) -> S {
x
}
#[no_mangle]
pub unsafe extern "C" fn test_get_static_u32() -> u32 {
TEST_STATIC_U32
}
#[no_mangle]
pub unsafe extern "C" fn test_check_static_ptr() -> bool {
TEST_STATIC_PTR == (&mut TEST_STATIC_PTR as *mut *mut _ as *mut _)
}
#[cfg(test_nightly)]
#[no_mangle]
pub unsafe extern "C" fn test_get_thread_local() -> u32 {
TEST_THREAD_LOCAL
}

View File

@ -1,61 +0,0 @@
use std::ffi::{CStr, CString, NulError, FromBytesWithNulError};
use std::borrow::Cow;
use std::os::raw;
#[derive(Debug)]
pub struct NullError;
impl From<NulError> for NullError {
fn from(_: NulError) -> NullError {
NullError
}
}
impl From<FromBytesWithNulError> for NullError {
fn from(_: FromBytesWithNulError) -> NullError {
NullError
}
}
impl From<NullError> for ::std::io::Error {
fn from(e: NullError) -> ::std::io::Error {
::std::io::Error::new(::std::io::ErrorKind::Other, format!("{}", e))
}
}
impl ::std::error::Error for NullError {
fn description(&self) -> &str { "non-final null byte found" }
}
impl ::std::fmt::Display for NullError {
fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result {
write!(f, "non-final null byte found")
}
}
/// Checks for last byte and avoids alocatting if its zero.
///
/// Non-last null bytes still result in an error.
pub fn cstr_cow_from_bytes<'a>(slice: &'a [u8]) -> Result<Cow<'a, CStr>, NullError> {
static ZERO: raw::c_char = 0;
Ok(match slice.last() {
// Slice out of 0 elements
None => unsafe { Cow::Borrowed(CStr::from_ptr(&ZERO)) },
// Slice with trailing 0
Some(&0) => Cow::Borrowed(try!(CStr::from_bytes_with_nul(slice))),
// Slice with no trailing 0
Some(_) => Cow::Owned(try!(CString::new(slice))),
})
}
#[inline]
pub fn ensure_compatible_types<T, E>() {
#[cold]
#[inline(never)]
fn dopanic() {
panic!("value of requested type cannot be dynamically loaded");
}
if ::std::mem::size_of::<T>() != ::std::mem::size_of::<E>() {
dopanic()
}
}

View File

@ -1,151 +0,0 @@
extern crate libloading;
use libloading::{Symbol, Library};
const LIBPATH: &'static str = concat!(env!("OUT_DIR"), "/libtest_helpers.dll");
fn make_helpers() {
static ONCE: ::std::sync::Once = ::std::sync::ONCE_INIT;
ONCE.call_once(|| {
let mut outpath = String::from(if let Some(od) = option_env!("OUT_DIR") { od } else { return });
let rustc = option_env!("RUSTC").unwrap_or_else(|| { "rustc".into() });
outpath.push_str(&"/libtest_helpers.dll"); // extension for windows required, POSIX does not care.
let _ = ::std::process::Command::new(rustc)
.arg("src/test_helpers.rs")
.arg("-o")
.arg(outpath)
.arg("-O")
.output()
.expect("could not compile the test helpers!");
});
}
#[test]
fn test_id_u32() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
let f: Symbol<unsafe extern fn(u32) -> u32> = lib.get(b"test_identity_u32\0").unwrap();
assert_eq!(42, f(42));
}
}
#[repr(C)]
#[derive(Clone,Copy,PartialEq,Debug)]
struct S {
a: u64,
b: u32,
c: u16,
d: u8
}
#[test]
fn test_id_struct() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
let f: Symbol<unsafe extern fn(S) -> S> = lib.get(b"test_identity_struct\0").unwrap();
assert_eq!(S { a: 1, b: 2, c: 3, d: 4 }, f(S { a: 1, b: 2, c: 3, d: 4 }));
}
}
#[test]
fn test_0_no_0() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
let f: Symbol<unsafe extern fn(S) -> S> = lib.get(b"test_identity_struct\0").unwrap();
let f2: Symbol<unsafe extern fn(S) -> S> = lib.get(b"test_identity_struct").unwrap();
assert_eq!(*f, *f2);
}
}
#[test]
fn wrong_name_fails() {
Library::new(concat!(env!("OUT_DIR"), "/libtest_help")).err().unwrap();
}
#[test]
fn missing_symbol_fails() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
lib.get::<*mut ()>(b"test_does_not_exist").err().unwrap();
lib.get::<*mut ()>(b"test_does_not_exist\0").err().unwrap();
}
}
#[test]
fn interior_null_fails() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
lib.get::<*mut ()>(b"test_does\0_not_exist").err().unwrap();
lib.get::<*mut ()>(b"test\0_does_not_exist\0").err().unwrap();
}
}
#[test]
#[should_panic]
fn test_incompatible_type() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
let _ = lib.get::<()>(b"test_identity_u32\0");
}
}
#[test]
#[should_panic]
fn test_incompatible_type_named_fn() {
make_helpers();
unsafe fn get<'a, T>(l: &'a Library, _: T) -> libloading::Result<Symbol<'a, T>> {
l.get::<T>(b"test_identity_u32\0")
}
let lib = Library::new(LIBPATH).unwrap();
unsafe {
let _ = get(&lib, test_incompatible_type_named_fn);
}
}
#[test]
fn test_static_u32() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
let var: Symbol<*mut u32> = lib.get(b"TEST_STATIC_U32\0").unwrap();
**var = 42;
let help: Symbol<unsafe extern fn() -> u32> = lib.get(b"test_get_static_u32\0").unwrap();
assert_eq!(42, help());
}
}
#[test]
fn test_static_ptr() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
let var: Symbol<*mut *mut ()> = lib.get(b"TEST_STATIC_PTR\0").unwrap();
**var = *var as *mut _;
let works: Symbol<unsafe extern fn() -> bool> =
lib.get(b"test_check_static_ptr\0").unwrap();
assert!(works());
}
}
#[cfg(any(windows, target_os="linux"))]
#[cfg(test_nightly)]
#[test]
fn test_tls_static() {
make_helpers();
let lib = Library::new(LIBPATH).unwrap();
unsafe {
let var: Symbol<*mut u32> = lib.get(b"TEST_THREAD_LOCAL\0").unwrap();
**var = 84;
let help: Symbol<unsafe extern fn() -> u32> = lib.get(b"test_get_thread_local\0").unwrap();
assert_eq!(84, help());
}
::std::thread::spawn(move || unsafe {
let help: Symbol<unsafe extern fn() -> u32> = lib.get(b"test_get_thread_local\0").unwrap();
assert_eq!(0, help());
}).join().unwrap();
}

View File

@ -1,79 +0,0 @@
extern crate libloading;
#[cfg(test)]
fn assert_send<T: Send>() {}
#[cfg(test)]
fn assert_sync<T: Sync>() {}
#[test]
fn check_library_send() {
assert_send::<libloading::Library>();
}
#[cfg(unix)]
#[test]
fn check_unix_library_send() {
assert_send::<libloading::os::unix::Library>();
}
#[cfg(windows)]
#[test]
fn check_windows_library_send() {
assert_send::<libloading::os::windows::Library>();
}
#[test]
fn check_library_sync() {
assert_sync::<libloading::Library>();
}
#[cfg(unix)]
#[test]
fn check_unix_library_sync() {
assert_sync::<libloading::os::unix::Library>();
}
#[cfg(windows)]
#[test]
fn check_windows_library_sync() {
assert_sync::<libloading::os::windows::Library>();
}
#[test]
fn check_symbol_send() {
assert_send::<libloading::Symbol<fn() -> ()>>();
// assert_not_send::<libloading::Symbol<*const ()>>();
}
#[cfg(unix)]
#[test]
fn check_unix_symbol_send() {
assert_send::<libloading::os::unix::Symbol<fn() -> ()>>();
// assert_not_send::<libloading::os::unix::Symbol<*const ()>>();
}
#[cfg(windows)]
#[test]
fn check_windows_symbol_send() {
assert_send::<libloading::os::windows::Symbol<fn() -> ()>>();
}
#[test]
fn check_symbol_sync() {
assert_sync::<libloading::Symbol<fn() -> ()>>();
// assert_not_sync::<libloading::Symbol<*const ()>>();
}
#[cfg(unix)]
#[test]
fn check_unix_symbol_sync() {
assert_sync::<libloading::os::unix::Symbol<fn() -> ()>>();
// assert_not_sync::<libloading::os::unix::Symbol<*const ()>>();
}
#[cfg(windows)]
#[test]
fn check_windows_symbol_sync() {
assert_sync::<libloading::os::windows::Symbol<fn() -> ()>>();
// assert_not_sync::<libloading::os::windows::Symbol<*const ()>>();
}

View File

@ -1,56 +0,0 @@
#![cfg(windows)]
extern crate libloading;
use libloading::os::windows::*;
use std::ffi::CStr;
// The ordinal DLL contains exactly one function (other than DllMain, that is) with ordinal number
// 1. This function has the sugnature `fn() -> *const c_char` and returns a string "bunny\0" (in
// reference to WindowsBunny).
//
// Both x86_64 and x86 versions of the .dll are functionally the same. Ideally we would compile the
// dlls with well known ordinals from our own testing helpers library, but rustc does not allow
// specifying a custom .def file (https://github.com/rust-lang/rust/issues/35089)
//
// The DLLs were kindly compiled by WindowsBunny (aka. @retep998).
#[cfg(target_arch="x86")]
fn load_ordinal_lib() -> Library {
Library::new("tests/nagisa32.dll").expect("nagisa32.dll")
}
#[cfg(target_arch="x86_64")]
fn load_ordinal_lib() -> Library {
Library::new("tests/nagisa64.dll").expect("nagisa64.dll")
}
#[cfg(any(target_arch="x86", target_arch="x86_64"))]
#[test]
fn test_ordinal() {
let lib = load_ordinal_lib();
unsafe {
let windows: Symbol<unsafe fn() -> *const i8> = lib.get_ordinal(1).expect("function");
assert_eq!(CStr::from_ptr(windows()).to_bytes(), b"bunny");
}
}
#[cfg(any(target_arch="x86", target_arch="x86_64"))]
#[test]
fn test_ordinal_missing_fails() {
let lib = load_ordinal_lib();
unsafe {
let r: Result<Symbol<unsafe fn() -> *const i8>, _> = lib.get_ordinal(2);
r.err().unwrap();
let r: Result<Symbol<unsafe fn() -> *const i8>, _> = lib.get_ordinal(!0);
r.err().unwrap();
}
}
#[test]
fn test_new_kernel23() {
Library::new("kernel23").err().unwrap();
}
#[test]
fn test_new_kernel32_no_ext() {
Library::new("kernel32").unwrap();
}

View File

@ -1 +0,0 @@
{"files":{"Cargo.toml":"c366b169296b5639dc6a208154c1650928171039335967a32cccbb495f430a46","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"6485b8ed310d3f0340bf1ad1f47645069ce4069dcc6bb46c7d5c6faf41de1fdb","README.md":"4e91d304e421fe6c8307312ef5420459fbf6b466c20ba827453f53e5ad8af2b2","RELEASES.md":"802a9d92097422fa89b12f65407af793578d5789a126875b2c9675091f8949cf","benches/bigint.rs":"e62ad970f1cf33c44a5a6ac6ac035059c4bd8416bbad1ddf3d8cfbef4f80b9a0","benches/factorial.rs":"67e50bca067764c5d9dfd2e2bbb75835087437c509b73d6206bbe5c6f797f469","benches/gcd.rs":"4d4ec3ef7bfc7a04867713f68d91f595030c188af6f5144224471d64b8bc3cab","benches/shootout-pidigits.rs":"a071146410ed87dd5ccc8ec1d6fd84e454146a8b067ec0825f397400c9f707e3","bors.toml":"1c81ede536a37edd30fe4e622ff0531b25372403ac9475a5d6c50f14156565a2","ci/rustup.sh":"d746c6b56162295462759a44803c8db9d78ec5b96f78814de149cddd3726ee85","ci/test_full.sh":"02101eb79026a9edc7dc257d5793fd85880a86e0fa888491caf1d571654ad51d","src/algorithms.rs":"640e974a76b3b8c3da4a5f55aada828b9cf3888ab6ccb4c71e0e04f52d96f029","src/bigint.rs":"a23460bd5dfb5743df0609db2b21152c388bba7b826abcba336648b04e6e5e55","src/biguint.rs":"e10b53f100bc63496f0adbbf13dba5fabbbacea621406f0f837d1605e2ca5f2d","src/lib.rs":"44d89304877858812cbce8e3db43d189a9776910955b6888b8322cb9ad1dfe12","src/macros.rs":"68831bd0165ddfd46d39ed69ef9cbce2ae7116872e59cd2b798562f0b72cbafb","src/monty.rs":"408d3871716537ab8726b5da0deb81dcb8782a73500f0c75039be552a5b50414","src/tests/bigint.rs":"fd1e6170cb217ccbf078574d02ade1c19c1d48c5e675f0bcd3584fc54083f0b7","src/tests/biguint.rs":"797a2409dd2e35b1ac794789300bcad19c9fde7633b115b811f6a2a10ced2a3b","tests/modpow.rs":"81c5e53ff27a9bc1b7ef0fd5375c408cf8621b40f0d36a4cc30b4df9656187d8"},"package":"e63899ad0da84ce718c14936262a41cee2c79c981fc0a0e7c7beb47d5a07e8c1"}

View File

@ -1,62 +0,0 @@
# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
#
# When uploading crates to the registry Cargo will automatically
# "normalize" Cargo.toml files for maximal compatibility
# with all versions of Cargo and also rewrite `path` dependencies
# to registry (e.g. crates.io) dependencies
#
# If you believe there's an error in this file please file an
# issue against the rust-lang/cargo repository. If you're
# editing this file be aware that the upstream Cargo.toml
# will likely look very different (and much more reasonable)
[package]
name = "num-bigint"
version = "0.1.44"
authors = ["The Rust Project Developers"]
description = "Big integer implementation for Rust"
homepage = "https://github.com/rust-num/num-bigint"
documentation = "https://docs.rs/num-bigint"
readme = "README.md"
keywords = ["mathematics", "numerics", "bignum"]
categories = ["algorithms", "data-structures", "science"]
license = "MIT/Apache-2.0"
repository = "https://github.com/rust-num/num-bigint"
[[bench]]
name = "bigint"
[[bench]]
name = "factorial"
[[bench]]
name = "gcd"
[[bench]]
name = "shootout-pidigits"
harness = false
[dependencies.num-integer]
version = "0.1.36"
default-features = false
[dependencies.num-traits]
version = "0.2.0"
features = ["std"]
default-features = false
[dependencies.rand]
version = ">= 0.3.14, < 0.5.0"
optional = true
[dependencies.rustc-serialize]
version = "0.3.19"
optional = true
[dependencies.serde]
version = ">= 0.7.0, < 0.9.0"
optional = true
[dev-dependencies.rand]
version = ">= 0.3.14, < 0.5.0"
[features]
default = ["rand", "rustc-serialize"]

View File

@ -1,201 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,25 +0,0 @@
Copyright (c) 2014 The Rust Project Developers
Permission is hereby granted, free of charge, to any
person obtaining a copy of this software and associated
documentation files (the "Software"), to deal in the
Software without restriction, including without
limitation the rights to use, copy, modify, merge,
publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software
is furnished to do so, subject to the following
conditions:
The above copyright notice and this permission notice
shall be included in all copies or substantial portions
of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

View File

@ -1,52 +0,0 @@
# num-bigint
[![crate](https://img.shields.io/crates/v/num-bigint.svg)](https://crates.io/crates/num-bigint)
[![documentation](https://docs.rs/num-bigint/badge.svg)](https://docs.rs/num-bigint)
![minimum rustc 1.8](https://img.shields.io/badge/rustc-1.8+-red.svg)
[![Travis status](https://travis-ci.org/rust-num/num-bigint.svg?branch=master)](https://travis-ci.org/rust-num/num-bigint)
Big integer types for Rust, `BigInt` and `BigUint`.
## Usage
Add this to your `Cargo.toml`:
```toml
[dependencies]
num-bigint = "0.1"
```
and this to your crate root:
```rust
extern crate num_bigint;
```
## Releases
Release notes are available in [RELEASES.md](RELEASES.md).
## Compatibility
The `num-bigint` crate is tested for rustc 1.8 and greater.
## Alternatives
While `num-bigint` strives for good performance in pure Rust code, other
crates may offer better performance with different trade-offs. The following
table offers a brief comparison to a few alternatives.
| Crate | License | Min rustc | Implementation |
| :--------------- | :------------- | :-------- | :------------- |
| **`num-bigint`** | MIT/Apache-2.0 | 1.8 | pure rust |
| [`ramp`] | Apache-2.0 | nightly | rust and inline assembly |
| [`rug`] | LGPL-3.0+ | 1.18 | bundles [GMP] via [`gmp-mpfr-sys`] |
| [`rust-gmp`] | MIT | stable? | links to [GMP] |
| [`apint`] | MIT/Apache-2.0 | nightly | pure rust (unfinished) |
[GMP]: https://gmplib.org/
[`gmp-mpfr-sys`]: https://crates.io/crates/gmp-mpfr-sys
[`rug`]: https://crates.io/crates/rug
[`rust-gmp`]: https://crates.io/crates/rust-gmp
[`ramp`]: https://crates.io/crates/ramp
[`apint`]: https://crates.io/crates/apint

View File

@ -1,41 +0,0 @@
# Release 0.1.44
- [Division with single-digit divisors is now much faster.][42]
- The README now compares [`ramp`, `rug`, `rust-gmp`][20], and [`apint`][21].
**Contributors**: @cuviper, @Robbepop
[20]: https://github.com/rust-num/num-bigint/pull/20
[21]: https://github.com/rust-num/num-bigint/pull/21
[42]: https://github.com/rust-num/num-bigint/pull/42
# Release 0.1.43
- [The new `BigInt::modpow`][18] performs signed modular exponentiation, using
the existing `BigUint::modpow` and rounding negatives similar to `mod_floor`.
**Contributors**: @cuviper
[18]: https://github.com/rust-num/num-bigint/pull/18
# Release 0.1.42
- [num-bigint now has its own source repository][num-356] at [rust-num/num-bigint][home].
- [`lcm` now avoids creating a large intermediate product][num-350].
- [`gcd` now uses Stein's algorithm][15] with faster shifts instead of division.
- [`rand` support is now extended to 0.4][11] (while still allowing 0.3).
**Contributors**: @cuviper, @Emerentius, @ignatenkobrain, @mhogrefe
[home]: https://github.com/rust-num/num-bigint
[num-350]: https://github.com/rust-num/num/pull/350
[num-356]: https://github.com/rust-num/num/pull/356
[11]: https://github.com/rust-num/num-bigint/pull/11
[15]: https://github.com/rust-num/num-bigint/pull/15
# Prior releases
No prior release notes were kept. Thanks all the same to the many
contributors that have made this crate what it is!

View File

@ -1,294 +0,0 @@
#![feature(test)]
extern crate test;
extern crate num_bigint;
extern crate num_traits;
extern crate rand;
use std::mem::replace;
use test::Bencher;
use num_bigint::{BigInt, BigUint, RandBigInt};
use num_traits::{Zero, One, FromPrimitive, Num};
use rand::{SeedableRng, StdRng};
fn get_rng() -> StdRng {
let seed: &[_] = &[1, 2, 3, 4];
SeedableRng::from_seed(seed)
}
fn multiply_bench(b: &mut Bencher, xbits: usize, ybits: usize) {
let mut rng = get_rng();
let x = rng.gen_bigint(xbits);
let y = rng.gen_bigint(ybits);
b.iter(|| &x * &y);
}
fn divide_bench(b: &mut Bencher, xbits: usize, ybits: usize) {
let mut rng = get_rng();
let x = rng.gen_bigint(xbits);
let y = rng.gen_bigint(ybits);
b.iter(|| &x / &y);
}
fn factorial(n: usize) -> BigUint {
let mut f: BigUint = One::one();
for i in 1..(n+1) {
let bu: BigUint = FromPrimitive::from_usize(i).unwrap();
f = f * bu;
}
f
}
/// Compute Fibonacci numbers
fn fib(n: usize) -> BigUint {
let mut f0: BigUint = Zero::zero();
let mut f1: BigUint = One::one();
for _ in 0..n {
let f2 = f0 + &f1;
f0 = replace(&mut f1, f2);
}
f0
}
/// Compute Fibonacci numbers with two ops per iteration
/// (add and subtract, like issue #200)
fn fib2(n: usize) -> BigUint {
let mut f0: BigUint = Zero::zero();
let mut f1: BigUint = One::one();
for _ in 0..n {
f1 = f1 + &f0;
f0 = &f1 - f0;
}
f0
}
#[bench]
fn multiply_0(b: &mut Bencher) {
multiply_bench(b, 1 << 8, 1 << 8);
}
#[bench]
fn multiply_1(b: &mut Bencher) {
multiply_bench(b, 1 << 8, 1 << 16);
}
#[bench]
fn multiply_2(b: &mut Bencher) {
multiply_bench(b, 1 << 16, 1 << 16);
}
#[bench]
fn multiply_3(b: &mut Bencher) {
multiply_bench(b, 1 << 16, 1 << 17);
}
#[bench]
fn divide_0(b: &mut Bencher) {
divide_bench(b, 1 << 8, 1 << 6);
}
#[bench]
fn divide_1(b: &mut Bencher) {
divide_bench(b, 1 << 12, 1 << 8);
}
#[bench]
fn divide_2(b: &mut Bencher) {
divide_bench(b, 1 << 16, 1 << 12);
}
#[bench]
fn factorial_100(b: &mut Bencher) {
b.iter(|| factorial(100));
}
#[bench]
fn fib_100(b: &mut Bencher) {
b.iter(|| fib(100));
}
#[bench]
fn fib_1000(b: &mut Bencher) {
b.iter(|| fib(1000));
}
#[bench]
fn fib_10000(b: &mut Bencher) {
b.iter(|| fib(10000));
}
#[bench]
fn fib2_100(b: &mut Bencher) {
b.iter(|| fib2(100));
}
#[bench]
fn fib2_1000(b: &mut Bencher) {
b.iter(|| fib2(1000));
}
#[bench]
fn fib2_10000(b: &mut Bencher) {
b.iter(|| fib2(10000));
}
#[bench]
fn fac_to_string(b: &mut Bencher) {
let fac = factorial(100);
b.iter(|| fac.to_string());
}
#[bench]
fn fib_to_string(b: &mut Bencher) {
let fib = fib(100);
b.iter(|| fib.to_string());
}
fn to_str_radix_bench(b: &mut Bencher, radix: u32) {
let mut rng = get_rng();
let x = rng.gen_bigint(1009);
b.iter(|| x.to_str_radix(radix));
}
#[bench]
fn to_str_radix_02(b: &mut Bencher) {
to_str_radix_bench(b, 2);
}
#[bench]
fn to_str_radix_08(b: &mut Bencher) {
to_str_radix_bench(b, 8);
}
#[bench]
fn to_str_radix_10(b: &mut Bencher) {
to_str_radix_bench(b, 10);
}
#[bench]
fn to_str_radix_16(b: &mut Bencher) {
to_str_radix_bench(b, 16);
}
#[bench]
fn to_str_radix_36(b: &mut Bencher) {
to_str_radix_bench(b, 36);
}
fn from_str_radix_bench(b: &mut Bencher, radix: u32) {
let mut rng = get_rng();
let x = rng.gen_bigint(1009);
let s = x.to_str_radix(radix);
assert_eq!(x, BigInt::from_str_radix(&s, radix).unwrap());
b.iter(|| BigInt::from_str_radix(&s, radix));
}
#[bench]
fn from_str_radix_02(b: &mut Bencher) {
from_str_radix_bench(b, 2);
}
#[bench]
fn from_str_radix_08(b: &mut Bencher) {
from_str_radix_bench(b, 8);
}
#[bench]
fn from_str_radix_10(b: &mut Bencher) {
from_str_radix_bench(b, 10);
}
#[bench]
fn from_str_radix_16(b: &mut Bencher) {
from_str_radix_bench(b, 16);
}
#[bench]
fn from_str_radix_36(b: &mut Bencher) {
from_str_radix_bench(b, 36);
}
#[bench]
fn shl(b: &mut Bencher) {
let n = BigUint::one() << 1000;
b.iter(|| {
let mut m = n.clone();
for i in 0..50 {
m = m << i;
}
})
}
#[bench]
fn shr(b: &mut Bencher) {
let n = BigUint::one() << 2000;
b.iter(|| {
let mut m = n.clone();
for i in 0..50 {
m = m >> i;
}
})
}
#[bench]
fn hash(b: &mut Bencher) {
use std::collections::HashSet;
let mut rng = get_rng();
let v: Vec<BigInt> = (1000..2000).map(|bits| rng.gen_bigint(bits)).collect();
b.iter(|| {
let h: HashSet<&BigInt> = v.iter().collect();
assert_eq!(h.len(), v.len());
});
}
#[bench]
fn pow_bench(b: &mut Bencher) {
b.iter(|| {
let upper = 100_usize;
for i in 2..upper + 1 {
for j in 2..upper + 1 {
let i_big = BigUint::from_usize(i).unwrap();
num_traits::pow(i_big, j);
}
}
});
}
/// This modulus is the prime from the 2048-bit MODP DH group:
/// https://tools.ietf.org/html/rfc3526#section-3
const RFC3526_2048BIT_MODP_GROUP: &'static str = "\
FFFFFFFF_FFFFFFFF_C90FDAA2_2168C234_C4C6628B_80DC1CD1\
29024E08_8A67CC74_020BBEA6_3B139B22_514A0879_8E3404DD\
EF9519B3_CD3A431B_302B0A6D_F25F1437_4FE1356D_6D51C245\
E485B576_625E7EC6_F44C42E9_A637ED6B_0BFF5CB6_F406B7ED\
EE386BFB_5A899FA5_AE9F2411_7C4B1FE6_49286651_ECE45B3D\
C2007CB8_A163BF05_98DA4836_1C55D39A_69163FA8_FD24CF5F\
83655D23_DCA3AD96_1C62F356_208552BB_9ED52907_7096966D\
670C354E_4ABC9804_F1746C08_CA18217C_32905E46_2E36CE3B\
E39E772C_180E8603_9B2783A2_EC07A28F_B5C55DF0_6F4C52C9\
DE2BCBF6_95581718_3995497C_EA956AE5_15D22618_98FA0510\
15728E5A_8AACAA68_FFFFFFFF_FFFFFFFF";
#[bench]
fn modpow(b: &mut Bencher) {
let mut rng = get_rng();
let base = rng.gen_biguint(2048);
let e = rng.gen_biguint(2048);
let m = BigUint::from_str_radix(RFC3526_2048BIT_MODP_GROUP, 16).unwrap();
b.iter(|| base.modpow(&e, &m));
}
#[bench]
fn modpow_even(b: &mut Bencher) {
let mut rng = get_rng();
let base = rng.gen_biguint(2048);
let e = rng.gen_biguint(2048);
// Make the modulus even, so monty (base-2^32) doesn't apply.
let m = BigUint::from_str_radix(RFC3526_2048BIT_MODP_GROUP, 16).unwrap() - 1u32;
b.iter(|| base.modpow(&e, &m));
}

View File

@ -1,35 +0,0 @@
#![feature(test)]
extern crate num_bigint;
extern crate num_traits;
extern crate test;
use num_bigint::BigUint;
use num_traits::One;
use std::ops::{Div, Mul};
use test::Bencher;
#[bench]
fn factorial_mul_biguint(b: &mut Bencher) {
b.iter(|| (1u32..1000).map(BigUint::from).fold(BigUint::one(), Mul::mul));
}
#[bench]
fn factorial_mul_u32(b: &mut Bencher) {
b.iter(|| (1u32..1000).fold(BigUint::one(), Mul::mul));
}
// The division test is inspired by this blog comparison:
// <https://tiehuis.github.io/big-integers-in-zig#division-test-single-limb>
#[bench]
fn factorial_div_biguint(b: &mut Bencher) {
let n: BigUint = (1u32..1000).fold(BigUint::one(), Mul::mul);
b.iter(|| (1u32..1000).rev().map(BigUint::from).fold(n.clone(), Div::div));
}
#[bench]
fn factorial_div_u32(b: &mut Bencher) {
let n: BigUint = (1u32..1000).fold(BigUint::one(), Mul::mul);
b.iter(|| (1u32..1000).rev().fold(n.clone(), Div::div));
}

View File

@ -1,84 +0,0 @@
#![feature(test)]
extern crate test;
extern crate num_bigint;
extern crate num_integer;
extern crate num_traits;
extern crate rand;
use test::Bencher;
use num_bigint::{BigUint, RandBigInt};
use num_integer::Integer;
use num_traits::Zero;
use rand::{SeedableRng, StdRng};
fn get_rng() -> StdRng {
let seed: &[_] = &[1, 2, 3, 4];
SeedableRng::from_seed(seed)
}
fn bench(b: &mut Bencher, bits: usize, gcd: fn(&BigUint, &BigUint) -> BigUint) {
let mut rng = get_rng();
let x = rng.gen_biguint(bits);
let y = rng.gen_biguint(bits);
assert_eq!(euclid(&x, &y), x.gcd(&y));
b.iter(|| gcd(&x, &y));
}
fn euclid(x: &BigUint, y: &BigUint) -> BigUint {
// Use Euclid's algorithm
let mut m = x.clone();
let mut n = y.clone();
while !m.is_zero() {
let temp = m;
m = n % &temp;
n = temp;
}
return n;
}
#[bench]
fn gcd_euclid_0064(b: &mut Bencher) {
bench(b, 64, euclid);
}
#[bench]
fn gcd_euclid_0256(b: &mut Bencher) {
bench(b, 256, euclid);
}
#[bench]
fn gcd_euclid_1024(b: &mut Bencher) {
bench(b, 1024, euclid);
}
#[bench]
fn gcd_euclid_4096(b: &mut Bencher) {
bench(b, 4096, euclid);
}
// Integer for BigUint now uses Stein for gcd
#[bench]
fn gcd_stein_0064(b: &mut Bencher) {
bench(b, 64, BigUint::gcd);
}
#[bench]
fn gcd_stein_0256(b: &mut Bencher) {
bench(b, 256, BigUint::gcd);
}
#[bench]
fn gcd_stein_1024(b: &mut Bencher) {
bench(b, 1024, BigUint::gcd);
}
#[bench]
fn gcd_stein_4096(b: &mut Bencher) {
bench(b, 4096, BigUint::gcd);
}

View File

@ -1,134 +0,0 @@
// The Computer Language Benchmarks Game
// http://benchmarksgame.alioth.debian.org/
//
// contributed by the Rust Project Developers
// Copyright (c) 2013-2014 The Rust Project Developers
//
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
// are met:
//
// - Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
//
// - Redistributions in binary form must reproduce the above copyright
// notice, this list of conditions and the following disclaimer in
// the documentation and/or other materials provided with the
// distribution.
//
// - Neither the name of "The Computer Language Benchmarks Game" nor
// the name of "The Computer Language Shootout Benchmarks" nor the
// names of its contributors may be used to endorse or promote
// products derived from this software without specific prior
// written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
// OF THE POSSIBILITY OF SUCH DAMAGE.
extern crate num_bigint;
extern crate num_integer;
extern crate num_traits;
use std::str::FromStr;
use std::io;
use num_bigint::BigInt;
use num_integer::Integer;
use num_traits::{FromPrimitive, ToPrimitive, One, Zero};
struct Context {
numer: BigInt,
accum: BigInt,
denom: BigInt,
}
impl Context {
fn new() -> Context {
Context {
numer: One::one(),
accum: Zero::zero(),
denom: One::one(),
}
}
fn from_i32(i: i32) -> BigInt {
FromPrimitive::from_i32(i).unwrap()
}
fn extract_digit(&self) -> i32 {
if self.numer > self.accum {return -1;}
let (q, r) =
(&self.numer * Context::from_i32(3) + &self.accum)
.div_rem(&self.denom);
if r + &self.numer >= self.denom {return -1;}
q.to_i32().unwrap()
}
fn next_term(&mut self, k: i32) {
let y2 = Context::from_i32(k * 2 + 1);
self.accum = (&self.accum + (&self.numer << 1)) * &y2;
self.numer = &self.numer * Context::from_i32(k);
self.denom = &self.denom * y2;
}
fn eliminate_digit(&mut self, d: i32) {
let d = Context::from_i32(d);
let ten = Context::from_i32(10);
self.accum = (&self.accum - &self.denom * d) * &ten;
self.numer = &self.numer * ten;
}
}
fn pidigits(n: isize, out: &mut io::Write) -> io::Result<()> {
let mut k = 0;
let mut context = Context::new();
for i in 1..(n+1) {
let mut d;
loop {
k += 1;
context.next_term(k);
d = context.extract_digit();
if d != -1 {break;}
}
try!(write!(out, "{}", d));
if i % 10 == 0 { try!(write!(out, "\t:{}\n", i)); }
context.eliminate_digit(d);
}
let m = n % 10;
if m != 0 {
for _ in m..10 { try!(write!(out, " ")); }
try!(write!(out, "\t:{}\n", n));
}
Ok(())
}
const DEFAULT_DIGITS: isize = 512;
fn main() {
let args = std::env::args().collect::<Vec<_>>();
let n = if args.len() < 2 {
DEFAULT_DIGITS
} else if args[1] == "--bench" {
return pidigits(DEFAULT_DIGITS, &mut std::io::sink()).unwrap()
} else {
FromStr::from_str(&args[1]).unwrap()
};
pidigits(n, &mut std::io::stdout()).unwrap();
}

View File

@ -1,3 +0,0 @@
status = [
"continuous-integration/travis-ci/push",
]

View File

@ -1,19 +0,0 @@
#!/bin/sh
# Use rustup to locally run the same suite of tests as .travis.yml.
# (You should first install/update 1.8.0, stable, beta, and nightly.)
set -ex
export TRAVIS_RUST_VERSION
for TRAVIS_RUST_VERSION in 1.8.0 stable beta nightly; do
run="rustup run $TRAVIS_RUST_VERSION"
if [ "$TRAVIS_RUST_VERSION" = 1.8.0 ]; then
# rand 0.3.22 started depending on rand 0.4, which requires rustc 1.15
# manually hacking the lockfile due to the limitations of cargo#2773
$run cargo generate-lockfile
$run sed -i -e 's/"rand 0.[34].[0-9]\+/"rand 0.3.20/' Cargo.lock
$run sed -i -e '/^name = "rand"/,/^$/s/version = "0.3.[0-9]\+"/version = "0.3.20"/' Cargo.lock
fi
$run cargo build --verbose
$run $PWD/ci/test_full.sh
done

View File

@ -1,23 +0,0 @@
#!/bin/bash
set -ex
echo Testing num-bigint on rustc ${TRAVIS_RUST_VERSION}
# num-bigint should build and test everywhere.
cargo build --verbose
cargo test --verbose
# It should build with minimal features too.
cargo build --no-default-features
cargo test --no-default-features
# Each isolated feature should also work everywhere.
for feature in rand rustc-serialize serde; do
cargo build --verbose --no-default-features --features="$feature"
cargo test --verbose --no-default-features --features="$feature"
done
# Downgrade serde and build test the 0.7.0 channel as well
cargo update -p serde --precise 0.7.0
cargo build --verbose --no-default-features --features "serde"

View File

@ -1,665 +0,0 @@
use std::borrow::Cow;
use std::cmp;
use std::cmp::Ordering::{self, Less, Greater, Equal};
use std::iter::repeat;
use std::mem;
use traits;
use traits::{Zero, One};
use biguint::BigUint;
use bigint::BigInt;
use bigint::Sign;
use bigint::Sign::{Minus, NoSign, Plus};
#[allow(non_snake_case)]
pub mod big_digit {
/// A `BigDigit` is a `BigUint`'s composing element.
pub type BigDigit = u32;
/// A `DoubleBigDigit` is the internal type used to do the computations. Its
/// size is the double of the size of `BigDigit`.
pub type DoubleBigDigit = u64;
pub const ZERO_BIG_DIGIT: BigDigit = 0;
// `DoubleBigDigit` size dependent
pub const BITS: usize = 32;
pub const BASE: DoubleBigDigit = 1 << BITS;
const LO_MASK: DoubleBigDigit = (-1i32 as DoubleBigDigit) >> BITS;
#[inline]
fn get_hi(n: DoubleBigDigit) -> BigDigit {
(n >> BITS) as BigDigit
}
#[inline]
fn get_lo(n: DoubleBigDigit) -> BigDigit {
(n & LO_MASK) as BigDigit
}
/// Split one `DoubleBigDigit` into two `BigDigit`s.
#[inline]
pub fn from_doublebigdigit(n: DoubleBigDigit) -> (BigDigit, BigDigit) {
(get_hi(n), get_lo(n))
}
/// Join two `BigDigit`s into one `DoubleBigDigit`
#[inline]
pub fn to_doublebigdigit(hi: BigDigit, lo: BigDigit) -> DoubleBigDigit {
(lo as DoubleBigDigit) | ((hi as DoubleBigDigit) << BITS)
}
}
use big_digit::{BigDigit, DoubleBigDigit};
// Generic functions for add/subtract/multiply with carry/borrow:
// Add with carry:
#[inline]
fn adc(a: BigDigit, b: BigDigit, carry: &mut BigDigit) -> BigDigit {
let (hi, lo) = big_digit::from_doublebigdigit((a as DoubleBigDigit) + (b as DoubleBigDigit) +
(*carry as DoubleBigDigit));
*carry = hi;
lo
}
// Subtract with borrow:
#[inline]
fn sbb(a: BigDigit, b: BigDigit, borrow: &mut BigDigit) -> BigDigit {
let (hi, lo) = big_digit::from_doublebigdigit(big_digit::BASE + (a as DoubleBigDigit) -
(b as DoubleBigDigit) -
(*borrow as DoubleBigDigit));
// hi * (base) + lo == 1*(base) + ai - bi - borrow
// => ai - bi - borrow < 0 <=> hi == 0
*borrow = (hi == 0) as BigDigit;
lo
}
#[inline]
pub fn mac_with_carry(a: BigDigit, b: BigDigit, c: BigDigit, carry: &mut BigDigit) -> BigDigit {
let (hi, lo) = big_digit::from_doublebigdigit((a as DoubleBigDigit) +
(b as DoubleBigDigit) * (c as DoubleBigDigit) +
(*carry as DoubleBigDigit));
*carry = hi;
lo
}
#[inline]
pub fn mul_with_carry(a: BigDigit, b: BigDigit, carry: &mut BigDigit) -> BigDigit {
let (hi, lo) = big_digit::from_doublebigdigit((a as DoubleBigDigit) * (b as DoubleBigDigit) +
(*carry as DoubleBigDigit));
*carry = hi;
lo
}
/// Divide a two digit numerator by a one digit divisor, returns quotient and remainder:
///
/// Note: the caller must ensure that both the quotient and remainder will fit into a single digit.
/// This is _not_ true for an arbitrary numerator/denominator.
///
/// (This function also matches what the x86 divide instruction does).
#[inline]
fn div_wide(hi: BigDigit, lo: BigDigit, divisor: BigDigit) -> (BigDigit, BigDigit) {
debug_assert!(hi < divisor);
let lhs = big_digit::to_doublebigdigit(hi, lo);
let rhs = divisor as DoubleBigDigit;
((lhs / rhs) as BigDigit, (lhs % rhs) as BigDigit)
}
pub fn div_rem_digit(mut a: BigUint, b: BigDigit) -> (BigUint, BigDigit) {
let mut rem = 0;
for d in a.data.iter_mut().rev() {
let (q, r) = div_wide(rem, *d, b);
*d = q;
rem = r;
}
(a.normalized(), rem)
}
// Only for the Add impl:
#[inline]
pub fn __add2(a: &mut [BigDigit], b: &[BigDigit]) -> BigDigit {
debug_assert!(a.len() >= b.len());
let mut carry = 0;
let (a_lo, a_hi) = a.split_at_mut(b.len());
for (a, b) in a_lo.iter_mut().zip(b) {
*a = adc(*a, *b, &mut carry);
}
if carry != 0 {
for a in a_hi {
*a = adc(*a, 0, &mut carry);
if carry == 0 { break }
}
}
carry
}
/// /Two argument addition of raw slices:
/// a += b
///
/// The caller _must_ ensure that a is big enough to store the result - typically this means
/// resizing a to max(a.len(), b.len()) + 1, to fit a possible carry.
pub fn add2(a: &mut [BigDigit], b: &[BigDigit]) {
let carry = __add2(a, b);
debug_assert!(carry == 0);
}
pub fn sub2(a: &mut [BigDigit], b: &[BigDigit]) {
let mut borrow = 0;
let len = cmp::min(a.len(), b.len());
let (a_lo, a_hi) = a.split_at_mut(len);
let (b_lo, b_hi) = b.split_at(len);
for (a, b) in a_lo.iter_mut().zip(b_lo) {
*a = sbb(*a, *b, &mut borrow);
}
if borrow != 0 {
for a in a_hi {
*a = sbb(*a, 0, &mut borrow);
if borrow == 0 { break }
}
}
// note: we're _required_ to fail on underflow
assert!(borrow == 0 && b_hi.iter().all(|x| *x == 0),
"Cannot subtract b from a because b is larger than a.");
}
pub fn sub2rev(a: &[BigDigit], b: &mut [BigDigit]) {
debug_assert!(b.len() >= a.len());
let mut borrow = 0;
let len = cmp::min(a.len(), b.len());
let (a_lo, a_hi) = a.split_at(len);
let (b_lo, b_hi) = b.split_at_mut(len);
for (a, b) in a_lo.iter().zip(b_lo) {
*b = sbb(*a, *b, &mut borrow);
}
assert!(a_hi.is_empty());
// note: we're _required_ to fail on underflow
assert!(borrow == 0 && b_hi.iter().all(|x| *x == 0),
"Cannot subtract b from a because b is larger than a.");
}
pub fn sub_sign(a: &[BigDigit], b: &[BigDigit]) -> (Sign, BigUint) {
// Normalize:
let a = &a[..a.iter().rposition(|&x| x != 0).map_or(0, |i| i + 1)];
let b = &b[..b.iter().rposition(|&x| x != 0).map_or(0, |i| i + 1)];
match cmp_slice(a, b) {
Greater => {
let mut a = a.to_vec();
sub2(&mut a, b);
(Plus, BigUint::new(a))
}
Less => {
let mut b = b.to_vec();
sub2(&mut b, a);
(Minus, BigUint::new(b))
}
_ => (NoSign, Zero::zero()),
}
}
/// Three argument multiply accumulate:
/// acc += b * c
pub fn mac_digit(acc: &mut [BigDigit], b: &[BigDigit], c: BigDigit) {
if c == 0 {
return;
}
let mut carry = 0;
let (a_lo, a_hi) = acc.split_at_mut(b.len());
for (a, &b) in a_lo.iter_mut().zip(b) {
*a = mac_with_carry(*a, b, c, &mut carry);
}
let mut a = a_hi.iter_mut();
while carry != 0 {
let a = a.next().expect("carry overflow during multiplication!");
*a = adc(*a, 0, &mut carry);
}
}
/// Three argument multiply accumulate:
/// acc += b * c
fn mac3(acc: &mut [BigDigit], b: &[BigDigit], c: &[BigDigit]) {
let (x, y) = if b.len() < c.len() {
(b, c)
} else {
(c, b)
};
// We use three algorithms for different input sizes.
//
// - For small inputs, long multiplication is fastest.
// - Next we use Karatsuba multiplication (Toom-2), which we have optimized
// to avoid unnecessary allocations for intermediate values.
// - For the largest inputs we use Toom-3, which better optimizes the
// number of operations, but uses more temporary allocations.
//
// The thresholds are somewhat arbitrary, chosen by evaluating the results
// of `cargo bench --bench bigint multiply`.
if x.len() <= 32 {
// Long multiplication:
for (i, xi) in x.iter().enumerate() {
mac_digit(&mut acc[i..], y, *xi);
}
} else if x.len() <= 256 {
/*
* Karatsuba multiplication:
*
* The idea is that we break x and y up into two smaller numbers that each have about half
* as many digits, like so (note that multiplying by b is just a shift):
*
* x = x0 + x1 * b
* y = y0 + y1 * b
*
* With some algebra, we can compute x * y with three smaller products, where the inputs to
* each of the smaller products have only about half as many digits as x and y:
*
* x * y = (x0 + x1 * b) * (y0 + y1 * b)
*
* x * y = x0 * y0
* + x0 * y1 * b
* + x1 * y0 * b
* + x1 * y1 * b^2
*
* Let p0 = x0 * y0 and p2 = x1 * y1:
*
* x * y = p0
* + (x0 * y1 + x1 * y0) * b
* + p2 * b^2
*
* The real trick is that middle term:
*
* x0 * y1 + x1 * y0
*
* = x0 * y1 + x1 * y0 - p0 + p0 - p2 + p2
*
* = x0 * y1 + x1 * y0 - x0 * y0 - x1 * y1 + p0 + p2
*
* Now we complete the square:
*
* = -(x0 * y0 - x0 * y1 - x1 * y0 + x1 * y1) + p0 + p2
*
* = -((x1 - x0) * (y1 - y0)) + p0 + p2
*
* Let p1 = (x1 - x0) * (y1 - y0), and substitute back into our original formula:
*
* x * y = p0
* + (p0 + p2 - p1) * b
* + p2 * b^2
*
* Where the three intermediate products are:
*
* p0 = x0 * y0
* p1 = (x1 - x0) * (y1 - y0)
* p2 = x1 * y1
*
* In doing the computation, we take great care to avoid unnecessary temporary variables
* (since creating a BigUint requires a heap allocation): thus, we rearrange the formula a
* bit so we can use the same temporary variable for all the intermediate products:
*
* x * y = p2 * b^2 + p2 * b
* + p0 * b + p0
* - p1 * b
*
* The other trick we use is instead of doing explicit shifts, we slice acc at the
* appropriate offset when doing the add.
*/
/*
* When x is smaller than y, it's significantly faster to pick b such that x is split in
* half, not y:
*/
let b = x.len() / 2;
let (x0, x1) = x.split_at(b);
let (y0, y1) = y.split_at(b);
/*
* We reuse the same BigUint for all the intermediate multiplies and have to size p
* appropriately here: x1.len() >= x0.len and y1.len() >= y0.len():
*/
let len = x1.len() + y1.len() + 1;
let mut p = BigUint { data: vec![0; len] };
// p2 = x1 * y1
mac3(&mut p.data[..], x1, y1);
// Not required, but the adds go faster if we drop any unneeded 0s from the end:
p.normalize();
add2(&mut acc[b..], &p.data[..]);
add2(&mut acc[b * 2..], &p.data[..]);
// Zero out p before the next multiply:
p.data.truncate(0);
p.data.extend(repeat(0).take(len));
// p0 = x0 * y0
mac3(&mut p.data[..], x0, y0);
p.normalize();
add2(&mut acc[..], &p.data[..]);
add2(&mut acc[b..], &p.data[..]);
// p1 = (x1 - x0) * (y1 - y0)
// We do this one last, since it may be negative and acc can't ever be negative:
let (j0_sign, j0) = sub_sign(x1, x0);
let (j1_sign, j1) = sub_sign(y1, y0);
match j0_sign * j1_sign {
Plus => {
p.data.truncate(0);
p.data.extend(repeat(0).take(len));
mac3(&mut p.data[..], &j0.data[..], &j1.data[..]);
p.normalize();
sub2(&mut acc[b..], &p.data[..]);
},
Minus => {
mac3(&mut acc[b..], &j0.data[..], &j1.data[..]);
},
NoSign => (),
}
} else {
// Toom-3 multiplication:
//
// Toom-3 is like Karatsuba above, but dividing the inputs into three parts.
// Both are instances of Toom-Cook, using `k=3` and `k=2` respectively.
//
// FIXME: It would be nice to have comments breaking down the operations below.
let i = y.len()/3 + 1;
let x0_len = cmp::min(x.len(), i);
let x1_len = cmp::min(x.len() - x0_len, i);
let y0_len = i;
let y1_len = cmp::min(y.len() - y0_len, i);
let x0 = BigInt::from_slice(Plus, &x[..x0_len]);
let x1 = BigInt::from_slice(Plus, &x[x0_len..x0_len + x1_len]);
let x2 = BigInt::from_slice(Plus, &x[x0_len + x1_len..]);
let y0 = BigInt::from_slice(Plus, &y[..y0_len]);
let y1 = BigInt::from_slice(Plus, &y[y0_len..y0_len + y1_len]);
let y2 = BigInt::from_slice(Plus, &y[y0_len + y1_len..]);
let p = &x0 + &x2;
let q = &y0 + &y2;
let p2 = &p - &x1;
let q2 = &q - &y1;
let r0 = &x0 * &y0;
let r4 = &x2 * &y2;
let r1 = (p + x1) * (q + y1);
let r2 = &p2 * &q2;
let r3 = ((p2 + x2)*2 - x0) * ((q2 + y2)*2 - y0);
let mut comp3: BigInt = (r3 - &r1) / 3;
let mut comp1: BigInt = (r1 - &r2) / 2;
let mut comp2: BigInt = r2 - &r0;
comp3 = (&comp2 - comp3)/2 + &r4*2;
comp2 = comp2 + &comp1 - &r4;
comp1 = comp1 - &comp3;
let result = r0 + (comp1 << 32*i) + (comp2 << 2*32*i) + (comp3 << 3*32*i) + (r4 << 4*32*i);
let result_pos = result.to_biguint().unwrap();
add2(&mut acc[..], &result_pos.data);
}
}
pub fn mul3(x: &[BigDigit], y: &[BigDigit]) -> BigUint {
let len = x.len() + y.len() + 1;
let mut prod = BigUint { data: vec![0; len] };
mac3(&mut prod.data[..], x, y);
prod.normalized()
}
pub fn scalar_mul(a: &mut [BigDigit], b: BigDigit) -> BigDigit {
let mut carry = 0;
for a in a.iter_mut() {
*a = mul_with_carry(*a, b, &mut carry);
}
carry
}
pub fn div_rem(u: &BigUint, d: &BigUint) -> (BigUint, BigUint) {
if d.is_zero() {
panic!()
}
if u.is_zero() {
return (Zero::zero(), Zero::zero());
}
if d.data == [1] {
return (u.clone(), Zero::zero());
}
if d.data.len() == 1 {
let (div, rem) = div_rem_digit(u.clone(), d.data[0]);
return (div, rem.into());
}
// Required or the q_len calculation below can underflow:
match u.cmp(d) {
Less => return (Zero::zero(), u.clone()),
Equal => return (One::one(), Zero::zero()),
Greater => {} // Do nothing
}
// This algorithm is from Knuth, TAOCP vol 2 section 4.3, algorithm D:
//
// First, normalize the arguments so the highest bit in the highest digit of the divisor is
// set: the main loop uses the highest digit of the divisor for generating guesses, so we
// want it to be the largest number we can efficiently divide by.
//
let shift = d.data.last().unwrap().leading_zeros() as usize;
let mut a = u << shift;
let b = d << shift;
// The algorithm works by incrementally calculating "guesses", q0, for part of the
// remainder. Once we have any number q0 such that q0 * b <= a, we can set
//
// q += q0
// a -= q0 * b
//
// and then iterate until a < b. Then, (q, a) will be our desired quotient and remainder.
//
// q0, our guess, is calculated by dividing the last few digits of a by the last digit of b
// - this should give us a guess that is "close" to the actual quotient, but is possibly
// greater than the actual quotient. If q0 * b > a, we simply use iterated subtraction
// until we have a guess such that q0 * b <= a.
//
let bn = *b.data.last().unwrap();
let q_len = a.data.len() - b.data.len() + 1;
let mut q = BigUint { data: vec![0; q_len] };
// We reuse the same temporary to avoid hitting the allocator in our inner loop - this is
// sized to hold a0 (in the common case; if a particular digit of the quotient is zero a0
// can be bigger).
//
let mut tmp = BigUint { data: Vec::with_capacity(2) };
for j in (0..q_len).rev() {
/*
* When calculating our next guess q0, we don't need to consider the digits below j
* + b.data.len() - 1: we're guessing digit j of the quotient (i.e. q0 << j) from
* digit bn of the divisor (i.e. bn << (b.data.len() - 1) - so the product of those
* two numbers will be zero in all digits up to (j + b.data.len() - 1).
*/
let offset = j + b.data.len() - 1;
if offset >= a.data.len() {
continue;
}
/* just avoiding a heap allocation: */
let mut a0 = tmp;
a0.data.truncate(0);
a0.data.extend(a.data[offset..].iter().cloned());
/*
* q0 << j * big_digit::BITS is our actual quotient estimate - we do the shifts
* implicitly at the end, when adding and subtracting to a and q. Not only do we
* save the cost of the shifts, the rest of the arithmetic gets to work with
* smaller numbers.
*/
let (mut q0, _) = div_rem_digit(a0, bn);
let mut prod = &b * &q0;
while cmp_slice(&prod.data[..], &a.data[j..]) == Greater {
let one: BigUint = One::one();
q0 = q0 - one;
prod = prod - &b;
}
add2(&mut q.data[j..], &q0.data[..]);
sub2(&mut a.data[j..], &prod.data[..]);
a.normalize();
tmp = q0;
}
debug_assert!(a < b);
(q.normalized(), a >> shift)
}
/// Find last set bit
/// fls(0) == 0, fls(u32::MAX) == 32
pub fn fls<T: traits::PrimInt>(v: T) -> usize {
mem::size_of::<T>() * 8 - v.leading_zeros() as usize
}
pub fn ilog2<T: traits::PrimInt>(v: T) -> usize {
fls(v) - 1
}
#[inline]
pub fn biguint_shl(n: Cow<BigUint>, bits: usize) -> BigUint {
let n_unit = bits / big_digit::BITS;
let mut data = match n_unit {
0 => n.into_owned().data,
_ => {
let len = n_unit + n.data.len() + 1;
let mut data = Vec::with_capacity(len);
data.extend(repeat(0).take(n_unit));
data.extend(n.data.iter().cloned());
data
}
};
let n_bits = bits % big_digit::BITS;
if n_bits > 0 {
let mut carry = 0;
for elem in data[n_unit..].iter_mut() {
let new_carry = *elem >> (big_digit::BITS - n_bits);
*elem = (*elem << n_bits) | carry;
carry = new_carry;
}
if carry != 0 {
data.push(carry);
}
}
BigUint::new(data)
}
#[inline]
pub fn biguint_shr(n: Cow<BigUint>, bits: usize) -> BigUint {
let n_unit = bits / big_digit::BITS;
if n_unit >= n.data.len() {
return Zero::zero();
}
let mut data = match n {
Cow::Borrowed(n) => n.data[n_unit..].to_vec(),
Cow::Owned(mut n) => {
n.data.drain(..n_unit);
n.data
}
};
let n_bits = bits % big_digit::BITS;
if n_bits > 0 {
let mut borrow = 0;
for elem in data.iter_mut().rev() {
let new_borrow = *elem << (big_digit::BITS - n_bits);
*elem = (*elem >> n_bits) | borrow;
borrow = new_borrow;
}
}
BigUint::new(data)
}
pub fn cmp_slice(a: &[BigDigit], b: &[BigDigit]) -> Ordering {
debug_assert!(a.last() != Some(&0));
debug_assert!(b.last() != Some(&0));
let (a_len, b_len) = (a.len(), b.len());
if a_len < b_len {
return Less;
}
if a_len > b_len {
return Greater;
}
for (&ai, &bi) in a.iter().rev().zip(b.iter().rev()) {
if ai < bi {
return Less;
}
if ai > bi {
return Greater;
}
}
return Equal;
}
#[cfg(test)]
mod algorithm_tests {
use {BigDigit, BigUint, BigInt};
use Sign::Plus;
use traits::Num;
#[test]
fn test_sub_sign() {
use super::sub_sign;
fn sub_sign_i(a: &[BigDigit], b: &[BigDigit]) -> BigInt {
let (sign, val) = sub_sign(a, b);
BigInt::from_biguint(sign, val)
}
let a = BigUint::from_str_radix("265252859812191058636308480000000", 10).unwrap();
let b = BigUint::from_str_radix("26525285981219105863630848000000", 10).unwrap();
let a_i = BigInt::from_biguint(Plus, a.clone());
let b_i = BigInt::from_biguint(Plus, b.clone());
assert_eq!(sub_sign_i(&a.data[..], &b.data[..]), &a_i - &b_i);
assert_eq!(sub_sign_i(&b.data[..], &a.data[..]), &b_i - &a_i);
}
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,156 +0,0 @@
// Copyright 2013-2014 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! A Big integer (signed version: `BigInt`, unsigned version: `BigUint`).
//!
//! A `BigUint` is represented as a vector of `BigDigit`s.
//! A `BigInt` is a combination of `BigUint` and `Sign`.
//!
//! Common numerical operations are overloaded, so we can treat them
//! the same way we treat other numbers.
//!
//! ## Example
//!
//! ```rust
//! extern crate num_bigint;
//! extern crate num_traits;
//!
//! # fn main() {
//! use num_bigint::BigUint;
//! use num_traits::{Zero, One};
//! use std::mem::replace;
//!
//! // Calculate large fibonacci numbers.
//! fn fib(n: usize) -> BigUint {
//! let mut f0: BigUint = Zero::zero();
//! let mut f1: BigUint = One::one();
//! for _ in 0..n {
//! let f2 = f0 + &f1;
//! // This is a low cost way of swapping f0 with f1 and f1 with f2.
//! f0 = replace(&mut f1, f2);
//! }
//! f0
//! }
//!
//! // This is a very large number.
//! println!("fib(1000) = {}", fib(1000));
//! # }
//! ```
//!
//! It's easy to generate large random numbers:
//!
//! ```rust
//! extern crate rand;
//! extern crate num_bigint as bigint;
//!
//! # #[cfg(feature = "rand")]
//! # fn main() {
//! use bigint::{ToBigInt, RandBigInt};
//!
//! let mut rng = rand::thread_rng();
//! let a = rng.gen_bigint(1000);
//!
//! let low = -10000.to_bigint().unwrap();
//! let high = 10000.to_bigint().unwrap();
//! let b = rng.gen_bigint_range(&low, &high);
//!
//! // Probably an even larger number.
//! println!("{}", a * b);
//! # }
//!
//! # #[cfg(not(feature = "rand"))]
//! # fn main() {
//! # }
//! ```
//!
//! ## Compatibility
//!
//! The `num-bigint` crate is tested for rustc 1.8 and greater.
#![doc(html_root_url = "https://docs.rs/num-bigint/0.1")]
#[cfg(any(feature = "rand", test))]
extern crate rand;
#[cfg(feature = "rustc-serialize")]
extern crate rustc_serialize;
#[cfg(feature = "serde")]
extern crate serde;
extern crate num_integer as integer;
extern crate num_traits as traits;
use std::error::Error;
use std::num::ParseIntError;
use std::fmt;
#[cfg(target_pointer_width = "32")]
type UsizePromotion = u32;
#[cfg(target_pointer_width = "64")]
type UsizePromotion = u64;
#[cfg(target_pointer_width = "32")]
type IsizePromotion = i32;
#[cfg(target_pointer_width = "64")]
type IsizePromotion = i64;
#[derive(Debug, PartialEq)]
pub enum ParseBigIntError {
ParseInt(ParseIntError),
Other,
}
impl fmt::Display for ParseBigIntError {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
match self {
&ParseBigIntError::ParseInt(ref e) => e.fmt(f),
&ParseBigIntError::Other => "failed to parse provided string".fmt(f),
}
}
}
impl Error for ParseBigIntError {
fn description(&self) -> &str {
"failed to parse bigint/biguint"
}
}
impl From<ParseIntError> for ParseBigIntError {
fn from(err: ParseIntError) -> ParseBigIntError {
ParseBigIntError::ParseInt(err)
}
}
#[cfg(test)]
use std::hash;
#[cfg(test)]
fn hash<T: hash::Hash>(x: &T) -> u64 {
use std::hash::{BuildHasher, Hasher};
use std::collections::hash_map::RandomState;
let mut hasher = <RandomState as BuildHasher>::Hasher::new();
x.hash(&mut hasher);
hasher.finish()
}
#[macro_use]
mod macros;
mod biguint;
mod bigint;
pub use biguint::BigUint;
pub use biguint::ToBigUint;
pub use biguint::big_digit;
pub use biguint::big_digit::{BigDigit, DoubleBigDigit, ZERO_BIG_DIGIT};
pub use bigint::Sign;
pub use bigint::BigInt;
pub use bigint::ToBigInt;
pub use bigint::RandBigInt;

View File

@ -1,316 +0,0 @@
#![allow(unknown_lints)] // older rustc doesn't know `unused_macros`
#![allow(unused_macros)]
macro_rules! forward_val_val_binop {
(impl $imp:ident for $res:ty, $method:ident) => {
impl $imp<$res> for $res {
type Output = $res;
#[inline]
fn $method(self, other: $res) -> $res {
// forward to val-ref
$imp::$method(self, &other)
}
}
}
}
macro_rules! forward_val_val_binop_commutative {
(impl $imp:ident for $res:ty, $method:ident) => {
impl $imp<$res> for $res {
type Output = $res;
#[inline]
fn $method(self, other: $res) -> $res {
// forward to val-ref, with the larger capacity as val
if self.data.capacity() >= other.data.capacity() {
$imp::$method(self, &other)
} else {
$imp::$method(other, &self)
}
}
}
}
}
macro_rules! forward_ref_val_binop {
(impl $imp:ident for $res:ty, $method:ident) => {
impl<'a> $imp<$res> for &'a $res {
type Output = $res;
#[inline]
fn $method(self, other: $res) -> $res {
// forward to ref-ref
$imp::$method(self, &other)
}
}
}
}
macro_rules! forward_ref_val_binop_commutative {
(impl $imp:ident for $res:ty, $method:ident) => {
impl<'a> $imp<$res> for &'a $res {
type Output = $res;
#[inline]
fn $method(self, other: $res) -> $res {
// reverse, forward to val-ref
$imp::$method(other, self)
}
}
}
}
macro_rules! forward_val_ref_binop {
(impl $imp:ident for $res:ty, $method:ident) => {
impl<'a> $imp<&'a $res> for $res {
type Output = $res;
#[inline]
fn $method(self, other: &$res) -> $res {
// forward to ref-ref
$imp::$method(&self, other)
}
}
}
}
macro_rules! forward_ref_ref_binop {
(impl $imp:ident for $res:ty, $method:ident) => {
impl<'a, 'b> $imp<&'b $res> for &'a $res {
type Output = $res;
#[inline]
fn $method(self, other: &$res) -> $res {
// forward to val-ref
$imp::$method(self.clone(), other)
}
}
}
}
macro_rules! forward_ref_ref_binop_commutative {
(impl $imp:ident for $res:ty, $method:ident) => {
impl<'a, 'b> $imp<&'b $res> for &'a $res {
type Output = $res;
#[inline]
fn $method(self, other: &$res) -> $res {
// forward to val-ref, choosing the larger to clone
if self.data.len() >= other.data.len() {
$imp::$method(self.clone(), other)
} else {
$imp::$method(other.clone(), self)
}
}
}
}
}
macro_rules! forward_val_assign {
(impl $imp:ident for $res:ty, $method:ident) => {
impl $imp<$res> for $res {
#[inline]
fn $method(&mut self, other: $res) {
self.$method(&other);
}
}
}
}
macro_rules! forward_val_assign_scalar {
(impl $imp:ident for $res:ty, $scalar:ty, $method:ident) => {
impl $imp<$res> for $scalar {
#[inline]
fn $method(&mut self, other: $res) {
self.$method(&other);
}
}
}
}
macro_rules! forward_scalar_val_val_binop_commutative {
(impl $imp:ident<$scalar:ty> for $res:ty, $method: ident) => {
impl $imp<$res> for $scalar {
type Output = $res;
#[inline]
fn $method(self, other: $res) -> $res {
$imp::$method(other, self)
}
}
}
}
macro_rules! forward_scalar_val_ref_binop {
(impl $imp:ident<$scalar:ty> for $res:ty, $method:ident) => {
impl<'a> $imp<&'a $scalar> for $res {
type Output = $res;
#[inline]
fn $method(self, other: &$scalar) -> $res {
$imp::$method(self, *other)
}
}
impl<'a> $imp<$res> for &'a $scalar {
type Output = $res;
#[inline]
fn $method(self, other: $res) -> $res {
$imp::$method(*self, other)
}
}
}
}
macro_rules! forward_scalar_ref_val_binop {
(impl $imp:ident<$scalar:ty> for $res:ty, $method:ident) => {
impl<'a> $imp<$scalar> for &'a $res {
type Output = $res;
#[inline]
fn $method(self, other: $scalar) -> $res {
$imp::$method(self.clone(), other)
}
}
impl<'a> $imp<&'a $res> for $scalar {
type Output = $res;
#[inline]
fn $method(self, other: &$res) -> $res {
$imp::$method(self, other.clone())
}
}
}
}
macro_rules! forward_scalar_ref_ref_binop {
(impl $imp:ident<$scalar:ty> for $res:ty, $method:ident) => {
impl<'a, 'b> $imp<&'b $scalar> for &'a $res {
type Output = $res;
#[inline]
fn $method(self, other: &$scalar) -> $res {
$imp::$method(self.clone(), *other)
}
}
impl<'a, 'b> $imp<&'a $res> for &'b $scalar {
type Output = $res;
#[inline]
fn $method(self, other: &$res) -> $res {
$imp::$method(*self, other.clone())
}
}
}
}
macro_rules! promote_scalars {
(impl $imp:ident<$promo:ty> for $res:ty, $method:ident, $( $scalar:ty ),*) => {
$(
forward_all_scalar_binop_to_val_val!(impl $imp<$scalar> for $res, $method);
impl $imp<$scalar> for $res {
type Output = $res;
#[inline]
fn $method(self, other: $scalar) -> $res {
$imp::$method(self, other as $promo)
}
}
impl $imp<$res> for $scalar {
type Output = $res;
#[inline]
fn $method(self, other: $res) -> $res {
$imp::$method(self as $promo, other)
}
}
)*
}
}
macro_rules! promote_scalars_assign {
(impl $imp:ident<$promo:ty> for $res:ty, $method:ident, $( $scalar:ty ),*) => {
$(
impl $imp<$scalar> for $res {
#[inline]
fn $method(&mut self, other: $scalar) {
self.$method(other as $promo);
}
}
)*
}
}
macro_rules! promote_unsigned_scalars {
(impl $imp:ident for $res:ty, $method:ident) => {
promote_scalars!(impl $imp<u32> for $res, $method, u8, u16);
promote_scalars!(impl $imp<UsizePromotion> for $res, $method, usize);
}
}
macro_rules! promote_unsigned_scalars_assign {
(impl $imp:ident for $res:ty, $method:ident) => {
promote_scalars_assign!(impl $imp<u32> for $res, $method, u8, u16);
promote_scalars_assign!(impl $imp<UsizePromotion> for $res, $method, usize);
}
}
macro_rules! promote_signed_scalars {
(impl $imp:ident for $res:ty, $method:ident) => {
promote_scalars!(impl $imp<i32> for $res, $method, i8, i16);
promote_scalars!(impl $imp<IsizePromotion> for $res, $method, isize);
}
}
// Forward everything to ref-ref, when reusing storage is not helpful
macro_rules! forward_all_binop_to_ref_ref {
(impl $imp:ident for $res:ty, $method:ident) => {
forward_val_val_binop!(impl $imp for $res, $method);
forward_val_ref_binop!(impl $imp for $res, $method);
forward_ref_val_binop!(impl $imp for $res, $method);
};
}
// Forward everything to val-ref, so LHS storage can be reused
macro_rules! forward_all_binop_to_val_ref {
(impl $imp:ident for $res:ty, $method:ident) => {
forward_val_val_binop!(impl $imp for $res, $method);
forward_ref_val_binop!(impl $imp for $res, $method);
forward_ref_ref_binop!(impl $imp for $res, $method);
};
}
// Forward everything to val-ref, commutatively, so either LHS or RHS storage can be reused
macro_rules! forward_all_binop_to_val_ref_commutative {
(impl $imp:ident for $res:ty, $method:ident) => {
forward_val_val_binop_commutative!(impl $imp for $res, $method);
forward_ref_val_binop_commutative!(impl $imp for $res, $method);
forward_ref_ref_binop_commutative!(impl $imp for $res, $method);
};
}
macro_rules! forward_all_scalar_binop_to_val_val {
(impl $imp:ident<$scalar:ty> for $res:ty, $method:ident) => {
forward_scalar_val_ref_binop!(impl $imp<$scalar> for $res, $method);
forward_scalar_ref_val_binop!(impl $imp<$scalar> for $res, $method);
forward_scalar_ref_ref_binop!(impl $imp<$scalar> for $res, $method);
}
}
macro_rules! forward_all_scalar_binop_to_val_val_commutative {
(impl $imp:ident<$scalar:ty> for $res:ty, $method:ident) => {
forward_scalar_val_val_binop_commutative!(impl $imp<$scalar> for $res, $method);
forward_all_scalar_binop_to_val_val!(impl $imp<$scalar> for $res, $method);
}
}
macro_rules! promote_all_scalars {
(impl $imp:ident for $res:ty, $method:ident) => {
promote_unsigned_scalars!(impl $imp for $res, $method);
promote_signed_scalars!(impl $imp for $res, $method);
}
}

View File

@ -1,127 +0,0 @@
use integer::Integer;
use traits::Zero;
use biguint::BigUint;
struct MontyReducer<'a> {
n: &'a BigUint,
n0inv: u32
}
// Calculate the modular inverse of `num`, using Extended GCD.
//
// Reference:
// Brent & Zimmermann, Modern Computer Arithmetic, v0.5.9, Algorithm 1.20
fn inv_mod_u32(num: u32) -> u32 {
// num needs to be relatively prime to 2**32 -- i.e. it must be odd.
assert!(num % 2 != 0);
let mut a: i64 = num as i64;
let mut b: i64 = (u32::max_value() as i64) + 1;
// ExtendedGcd
// Input: positive integers a and b
// Output: integers (g, u, v) such that g = gcd(a, b) = ua + vb
// As we don't need v for modular inverse, we don't calculate it.
// 1: (u, w) <- (1, 0)
let mut u = 1;
let mut w = 0;
// 3: while b != 0
while b != 0 {
// 4: (q, r) <- DivRem(a, b)
let q = a / b;
let r = a % b;
// 5: (a, b) <- (b, r)
a = b; b = r;
// 6: (u, w) <- (w, u - qw)
let m = u - w*q;
u = w; w = m;
}
assert!(a == 1);
// Downcasting acts like a mod 2^32 too.
u as u32
}
impl<'a> MontyReducer<'a> {
fn new(n: &'a BigUint) -> Self {
let n0inv = inv_mod_u32(n.data[0]);
MontyReducer { n: n, n0inv: n0inv }
}
}
// Montgomery Reduction
//
// Reference:
// Brent & Zimmermann, Modern Computer Arithmetic, v0.5.9, Algorithm 2.6
fn monty_redc(a: BigUint, mr: &MontyReducer) -> BigUint {
let mut c = a.data;
let n = &mr.n.data;
let n_size = n.len();
// Allocate sufficient work space
c.resize(2 * n_size + 2, 0);
// β is the size of a word, in this case 32 bits. So "a mod β" is
// equivalent to masking a to 32 bits.
// mu <- -N^(-1) mod β
let mu = 0u32.wrapping_sub(mr.n0inv);
// 1: for i = 0 to (n-1)
for i in 0..n_size {
// 2: q_i <- mu*c_i mod β
let q_i = c[i].wrapping_mul(mu);
// 3: C <- C + q_i * N * β^i
super::algorithms::mac_digit(&mut c[i..], n, q_i);
}
// 4: R <- C * β^(-n)
// This is an n-word bitshift, equivalent to skipping n words.
let ret = BigUint::new(c[n_size..].to_vec());
// 5: if R >= β^n then return R-N else return R.
if &ret < mr.n {
ret
} else {
ret - mr.n
}
}
// Montgomery Multiplication
fn monty_mult(a: BigUint, b: &BigUint, mr: &MontyReducer) -> BigUint {
monty_redc(a * b, mr)
}
// Montgomery Squaring
fn monty_sqr(a: BigUint, mr: &MontyReducer) -> BigUint {
// TODO: Replace with an optimised squaring function
monty_redc(&a * &a, mr)
}
pub fn monty_modpow(a: &BigUint, exp: &BigUint, modulus: &BigUint) -> BigUint{
let mr = MontyReducer::new(modulus);
// Calculate the Montgomery parameter
let mut v = vec![0; modulus.data.len()];
v.push(1);
let r = BigUint::new(v);
// Map the base to the Montgomery domain
let mut apri = a * &r % modulus;
// Binary exponentiation
let mut ans = &r % modulus;
let mut e = exp.clone();
while !e.is_zero() {
if e.is_odd() {
ans = monty_mult(ans, &apri, &mr);
}
apri = monty_sqr(apri, &mr);
e = e >> 1;
}
// Map the result back to the residues domain
monty_redc(ans, &mr)
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,150 +0,0 @@
extern crate num_bigint;
extern crate num_integer;
extern crate num_traits;
static BIG_B: &'static str = "\
efac3c0a_0de55551_fee0bfe4_67fa017a_1a898fa1_6ca57cb1\
ca9e3248_cacc09a9_b99d6abc_38418d0f_82ae4238_d9a68832\
aadec7c1_ac5fed48_7a56a71b_67ac59d5_afb28022_20d9592d\
247c4efc_abbd9b75_586088ee_1dc00dc4_232a8e15_6e8191dd\
675b6ae0_c80f5164_752940bc_284b7cee_885c1e10_e495345b\
8fbe9cfd_e5233fe1_19459d0b_d64be53c_27de5a02_a829976b\
33096862_82dad291_bd38b6a9_be396646_ddaf8039_a2573c39\
1b14e8bc_2cb53e48_298c047e_d9879e9c_5a521076_f0e27df3\
990e1659_d3d8205b_6443ebc0_9918ebee_6764f668_9f2b2be3\
b59cbc76_d76d0dfc_d737c3ec_0ccf9c00_ad0554bf_17e776ad\
b4edf9cc_6ce540be_76229093_5c53893b";
static BIG_E: &'static str = "\
be0e6ea6_08746133_e0fbc1bf_82dba91e_e2b56231_a81888d2\
a833a1fc_f7ff002a_3c486a13_4f420bf3_a5435be9_1a5c8391\
774d6e6c_085d8357_b0c97d4d_2bb33f7c_34c68059_f78d2541\
eacc8832_426f1816_d3be001e_b69f9242_51c7708e_e10efe98\
449c9a4a_b55a0f23_9d797410_515da00d_3ea07970_4478a2ca\
c3d5043c_bd9be1b4_6dce479d_4302d344_84a939e6_0ab5ada7\
12ae34b2_30cc473c_9f8ee69d_2cac5970_29f5bf18_bc8203e4\
f3e895a2_13c94f1e_24c73d77_e517e801_53661fdd_a2ce9e47\
a73dd7f8_2f2adb1e_3f136bf7_8ae5f3b8_08730de1_a4eff678\
e77a06d0_19a522eb_cbefba2a_9caf7736_b157c5c6_2d192591\
17946850_2ddb1822_117b68a0_32f7db88";
// This modulus is the prime from the 2048-bit MODP DH group:
// https://tools.ietf.org/html/rfc3526#section-3
static BIG_M: &'static str = "\
FFFFFFFF_FFFFFFFF_C90FDAA2_2168C234_C4C6628B_80DC1CD1\
29024E08_8A67CC74_020BBEA6_3B139B22_514A0879_8E3404DD\
EF9519B3_CD3A431B_302B0A6D_F25F1437_4FE1356D_6D51C245\
E485B576_625E7EC6_F44C42E9_A637ED6B_0BFF5CB6_F406B7ED\
EE386BFB_5A899FA5_AE9F2411_7C4B1FE6_49286651_ECE45B3D\
C2007CB8_A163BF05_98DA4836_1C55D39A_69163FA8_FD24CF5F\
83655D23_DCA3AD96_1C62F356_208552BB_9ED52907_7096966D\
670C354E_4ABC9804_F1746C08_CA18217C_32905E46_2E36CE3B\
E39E772C_180E8603_9B2783A2_EC07A28F_B5C55DF0_6F4C52C9\
DE2BCBF6_95581718_3995497C_EA956AE5_15D22618_98FA0510\
15728E5A_8AACAA68_FFFFFFFF_FFFFFFFF";
static BIG_R: &'static str = "\
a1468311_6e56edc9_7a98228b_5e924776_0dd7836e_caabac13\
eda5373b_4752aa65_a1454850_40dc770e_30aa8675_6be7d3a8\
9d3085e4_da5155cf_b451ef62_54d0da61_cf2b2c87_f495e096\
055309f7_77802bbb_37271ba8_1313f1b5_075c75d1_024b6c77\
fdb56f17_b05bce61_e527ebfd_2ee86860_e9907066_edd526e7\
93d289bf_6726b293_41b0de24_eff82424_8dfd374b_4ec59542\
35ced2b2_6b195c90_10042ffb_8f58ce21_bc10ec42_64fda779\
d352d234_3d4eaea6_a86111ad_a37e9555_43ca78ce_2885bed7\
5a30d182_f1cf6834_dc5b6e27_1a41ac34_a2e91e11_33363ff0\
f88a7b04_900227c9_f6e6d06b_7856b4bb_4e354d61_060db6c8\
109c4735_6e7db425_7b5d74c7_0b709508";
mod biguint {
use num_bigint::BigUint;
use num_integer::Integer;
use num_traits::Num;
fn check_modpow<T: Into<BigUint>>(b: T, e: T, m: T, r: T) {
let b: BigUint = b.into();
let e: BigUint = e.into();
let m: BigUint = m.into();
let r: BigUint = r.into();
assert_eq!(b.modpow(&e, &m), r);
let even_m = &m << 1;
let even_modpow = b.modpow(&e, &even_m);
assert!(even_modpow < even_m);
assert_eq!(even_modpow.mod_floor(&m), r);
}
#[test]
fn test_modpow() {
check_modpow::<u32>(1, 0, 11, 1);
check_modpow::<u32>(0, 15, 11, 0);
check_modpow::<u32>(3, 7, 11, 9);
check_modpow::<u32>(5, 117, 19, 1);
}
#[test]
fn test_modpow_big() {
let b = BigUint::from_str_radix(super::BIG_B, 16).unwrap();
let e = BigUint::from_str_radix(super::BIG_E, 16).unwrap();
let m = BigUint::from_str_radix(super::BIG_M, 16).unwrap();
let r = BigUint::from_str_radix(super::BIG_R, 16).unwrap();
assert_eq!(b.modpow(&e, &m), r);
let even_m = &m << 1;
let even_modpow = b.modpow(&e, &even_m);
assert!(even_modpow < even_m);
assert_eq!(even_modpow % m, r);
}
}
mod bigint {
use num_bigint::BigInt;
use num_integer::Integer;
use num_traits::{Num, Zero, One, Signed};
fn check_modpow<T: Into<BigInt>>(b: T, e: T, m: T, r: T) {
fn check(b: &BigInt, e: &BigInt, m: &BigInt, r: &BigInt) {
assert_eq!(&b.modpow(e, m), r);
let even_m = m << 1;
let even_modpow = b.modpow(e, m);
assert!(even_modpow.abs() < even_m.abs());
assert_eq!(&even_modpow.mod_floor(&m), r);
// the sign of the result follows the modulus like `mod_floor`, not `rem`
assert_eq!(b.modpow(&BigInt::one(), m), b.mod_floor(m));
}
let b: BigInt = b.into();
let e: BigInt = e.into();
let m: BigInt = m.into();
let r: BigInt = r.into();
let neg_r = if r.is_zero() { BigInt::zero() } else { &m - &r };
check(&b, &e, &m, &r);
check(&-&b, &e, &m, &neg_r);
check(&b, &e, &-&m, &-neg_r);
check(&-b, &e, &-m, &-r);
}
#[test]
fn test_modpow() {
check_modpow(1, 0, 11, 1);
check_modpow(0, 15, 11, 0);
check_modpow(3, 7, 11, 9);
check_modpow(5, 117, 19, 1);
}
#[test]
fn test_modpow_big() {
let b = BigInt::from_str_radix(super::BIG_B, 16).unwrap();
let e = BigInt::from_str_radix(super::BIG_E, 16).unwrap();
let m = BigInt::from_str_radix(super::BIG_M, 16).unwrap();
let r = BigInt::from_str_radix(super::BIG_R, 16).unwrap();
check_modpow(b, e, m, r);
}
}

View File

@ -1 +0,0 @@
{"files":{"Cargo.toml":"fd8fb63d62ad4e89438c8ab623684bae455ceb47baf5746c60e7c962c219752a","LICENSE":"cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30","NOTICE":"6e0c856925602c18a04e173be3a6e2d812a7ca4501176642a07fec1af97e0eab","README.md":"4f227c9d8a3c07e4b82b2812d3fcc512cdf477a4daf2c9c955f49fb2e94cbab8","rustfmt.toml":"925e9c7b3d6df043a11531da116439cc0d0b0368b682875a8fb0e8229fc7df01","src/errors.rs":"efcc4e8472ee06de82b122017cca4e87898034c98bc9b593110b2a4f8a557e26","src/functions.rs":"1bec1b1ac5c38d3db527880ab5b06005f567a52bba7b98b1ec0fdf64f7d0a68b","src/lib.rs":"ec21c8a26eaf41912967871f324371a673821ee61bd557b19f30d729bb3695c0","src/tests.rs":"e1a03e88b1d03bbd1fd9817cd347224d523a96ad85440a0ffbf82b1a494aac6f","src/types.rs":"797b99955b4fa30ad373ee435076c6d251978bb6ae724cc9a082020fb8f984fc"},"package":"ff403ab0d15638fc795f4e2122e77e007fdcf17db7fee38f225f173c6e4cc1c3"}

View File

@ -1,33 +0,0 @@
# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
#
# When uploading crates to the registry Cargo will automatically
# "normalize" Cargo.toml files for maximal compatibility
# with all versions of Cargo and also rewrite `path` dependencies
# to registry (e.g., crates.io) dependencies
#
# If you believe there's an error in this file please file an
# issue against the rust-lang/cargo repository. If you're
# editing this file be aware that the upstream Cargo.toml
# will likely look very different (and much more reasonable)
[package]
name = "pkcs11"
version = "0.4.0"
authors = ["Marcus Heese <marcus.heese@gmail.com>"]
exclude = ["pkcs11-docs/**"]
description = "Rust PKCS#11 Library"
homepage = "https://github.com/mheese/rust-pkcs11"
keywords = ["pkcs11", "cryptoki"]
categories = ["external-ffi-bindings", "cryptography", "hardware-support"]
license = "Apache-2.0"
repository = "https://github.com/mheese/rust-pkcs11"
[dependencies.libloading]
version = "^0.4"
[dependencies.num-bigint]
version = "^0.1"
[dev-dependencies.hex]
version = "^0.3"
[dev-dependencies.num-traits]
version = "^0.1"

View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,13 +0,0 @@
Rust PKCS#11 Library
Copyright 2017 Marcus Heese
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
-------------------------------------------------------------------------------
This product bundles OASIS PKCS#11 documentation and header files, which are
available under the OASIS IPR Policy
[http://www.oasis-open.org/policies-guidelines/ipr].
For details, see pkcs11-docs/.

View File

@ -1,46 +0,0 @@
<!--
Copyright 2017 Marcus Heese
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
# Rust PKCS#11 Library
This is a library which brings support for PKCS#11 to Rust. It is aiming at having both a very low-level API to map the PKCS#11 functionality to Rust as well as having a higher-level API for more easy usage as well as bringing more safety for programming against PKCS#11.
## Testing
Testing is currently done with [SoftHSM2](https://github.com/opendnssec/SoftHSMv2 "SoftHSM2 Repo"). A trillion thanks to the people at OpenDNSSEC for writing SoftHSM. This makes it possible to develop applications that need to support PKCS#11. I would have no idea what to do without it. (Suggestions are always welcome.)
### Status
Here is a list of the implementation status and plans on what to do next:
- [x] Dynamic loading of PKCS#11 module (thanks to [libloading](https://github.com/nagisa/rust_libloading "libloading Repo"))
- [x] Initializing and Dropping PKCS#11 context
- [x] Implementing Token and PIN Management functions
- [x] Implementing Session Management functions
- [x] Implementing Object Management functions
- [x] Implementing Key Management functions
- [x] Implementing Encryption/Decryption functions (TODO: tests still missing)
- [x] Implementing Message Digest functions (TODO: tests still missing)
- [x] Implementing Signing and MACing (TODO: tests still missing)
- [x] Implementing Verifying of signatures and MACs (TODO: tests still missing)
- [x] Implementing Dual-function cryptographic operations (TODO: tests still missing)
- [x] Implementing Legacy PKCS#11 functions
- [x] Reorganize code of low-level API (too bloated, which we all know is what PKCS#11 is like)
- [x] Import the rest of the C header `pkcs11t.h` types into rust
- [x] Import the rest of the C header `pkcs11f.h` functions into rust
- [ ] C type constants to string converter functions, and the reverse (maybe part of the high-level API?)
- [ ] Design and implement high-level API
- [x] Publish on crates.io (wow, that was easy)
- [ ] Write and Generate Documentation for Rust docs
- [ ] Better Testing (lots of repetitive code + we need a testing framework and different SoftHSM versions for different platforms)

View File

@ -1,81 +0,0 @@
# Copyright 2017 Marcus Heese
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
verbose = false
disable_all_formatting = false
skip_children = false
max_width = 200
error_on_line_overflow = true
tab_spaces = 2
fn_call_width = 200
struct_lit_width = 18
struct_variant_width = 35
force_explicit_abi = true
newline_style = "Unix"
fn_brace_style = "SameLineWhere"
item_brace_style = "SameLineWhere"
control_style = "Rfc"
control_brace_style = "AlwaysSameLine"
impl_empty_single_line = true
trailing_comma = "Vertical"
fn_empty_single_line = true
fn_single_line = false
fn_return_indent = "WithArgs"
fn_args_paren_newline = false
fn_args_density = "Tall"
fn_args_layout = "Block"
array_layout = "Block"
array_width = 60
type_punctuation_density = "Wide"
where_style = "Rfc"
where_density = "CompressedIfEmpty"
where_layout = "Vertical"
where_pred_indent = "Visual"
generics_indent = "Block"
struct_lit_style = "Block"
struct_lit_multiline_style = "PreferSingle"
fn_call_style = "Block"
report_todo = "Never"
report_fixme = "Never"
chain_indent = "Block"
chain_one_line_max = 100
chain_split_single_child = false
reorder_imports = false
reorder_imports_in_group = false
reorder_imported_names = false
single_line_if_else_max_width = 50
format_strings = false
force_format_strings = false
take_source_hints = false
hard_tabs = false
wrap_comments = false
comment_width = 80
normalize_comments = false
wrap_match_arms = true
match_block_trailing_comma = false
indent_match_arms = true
closure_block_indent_threshold = 7
space_before_type_annotation = false
space_after_type_annotation_colon = true
space_before_struct_lit_field_colon = false
space_after_struct_lit_field_colon = true
space_before_bound = false
space_after_bound_colon = true
spaces_around_ranges = false
spaces_within_angle_brackets = false
spaces_within_square_brackets = false
spaces_within_parens = false
use_try_shorthand = false
write_mode = "Replace"
condense_wildcard_suffixes = false
combine_control_expr = true

View File

@ -1,152 +0,0 @@
// Copyright 2017 Marcus Heese
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
use std;
use types::*;
#[derive(Debug)]
pub enum Error {
Io(std::io::Error),
Module(&'static str),
InvalidInput(&'static str),
Pkcs11(CK_RV),
}
impl From<std::io::Error> for Error {
fn from(err: std::io::Error) -> Error {
Error::Io(err)
}
}
impl std::fmt::Display for Error {
fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
match *self {
Error::Io(ref err) => write!(f, "IO: {}", err),
Error::Module(ref err) => write!(f, "PKCS#11 Module: {}", err),
Error::InvalidInput(ref err) => write!(f, "PKCS#11 Invalid Input: {}", err),
Error::Pkcs11(ref err) => write!(f, "PKCS#11: {} (0x{:x})", strerror(*err), err),
}
}
}
impl std::error::Error for Error {
fn cause(&self) -> Option<&std::error::Error> {
if let Error::Io(ref err) = self {
Some(err)
} else {
None
}
}
}
fn strerror(err: CK_RV) -> &'static str {
match err {
CKR_OK => "CKR_OK",
CKR_CANCEL => "CKR_CANCEL",
CKR_HOST_MEMORY => "CKR_HOST_MEMORY",
CKR_SLOT_ID_INVALID => "CKR_SLOT_ID_INVALID",
CKR_GENERAL_ERROR => "CKR_GENERAL_ERROR",
CKR_FUNCTION_FAILED => "CKR_FUNCTION_FAILED",
CKR_ARGUMENTS_BAD => "CKR_ARGUMENTS_BAD",
CKR_NO_EVENT => "CKR_NO_EVENT",
CKR_NEED_TO_CREATE_THREADS => "CKR_NEED_TO_CREATE_THREADS",
CKR_CANT_LOCK => "CKR_CANT_LOCK",
CKR_ATTRIBUTE_READ_ONLY => "CKR_ATTRIBUTE_READ_ONLY",
CKR_ATTRIBUTE_SENSITIVE => "CKR_ATTRIBUTE_SENSITIVE",
CKR_ATTRIBUTE_TYPE_INVALID => "CKR_ATTRIBUTE_TYPE_INVALID",
CKR_ATTRIBUTE_VALUE_INVALID => "CKR_ATTRIBUTE_VALUE_INVALID",
CKR_ACTION_PROHIBITED => "CKR_ACTION_PROHIBITED",
CKR_DATA_INVALID => "CKR_DATA_INVALID",
CKR_DATA_LEN_RANGE => "CKR_DATA_LEN_RANGE",
CKR_DEVICE_ERROR => "CKR_DEVICE_ERROR",
CKR_DEVICE_MEMORY => "CKR_DEVICE_MEMORY",
CKR_DEVICE_REMOVED => "CKR_DEVICE_REMOVED",
CKR_ENCRYPTED_DATA_INVALID => "CKR_ENCRYPTED_DATA_INVALID",
CKR_ENCRYPTED_DATA_LEN_RANGE => "CKR_ENCRYPTED_DATA_LEN_RANGE",
CKR_FUNCTION_CANCELED => "CKR_FUNCTION_CANCELED",
CKR_FUNCTION_NOT_PARALLEL => "CKR_FUNCTION_NOT_PARALLEL",
CKR_FUNCTION_NOT_SUPPORTED => "CKR_FUNCTION_NOT_SUPPORTED",
CKR_KEY_HANDLE_INVALID => "CKR_KEY_HANDLE_INVALID",
CKR_KEY_SIZE_RANGE => "CKR_KEY_SIZE_RANGE",
CKR_KEY_TYPE_INCONSISTENT => "CKR_KEY_TYPE_INCONSISTENT",
CKR_KEY_NOT_NEEDED => "CKR_KEY_NOT_NEEDED",
CKR_KEY_CHANGED => "CKR_KEY_CHANGED",
CKR_KEY_NEEDED => "CKR_KEY_NEEDED",
CKR_KEY_INDIGESTIBLE => "CKR_KEY_INDIGESTIBLE",
CKR_KEY_FUNCTION_NOT_PERMITTED => "CKR_KEY_FUNCTION_NOT_PERMITTED",
CKR_KEY_NOT_WRAPPABLE => "CKR_KEY_NOT_WRAPPABLE",
CKR_KEY_UNEXTRACTABLE => "CKR_KEY_UNEXTRACTABLE",
CKR_MECHANISM_INVALID => "CKR_MECHANISM_INVALID",
CKR_MECHANISM_PARAM_INVALID => "CKR_MECHANISM_PARAM_INVALID",
CKR_OBJECT_HANDLE_INVALID => "CKR_OBJECT_HANDLE_INVALID",
CKR_OPERATION_ACTIVE => "CKR_OPERATION_ACTIVE",
CKR_OPERATION_NOT_INITIALIZED => "CKR_OPERATION_NOT_INITIALIZED",
CKR_PIN_INCORRECT => "CKR_PIN_INCORRECT",
CKR_PIN_INVALID => "CKR_PIN_INVALID",
CKR_PIN_LEN_RANGE => "CKR_PIN_LEN_RANGE",
CKR_PIN_EXPIRED => "CKR_PIN_EXPIRED",
CKR_PIN_LOCKED => "CKR_PIN_LOCKED",
CKR_SESSION_CLOSED => "CKR_SESSION_CLOSED",
CKR_SESSION_COUNT => "CKR_SESSION_COUNT",
CKR_SESSION_HANDLE_INVALID => "CKR_SESSION_HANDLE_INVALID",
CKR_SESSION_PARALLEL_NOT_SUPPORTED => "CKR_SESSION_PARALLEL_NOT_SUPPORTED",
CKR_SESSION_READ_ONLY => "CKR_SESSION_READ_ONLY",
CKR_SESSION_EXISTS => "CKR_SESSION_EXISTS",
CKR_SESSION_READ_ONLY_EXISTS => "CKR_SESSION_READ_ONLY_EXISTS",
CKR_SESSION_READ_WRITE_SO_EXISTS => "CKR_SESSION_READ_WRITE_SO_EXISTS",
CKR_SIGNATURE_INVALID => "CKR_SIGNATURE_INVALID",
CKR_SIGNATURE_LEN_RANGE => "CKR_SIGNATURE_LEN_RANGE",
CKR_TEMPLATE_INCOMPLETE => "CKR_TEMPLATE_INCOMPLETE",
CKR_TEMPLATE_INCONSISTENT => "CKR_TEMPLATE_INCONSISTENT",
CKR_TOKEN_NOT_PRESENT => "CKR_TOKEN_NOT_PRESENT",
CKR_TOKEN_NOT_RECOGNIZED => "CKR_TOKEN_NOT_RECOGNIZED",
CKR_TOKEN_WRITE_PROTECTED => "CKR_TOKEN_WRITE_PROTECTED",
CKR_UNWRAPPING_KEY_HANDLE_INVALID => "CKR_UNWRAPPING_KEY_HANDLE_INVALID",
CKR_UNWRAPPING_KEY_SIZE_RANGE => "CKR_UNWRAPPING_KEY_SIZE_RANGE",
CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT => "CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT",
CKR_USER_ALREADY_LOGGED_IN => "CKR_USER_ALREADY_LOGGED_IN",
CKR_USER_NOT_LOGGED_IN => "CKR_USER_NOT_LOGGED_IN",
CKR_USER_PIN_NOT_INITIALIZED => "CKR_USER_PIN_NOT_INITIALIZED",
CKR_USER_TYPE_INVALID => "CKR_USER_TYPE_INVALID",
CKR_USER_ANOTHER_ALREADY_LOGGED_IN => "CKR_USER_ANOTHER_ALREADY_LOGGED_IN",
CKR_USER_TOO_MANY_TYPES => "CKR_USER_TOO_MANY_TYPES",
CKR_WRAPPED_KEY_INVALID => "CKR_WRAPPED_KEY_INVALID",
CKR_WRAPPED_KEY_LEN_RANGE => "CKR_WRAPPED_KEY_LEN_RANGE",
CKR_WRAPPING_KEY_HANDLE_INVALID => "CKR_WRAPPING_KEY_HANDLE_INVALID",
CKR_WRAPPING_KEY_SIZE_RANGE => "CKR_WRAPPING_KEY_SIZE_RANGE",
CKR_WRAPPING_KEY_TYPE_INCONSISTENT => "CKR_WRAPPING_KEY_TYPE_INCONSISTENT",
CKR_RANDOM_SEED_NOT_SUPPORTED => "CKR_RANDOM_SEED_NOT_SUPPORTED",
CKR_RANDOM_NO_RNG => "CKR_RANDOM_NO_RNG",
CKR_DOMAIN_PARAMS_INVALID => "CKR_DOMAIN_PARAMS_INVALID",
CKR_CURVE_NOT_SUPPORTED => "CKR_CURVE_NOT_SUPPORTED",
CKR_BUFFER_TOO_SMALL => "CKR_BUFFER_TOO_SMALL",
CKR_SAVED_STATE_INVALID => "CKR_SAVED_STATE_INVALID",
CKR_INFORMATION_SENSITIVE => "CKR_INFORMATION_SENSITIVE",
CKR_STATE_UNSAVEABLE => "CKR_STATE_UNSAVEABLE",
CKR_CRYPTOKI_NOT_INITIALIZED => "CKR_CRYPTOKI_NOT_INITIALIZED",
CKR_CRYPTOKI_ALREADY_INITIALIZED => "CKR_CRYPTOKI_ALREADY_INITIALIZED",
CKR_MUTEX_BAD => "CKR_MUTEX_BAD",
CKR_MUTEX_NOT_LOCKED => "CKR_MUTEX_NOT_LOCKED",
CKR_NEW_PIN_MODE => "CKR_NEW_PIN_MODE",
CKR_NEXT_OTP => "CKR_NEXT_OTP",
CKR_EXCEEDED_MAX_ITERATIONS => "CKR_EXCEEDED_MAX_ITERATIONS",
CKR_FIPS_SELF_TEST_FAILED => "CKR_FIPS_SELF_TEST_FAILED",
CKR_LIBRARY_LOAD_FAILED => "CKR_LIBRARY_LOAD_FAILED",
CKR_PIN_TOO_WEAK => "CKR_PIN_TOO_WEAK",
CKR_PUBLIC_KEY_INVALID => "CKR_PUBLIC_KEY_INVALID",
CKR_FUNCTION_REJECTED => "CKR_FUNCTION_REJECTED",
CKR_VENDOR_DEFINED => "CKR_VENDOR_DEFINED",
_ => "unknown",
}
}

View File

@ -1,760 +0,0 @@
// Copyright 2017 Marcus Heese
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#![allow(non_camel_case_types, non_snake_case)]
use types::*;
/// `C_Initialize` initializes the Cryptoki library.
///
/// # Function Parameters
///
/// * `pInitArgs`: if this is not NULL_PTR, it gets cast to CK_C_INITIALIZE_ARGS_PTR and dereferenced
///
pub type C_Initialize = extern "C" fn(pInitArgs: CK_C_INITIALIZE_ARGS_PTR) -> CK_RV;
/// `C_Finalize` indicates that an application is done with the Cryptoki library.
///
/// # Function Parameters
///
/// * `pReserved`: reserved. Should be NULL_PTR
///
pub type C_Finalize = extern "C" fn(pReserved: CK_VOID_PTR) -> CK_RV;
/// `C_GetInfo` returns general information about Cryptoki.
///
/// # Function Parameters
///
/// * `pInfo`: location that receives information
///
pub type C_GetInfo = extern "C" fn(pInfo: CK_INFO_PTR) -> CK_RV;
/// `C_GetFunctionList` returns the function list.
///
/// # Function Parameters
///
/// * `ppFunctionList`: receives pointer to function list
///
pub type C_GetFunctionList = extern "C" fn(ppFunctionList: CK_FUNCTION_LIST_PTR_PTR) -> CK_RV;
/// `C_GetSlotList` obtains a list of slots in the system.
///
/// # Function Parameters
///
/// * `tokenPresent`: only slots with tokens
/// * `pSlotList`: receives array of slot IDs
/// * `pulCount`: receives number of slots
///
pub type C_GetSlotList = extern "C" fn(tokenPresent: CK_BBOOL, pSlotList: CK_SLOT_ID_PTR, pulCount: CK_ULONG_PTR) -> CK_RV;
/// `C_GetSlotInfo` obtains information about a particular slot in the system.
///
/// # Function Parameters
///
/// * `slotID`: the ID of the slot
/// * `pInfo`: receives the slot information
///
pub type C_GetSlotInfo = extern "C" fn(slotID: CK_SLOT_ID, pInfo: CK_SLOT_INFO_PTR) -> CK_RV;
/// `C_GetTokenInfo` obtains information about a particular token in the system.
///
/// # Function Parameters
///
/// * `slotID`: ID of the token's slot
/// * `pInfo`: receives the token information
///
pub type C_GetTokenInfo = extern "C" fn(slotID: CK_SLOT_ID, pInfo: CK_TOKEN_INFO_PTR) -> CK_RV;
/// `C_GetMechanismList` obtains a list of mechanism types supported by a token.
///
/// # Function Parameters
///
/// * `slotID`: ID of token's slot
/// * `pMechanismList`: gets mech. array
/// * `pulCount`: gets # of mechs.
///
pub type C_GetMechanismList = extern "C" fn(slotID: CK_SLOT_ID, pMechanismList: CK_MECHANISM_TYPE_PTR, pulCount: CK_ULONG_PTR) -> CK_RV;
/// `C_GetMechanismInfo` obtains information about a particular mechanism possibly supported by a token.
///
/// # Function Parameters
///
/// * `slotID`: ID of the token's slot
/// * `mechType`: type of mechanism
/// * `pInfo`: receives mechanism info
///
pub type C_GetMechanismInfo = extern "C" fn(slotID: CK_SLOT_ID, mechType: CK_MECHANISM_TYPE, pInfo: CK_MECHANISM_INFO_PTR) -> CK_RV;
/// `C_InitToken` initializes a token.
///
/// # Function Parameters
///
/// * `slotID`: ID of the token's slot
/// * `pPin`: the SO's initial PIN
/// * `ulPinLen`: length in bytes of the PIN
/// * `pLabel`: 32-byte token label (blank padded)
///
pub type C_InitToken = extern "C" fn(slotID: CK_SLOT_ID, pPin: CK_UTF8CHAR_PTR, ulPinLen: CK_ULONG, pLabel: CK_UTF8CHAR_PTR) -> CK_RV;
/// `C_InitPIN` initializes the normal user's PIN.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pPin`: the normal user's PIN
/// * `ulPinLen`: length in bytes of the PIN
///
pub type C_InitPIN = extern "C" fn(hSession: CK_SESSION_HANDLE, pPin: CK_UTF8CHAR_PTR, ulPinLen: CK_ULONG) -> CK_RV;
/// `C_SetPIN` modifies the PIN of the user who is logged in.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pOldPin`: the old PIN
/// * `ulOldLen`: length of the old PIN
/// * `pNewPin`: the new PIN
/// * `ulNewLen`: length of the new PIN
///
pub type C_SetPIN = extern "C" fn(hSession: CK_SESSION_HANDLE, pOldPin: CK_UTF8CHAR_PTR, ulOldLen: CK_ULONG, pNewPin: CK_UTF8CHAR_PTR, ulNewLen: CK_ULONG) -> CK_RV;
/// `C_OpenSession` opens a session between an application and a token.
///
/// # Function Parameters
///
/// * `slotID`: the slot's ID
/// * `flags`: from CK_SESSION_INFO
/// * `pApplication`: passed to callback
/// * `Notify`: callback function
/// * `phSession`: gets session handle
///
pub type C_OpenSession = extern "C" fn(slotID: CK_SLOT_ID, flags: CK_FLAGS, pApplication: CK_VOID_PTR, Notify: CK_NOTIFY, phSession: CK_SESSION_HANDLE_PTR) -> CK_RV;
/// `C_CloseSession` closes a session between an application and a token.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
///
pub type C_CloseSession = extern "C" fn(hSession: CK_SESSION_HANDLE) -> CK_RV;
/// `C_CloseAllSessions` closes all sessions with a token.
///
/// # Function Parameters
///
/// * `slotID`: the token's slot
///
pub type C_CloseAllSessions = extern "C" fn(slotID: CK_SLOT_ID) -> CK_RV;
/// `C_GetSessionInfo` obtains information about the session.
///
/// # Function Paramters
///
/// * `hSession`: the session's handle
/// * `pInfo`: receives session info
///
pub type C_GetSessionInfo = extern "C" fn(hSession: CK_SESSION_HANDLE, pInfo: CK_SESSION_INFO_PTR) -> CK_RV;
/// `C_GetOperationState` obtains the state of the cryptographic operation in a session.
///
/// # Function Paramters
///
/// * `hSession`: session's handle
/// * `pOperationState`: gets state
/// * `pulOperationStateLen`: gets state length
///
pub type C_GetOperationState = extern "C" fn(hSession: CK_SESSION_HANDLE, pOperationState: CK_BYTE_PTR, pulOperationStateLen: CK_ULONG_PTR) -> CK_RV;
/// `C_SetOperationState` restores the state of the cryptographic operation in a session.
///
/// # Function Paramters
///
/// * `hSession`: session's handle
/// * `pOperationState`: holds state
/// * `ulOperationStateLen`: holds state length
/// * `hEncryptionKey`: en/decryption key
/// * `hAuthenticationKey`: sign/verify key
///
pub type C_SetOperationState = extern "C" fn(
hSession: CK_SESSION_HANDLE,
pOperationState: CK_BYTE_PTR,
ulOperationStateLen: CK_ULONG,
hEncryptionKey: CK_OBJECT_HANDLE,
hAuthenticationKey: CK_OBJECT_HANDLE,
) -> CK_RV;
/// `C_Login` logs a user into a token.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `userType`: the user type
/// * `pPin`: the user's PIN
/// * `ulPinLen`: the length of the PIN
///
pub type C_Login = extern "C" fn(hSession: CK_SESSION_HANDLE, userType: CK_USER_TYPE, pPin: CK_UTF8CHAR_PTR, ulPinLen: CK_ULONG) -> CK_RV;
/// `C_Logout` logs a user out from a token.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
pub type C_Logout = extern "C" fn(hSession: CK_SESSION_HANDLE) -> CK_RV;
/// `C_CreateObject` creates a new object.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pTemplate`: the object's template
/// * `ulCount`: attributes in template
/// * `phObject`: gets new object's handle.
///
pub type C_CreateObject = extern "C" fn(hSession: CK_SESSION_HANDLE, pTemplate: CK_ATTRIBUTE_PTR, ulCount: CK_ULONG, phObject: CK_OBJECT_HANDLE_PTR) -> CK_RV;
/// `C_CopyObject` copies an object, creating a new object for the copy.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `hObject`: the object's handle
/// * `pTemplate`: template for new object
/// * `ulCount`: attributes in template
/// * `phNewObject`: receives handle of copy
///
pub type C_CopyObject = extern "C" fn(hSession: CK_SESSION_HANDLE, hObject: CK_OBJECT_HANDLE, pTemplate: CK_ATTRIBUTE_PTR, ulCount: CK_ULONG, phNewObject: CK_OBJECT_HANDLE_PTR) -> CK_RV;
/// `C_DestroyObject` destroys an object.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `hObject`: the object's handle
///
pub type C_DestroyObject = extern "C" fn(hSession: CK_SESSION_HANDLE, hObject: CK_OBJECT_HANDLE) -> CK_RV;
/// `C_GetObjectSize` gets the size of an object in bytes.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `hObject`: the object's handle
/// * `pulSize`: receives size of object
///
pub type C_GetObjectSize = extern "C" fn(hSession: CK_SESSION_HANDLE, hObject: CK_OBJECT_HANDLE, pulSize: CK_ULONG_PTR) -> CK_RV;
/// `C_GetAttributeValue` obtains the value of one or more object attributes.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `hObject`: the object's handle
/// * `pTemplate`: specifies attrs; gets vals
/// * `ulCount`: attributes in template
///
pub type C_GetAttributeValue = extern "C" fn(hSession: CK_SESSION_HANDLE, hObject: CK_OBJECT_HANDLE, pTemplate: CK_ATTRIBUTE_PTR, ulCount: CK_ULONG) -> CK_RV;
/// `C_SetAttributeValue` modifies the value of one or more object attributes.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `hObject`: the object's handle
/// * `pTemplate`: specifies attrs and values
/// * `ulCount`: attributes in template
///
pub type C_SetAttributeValue = extern "C" fn(hSession: CK_SESSION_HANDLE, hObject: CK_OBJECT_HANDLE, pTemplate: CK_ATTRIBUTE_PTR, ulCount: CK_ULONG) -> CK_RV;
/// `C_FindObjectsInit` initializes a search for token and session objects that match a template.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pTemplate`: attribute values to match
/// * `ulCount`: attrs in search template
///
pub type C_FindObjectsInit = extern "C" fn(hSession: CK_SESSION_HANDLE, pTemplate: CK_ATTRIBUTE_PTR, ulCount: CK_ULONG) -> CK_RV;
/// `C_FindObjects` continues a search for token and session objects that match a template, obtaining additional object handles.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `phObject`: gets obj. handles
/// * `ulMaxObjectCount`: max handles to get
/// * `pulObjectCount`: actual # returned
///
pub type C_FindObjects = extern "C" fn(hSession: CK_SESSION_HANDLE, phObject: CK_OBJECT_HANDLE_PTR, ulMaxObjectCount: CK_ULONG, pulObjectCount: CK_ULONG_PTR) -> CK_RV;
/// `C_FindObjectsFinal` finishes a search for token and session objects.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
///
pub type C_FindObjectsFinal = extern "C" fn(hSession: CK_SESSION_HANDLE) -> CK_RV;
/// `C_EncryptInit` initializes an encryption operation.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pMechanism`: the encryption mechanism
/// * `hKey`: handle of encryption key
///
pub type C_EncryptInit = extern "C" fn(hSession: CK_SESSION_HANDLE, pMechanism: CK_MECHANISM_PTR, hKey: CK_OBJECT_HANDLE) -> CK_RV;
/// `C_Encrypt` encrypts single-part data.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pData`: the plaintext data
/// * `ulDataLen`: bytes of plaintext
/// * `pEncryptedData`: gets ciphertext
/// * `pulEncryptedDataLen`: gets c-text size
///
pub type C_Encrypt = extern "C" fn(hSession: CK_SESSION_HANDLE, pData: CK_BYTE_PTR, ulDataLen: CK_ULONG, pEncryptedData: CK_BYTE_PTR, pulEncryptedDataLen: CK_ULONG_PTR) -> CK_RV;
/// `C_EncryptUpdate` continues a multiple-part encryption operation.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pPart`: the plaintext data
/// * `ulPartLen`: plaintext data len
/// * `pEncryptedPart`: gets ciphertext
/// * `pulEncryptedPartLen`: gets c-text size
///
pub type C_EncryptUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pPart: CK_BYTE_PTR, ulPartLen: CK_ULONG, pEncryptedPart: CK_BYTE_PTR, pulEncryptedPartLen: CK_ULONG_PTR) -> CK_RV;
/// `C_EncryptFinal` finishes a multiple-part encryption operation
///
/// # Function Parameters
///
/// * `hSession`: session handle
/// * `pLastEncryptedPart` last c-text
/// * `pulLastEncryptedPartLen`: gets last size
///
pub type C_EncryptFinal = extern "C" fn(hSession: CK_SESSION_HANDLE, pLastEncryptedPart: CK_BYTE_PTR, pulLastEncryptedPartLen: CK_ULONG_PTR) -> CK_RV;
/// `C_DecryptInit` initializes a decryption operation.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pMechanism`: the decryption mechanism
/// * `hKey`: handle of decryption key
///
pub type C_DecryptInit = extern "C" fn(hSession: CK_SESSION_HANDLE, pMechanism: CK_MECHANISM_PTR, hKey: CK_OBJECT_HANDLE) -> CK_RV;
/// `C_Decrypt` decrypts encrypted data in a single part.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pEncryptedData`: ciphertext
/// * `ulEncryptedDataLen`: ciphertext length
/// * `pData`: gets plaintext
/// * `pulDataLen`: gets p-text size
///
pub type C_Decrypt = extern "C" fn(hSession: CK_SESSION_HANDLE, pEncryptedData: CK_BYTE_PTR, ulEncryptedDataLen: CK_ULONG, pData: CK_BYTE_PTR, pulDataLen: CK_ULONG_PTR) -> CK_RV;
/// `C_DecryptUpdate` continues a multiple-part decryption operation.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pEncryptedPart`: encrypted data
/// * `ulEncryptedPartLen`: input length
/// * `pPart`: gets plaintext
/// * `pulPartLen`: p-text size
///
pub type C_DecryptUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pEncryptedPart: CK_BYTE_PTR, ulEncryptedPartLen: CK_ULONG, pPart: CK_BYTE_PTR, pulPartLen: CK_ULONG_PTR) -> CK_RV;
/// `C_DecryptFinal` finishes a multiple-part decryption operation.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pLastPart`: gets plaintext
/// * `pulLastPartLen`: p-text size
///
pub type C_DecryptFinal = extern "C" fn(hSession: CK_SESSION_HANDLE, pLastPart: CK_BYTE_PTR, pulLastPartLen: CK_ULONG_PTR) -> CK_RV;
/// `C_DigestInit` initializes a message-digesting operation.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pMechanism`: the digesting mechanism
///
pub type C_DigestInit = extern "C" fn(hSession: CK_SESSION_HANDLE, pMechanism: CK_MECHANISM_PTR) -> CK_RV;
/// `C_Digest` digests data in a single part.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pData`: data to be digested
/// * `ulDataLen`: bytes of data to digest
/// * `pDigest`: gets the message digest
/// * `pulDigestLen`: gets digest length
///
pub type C_Digest = extern "C" fn(hSession: CK_SESSION_HANDLE, pData: CK_BYTE_PTR, ulDataLen: CK_ULONG, pDigest: CK_BYTE_PTR, pulDigestLen: CK_ULONG_PTR) -> CK_RV;
/// `C_DigestUpdate` continues a multiple-part message-digesting operation.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pPart`: data to be digested
/// * `ulPartLen`: bytes of data to be digested
///
pub type C_DigestUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pPart: CK_BYTE_PTR, ulPartLen: CK_ULONG) -> CK_RV;
/// `C_DigestKey` continues a multi-part message-digesting operation, by digesting the value of a secret key as part of the data already digested.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `hKey`: secret key to digest
pub type C_DigestKey = extern "C" fn(hSession: CK_SESSION_HANDLE, hKey: CK_OBJECT_HANDLE) -> CK_RV;
/// `C_DigestFinal` finishes a multiple-part message-digesting operation.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pDigest`: gets the message digest
/// * `pulDigestLen`: gets byte count of digest
///
pub type C_DigestFinal = extern "C" fn(hSession: CK_SESSION_HANDLE, pDigest: CK_BYTE_PTR, pulDigestLen: CK_ULONG_PTR) -> CK_RV;
/// `C_SignInit` initializes a signature (private key encryption) operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pMechanism`: the signature mechanism
/// * `hKey`: handle of signature key
///
pub type C_SignInit = extern "C" fn(hSession: CK_SESSION_HANDLE, pMechanism: CK_MECHANISM_PTR, hKey: CK_OBJECT_HANDLE) -> CK_RV;
/// `C_Sign` signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pData`: the data to sign
/// * `ulDataLen`: count of bytes to sign
/// * `pSignature`: gets the signature
/// * `pulSignatureLen`: gets signature length
///
pub type C_Sign = extern "C" fn(hSession: CK_SESSION_HANDLE, pData: CK_BYTE_PTR, ulDataLen: CK_ULONG, pSignature: CK_BYTE_PTR, pulSignatureLen: CK_ULONG_PTR) -> CK_RV;
/// `C_SignUpdate` continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pPart`: the data to sign
/// * `ulPartLen`: count of bytes to sign
///
pub type C_SignUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pPart: CK_BYTE_PTR, ulPartLen: CK_ULONG) -> CK_RV;
/// `C_SignFinal` finishes a multiple-part signature operation, returning the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pSignature`: gets the signature
/// * `pulSignatureLen`: gets signature length
///
pub type C_SignFinal = extern "C" fn(hSession: CK_SESSION_HANDLE, pSignature: CK_BYTE_PTR, pulSignatureLen: CK_ULONG_PTR) -> CK_RV;
/// `C_SignRecoverInit` initializes a signature operation, where the data can be recovered from the signature.
/// `hSession`: the session's handle
/// `pMechanism`: the signature mechanism
/// `hKey`: handle of the signature key
pub type C_SignRecoverInit = extern "C" fn(hSession: CK_SESSION_HANDLE, pMechanism: CK_MECHANISM_PTR, hKey: CK_OBJECT_HANDLE) -> CK_RV;
/// `C_SignRecover` signs data in a single operation, where the data can be recovered from the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pData`: the data to sign
/// * `ulDataLen`: count of bytes to sign
/// * `pSignature`: gets the signature
/// * `pulSignatureLen`: gets signature length
///
pub type C_SignRecover = extern "C" fn(hSession: CK_SESSION_HANDLE, pData: CK_BYTE_PTR, ulDataLen: CK_ULONG, pSignature: CK_BYTE_PTR, pulSignatureLen: CK_ULONG_PTR) -> CK_RV;
/// `C_VerifyInit` initializes a verification operation, where the signature is an appendix to the data, and plaintext cannot cannot be recovered from the signature (e.g. DSA).
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pMechanism`: the verification mechanism
/// * `hKey`: verification key
///
pub type C_VerifyInit = extern "C" fn(hSession: CK_SESSION_HANDLE, pMechanism: CK_MECHANISM_PTR, hKey: CK_OBJECT_HANDLE) -> CK_RV;
/// `C_Verify` verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pData`: signed data
/// * `ulDataLen`: length of signed data
/// * `pSignature`: signature
/// * `ulSignatureLen`: signature length
///
pub type C_Verify = extern "C" fn(hSession: CK_SESSION_HANDLE, pData: CK_BYTE_PTR, ulDataLen: CK_ULONG, pSignature: CK_BYTE_PTR, ulSignatureLen: CK_ULONG) -> CK_RV;
/// `C_VerifyUpdate` continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pPart`: signed data
/// * `ulPartLen`: length of signed data
///
pub type C_VerifyUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pPart: CK_BYTE_PTR, ulPartLen: CK_ULONG) -> CK_RV;
/// `C_VerifyFinal` finishes a multiple-part verification operation, checking the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pSignature`: signature to verify
/// * `ulSignatureLen`: signature length
///
pub type C_VerifyFinal = extern "C" fn(hSession: CK_SESSION_HANDLE, pSignature: CK_BYTE_PTR, ulSignatureLen: CK_ULONG) -> CK_RV;
/// `C_VerifyRecoverInit` initializes a signature verification operation, where the data is recovered from the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pMechanism`: the verification mechanism
/// * `hKey`: verification key
///
pub type C_VerifyRecoverInit = extern "C" fn(hSession: CK_SESSION_HANDLE, pMechanism: CK_MECHANISM_PTR, hKey: CK_OBJECT_HANDLE) -> CK_RV;
/// `C_VerifyRecover` verifies a signature in a single-part operation, where the data is recovered from the signature.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pSignature`: signature to verify
/// * `ulSignatureLen`: signature length
/// * `pData`: gets signed data
/// * `pulDataLen`: gets signed data len
///
pub type C_VerifyRecover = extern "C" fn(hSession: CK_SESSION_HANDLE, pSignature: CK_BYTE_PTR, ulSignatureLen: CK_ULONG, pData: CK_BYTE_PTR, pulDataLen: CK_ULONG_PTR) -> CK_RV;
/// `C_DigestEncryptUpdate` continues a multiple-part digesting and encryption operation.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pPart`: the plaintext data
/// * `ulPartLen`: plaintext length
/// * `pEncryptedPart`: gets ciphertext
/// * `pulEncryptedPartLen`: gets c-text length
///
pub type C_DigestEncryptUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pPart: CK_BYTE_PTR, ulPartLen: CK_ULONG, pEncryptedPart: CK_BYTE_PTR, pulEncryptedPartLen: CK_ULONG_PTR) -> CK_RV;
/// `C_DecryptDigestUpdate` continues a multiple-part decryption and digesting operation.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pEncryptedPart`: ciphertext
/// * `ulEncryptedPartLen`: ciphertext length
/// * `pPart:`: gets plaintext
/// * `pulPartLen`: gets plaintext len
///
pub type C_DecryptDigestUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pEncryptedPart: CK_BYTE_PTR, ulEncryptedPartLen: CK_ULONG, pPart: CK_BYTE_PTR, pulPartLen: CK_ULONG_PTR) -> CK_RV;
/// `C_SignEncryptUpdate` continues a multiple-part signing and encryption operation.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pPart`: the plaintext data
/// * `ulPartLen`: plaintext length
/// * `pEncryptedPart`: gets ciphertext
/// * `pulEncryptedPartLen`: gets c-text length
///
pub type C_SignEncryptUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pPart: CK_BYTE_PTR, ulPartLen: CK_ULONG, pEncryptedPart: CK_BYTE_PTR, pulEncryptedPartLen: CK_ULONG_PTR) -> CK_RV;
/// `C_DecryptVerifyUpdate` continues a multiple-part decryption and verify operation.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pEncryptedPart`: ciphertext
/// * `ulEncryptedPartLen`: ciphertext length
/// * `pPart`: gets plaintext
/// * `pulPartLen`: gets p-text length
///
pub type C_DecryptVerifyUpdate = extern "C" fn(hSession: CK_SESSION_HANDLE, pEncryptedPart: CK_BYTE_PTR, ulEncryptedPartLen: CK_ULONG, pPart: CK_BYTE_PTR, pulPartLen: CK_ULONG_PTR) -> CK_RV;
/// `C_GenerateKey` generates a secret key, creating a new key object.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pMechanism`: key generation mech.
/// * `pTemplate`: template for new key
/// * `ulCount`: # of attrs in template
/// * `phKey`: gets handle of new key
///
pub type C_GenerateKey = extern "C" fn(hSession: CK_SESSION_HANDLE, pMechanism: CK_MECHANISM_PTR, pTemplate: CK_ATTRIBUTE_PTR, ulCount: CK_ULONG, phKey: CK_OBJECT_HANDLE_PTR) -> CK_RV;
/// `C_GenerateKeyPair` generates a public-key/private-key pair, creating new key objects.
///
/// # Function Parameters
///
/// * `hSession`: session handle
/// * `pMechanism`: key-gen mech.
/// * `pPublicKeyTemplate`: template for pub. key
/// * `ulPublicKeyAttributeCount`: # pub. attrs.
/// * `pPrivateKeyTemplate`: template for priv. key
/// * `ulPrivateKeyAttributeCount`: # priv. attrs.
/// * `phPublicKey`: gets pub. key handle
/// * `phPrivateKey`: gets priv. key handle
///
pub type C_GenerateKeyPair = extern "C" fn(
hSession: CK_SESSION_HANDLE,
pMechanism: CK_MECHANISM_PTR,
pPublicKeyTemplate: CK_ATTRIBUTE_PTR,
ulPublicKeyAttributeCount: CK_ULONG,
pPrivateKeyTemplate: CK_ATTRIBUTE_PTR,
ulPrivateKeyAttributeCount: CK_ULONG,
phPublicKey: CK_OBJECT_HANDLE_PTR,
phPrivateKey: CK_OBJECT_HANDLE_PTR,
) -> CK_RV;
/// `C_WrapKey` wraps (i.e., encrypts) a key.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pMechanism`: the wrapping mechanism
/// * `hWrappingKey`: wrapping key
/// * `hKey`: key to be wrapped
/// * `pWrappedKey`: gets wrapped key
/// * `pulWrappedKeyLen`: gets wrapped key size
///
pub type C_WrapKey = extern "C" fn(
hSession: CK_SESSION_HANDLE,
pMechanism: CK_MECHANISM_PTR,
hWrappingKey: CK_OBJECT_HANDLE,
hKey: CK_OBJECT_HANDLE,
pWrappedKey: CK_BYTE_PTR,
pulWrappedKeyLen: CK_ULONG_PTR,
) -> CK_RV;
/// `C_UnwrapKey` unwraps (decrypts) a wrapped key, creating a new key object.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pMechanism`: unwrapping mech.
/// * `hUnwrappingKey`: unwrapping key
/// * `pWrappedKey`: the wrapped key
/// * `ulWrappedKeyLen`: wrapped key len
/// * `pTemplate`: new key template
/// * `ulAttributeCount`: template length
/// * `phKey`: gets new handle
///
pub type C_UnwrapKey = extern "C" fn(
hSession: CK_SESSION_HANDLE,
pMechanism: CK_MECHANISM_PTR,
hUnwrappingKey: CK_OBJECT_HANDLE,
pWrappedKey: CK_BYTE_PTR,
ulWrappedKeyLen: CK_ULONG,
pTemplate: CK_ATTRIBUTE_PTR,
ulAttributeCount: CK_ULONG,
phKey: CK_OBJECT_HANDLE_PTR,
) -> CK_RV;
/// `C_DeriveKey` derives a key from a base key, creating a new key object.
///
/// # Function Parameters
///
/// * `hSession`: session's handle
/// * `pMechanism`: key deriv. mech.
/// * `hBaseKey`: base key
/// * `pTemplate`: new key template
/// * `ulAttributeCount`: template length
/// * `phKey`: gets new handle
///
pub type C_DeriveKey = extern "C" fn(
hSession: CK_SESSION_HANDLE,
pMechanism: CK_MECHANISM_PTR,
hBaseKey: CK_OBJECT_HANDLE,
pTemplate: CK_ATTRIBUTE_PTR,
ulAttributeCount: CK_ULONG,
phKey: CK_OBJECT_HANDLE_PTR,
) -> CK_RV;
/// `C_SeedRandom` mixes additional seed material into the token's random number generator.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `pSeed`: the seed material
/// * `ulSeedLen`: length of seed material
///
pub type C_SeedRandom = extern "C" fn(hSession: CK_SESSION_HANDLE, pSeed: CK_BYTE_PTR, ulSeedLen: CK_ULONG) -> CK_RV;
/// `C_GenerateRandom` generates random data.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
/// * `RandomData`: receives the random data
/// * `ulRandomLen`: # of bytes to generate
///
pub type C_GenerateRandom = extern "C" fn(hSession: CK_SESSION_HANDLE, RandomData: CK_BYTE_PTR, ulRandomLen: CK_ULONG) -> CK_RV;
/// `C_GetFunctionStatus` is a legacy function; it obtains an updated status of a function running in parallel with an application.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
///
pub type C_GetFunctionStatus = extern "C" fn(hSession: CK_SESSION_HANDLE) -> CK_RV;
/// `C_CancelFunction` is a legacy function; it cancels a function running in parallel.
///
/// # Function Parameters
///
/// * `hSession`: the session's handle
///
pub type C_CancelFunction = extern "C" fn(hSession: CK_SESSION_HANDLE) -> CK_RV;
/// `C_WaitForSlotEvent` waits for a slot event (token insertion, removal, etc.) to occur.
///
/// # Function Parameters
///
/// * `flags`: blocking/nonblocking flag
/// * `pSlot`: location that receives the slot ID
/// * `pRserved`: reserved. Should be NULL_PTR
///
pub type C_WaitForSlotEvent = extern "C" fn(flags: CK_FLAGS, pSlot: CK_SLOT_ID_PTR, pRserved: CK_VOID_PTR) -> CK_RV;

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1 +0,0 @@
{"files":{"CHANGELOG.md":"f5e9c71d4123971f9f6c54eed8837245e6cac4b610c9d23b680fa95538946142","Cargo.toml":"4c770ee471e19f4a453a36d76479f9a530987058b793c735cd7a2bcf937d7edb","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"6485b8ed310d3f0340bf1ad1f47645069ce4069dcc6bb46c7d5c6faf41de1fdb","README.md":"fb8071c3bc1013107b16ebcb303f31ef614e81440f2d58a46bfb9ff1e311b792","appveyor.yml":"8796156caf7041ef2a43f7a313df21ea639de3f2563b6181bba1096b1c489f1b","benches/bench.rs":"35c4ab609f2a5f5aab6c52c257415258dc0780621b492b5a82bb12d048cab6db","benches/distributions/exponential.rs":"99cb59c013a0b6bb390d34c5649b341fc3b88ea7df0caf2470bdda8798f9fe3d","benches/distributions/gamma.rs":"3533f311e4b55d743c5b01a7eb6529c94fd97726ef6702a6372f914f5f33666b","benches/distributions/mod.rs":"0028f1cb96f61152ed5b49a4fe91227d809ef6d19035592c36032a538af7f95e","benches/distributions/normal.rs":"4e10c18cb583ccb96301ea953c8e0aa9ee3b6662060271d1b8d19ca23364dc6b","benches/generators.rs":"aaa2f1dbfb399df8323d8a5796b92add6210cd5f0f1d916895ffdd81d60f812b","benches/misc.rs":"bd2f7c5a16f0fcb59022d5aeef66ed3c94e89ebf6c06667851dd23d0b1595504","src/distributions/exponential.rs":"103c8412c8a581b71835f1c00e40f6370e7702adf9d499243933a793d132d4e7","src/distributions/gamma.rs":"7a3f85c8daad4e56e334586ddb9fc9d83df3b0699738ed681a6c41e4ed455be9","src/distributions/mod.rs":"7943c4f83721bac816f831cca3b1574b6136932f7b4927aa6101130080ba62c5","src/distributions/normal.rs":"1562b43f80e4d5f83a8deb5af18de5a18dfeeeeda11fefc577da26672b14c949","src/distributions/range.rs":"a72a538d3ec4ed23f8d632aa55fd4793c464f24a5872d04ce8095ddd5db92115","src/distributions/ziggurat_tables.rs":"4eacf94fc352c91c455a6623de6a721e53842e1690f13a5662b6a79c7fbb73de","src/jitter.rs":"befd4b84bf753c107370b5b9498ad49611c220bdae2e4be9ee4398e9fa497042","src/lib.rs":"f9f4d15c2ce67f9ba21261a4bc76599523b930698cee2ae1e37d01f0d2ba834e","src/os.rs":"bbba4481432ae0f19bafb2168af5e7e1a858547ff8a7f8996286ea1b2a951158","src/prng/chacha.rs":"558007276f9c22933d39e5b8e853f4dd9533e823ed66df8dc1f23ad6925b1d51","src/prng/isaac.rs":"a8a2ee8b38d312663308e3bdf03376e342fd91330655f39144e5bba7392b2a8e","src/prng/isaac64.rs":"f28f7596ccab910db265b42671116abb9d2039fa8a421cbc75312bd0e7715d3a","src/prng/mod.rs":"c1a73450f49e819a20942a5b591f84a08ebb5ac33aa0f65b18ac1dc9a19a3084","src/prng/xorshift.rs":"606c308747293652c868b46dc3cad847d0c3717629c04ba75681c887c7634114","src/rand_impls.rs":"e1f27077fc13d5855bb66235f8ccfb216e116337eb38424d9c30c090e112215c","src/read.rs":"bd0eb508a6b659dc578d546fc2f231484aed80c73cfe8c475e0d65c8d699a769","src/reseeding.rs":"a97b86387b87ea1adc5262ddea480fe735c9c2a86762abaace29119022ac9f6e","src/seq.rs":"76dd58af0f580aed2721c393a5c036322186dc7cb3b4abed33436620c7c49288","utils/ziggurat_tables.py":"a9fc0a2fdae9b5c798c238788f94b720c156e13fd96f2356c409aa533191eb94"},"package":"552840b97013b1a26992c11eac34bdd778e464601a4c2054b5f0bff7c6761293"}

View File

@ -1,277 +0,0 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
## [0.4.5] - 2019-01-25
### Platforms
- Fuchsia: Replaced fuchsia-zircon with fuchsia-cprng
## [0.4.4] - 2019-01-06
### Added
- SGX support
## [0.4.3] - 2018-08-16
### Fixed
- Use correct syscall number for PowerPC (#589)
## [0.4.2] - 2018-01-05
### Changed
- Use winapi on Windows
- Update for Fuchsia OS
- Remove dev-dependency on `log`
## [0.4.1] - 2017-12-17
### Added
- `no_std` support
## [0.4.0-pre.0] - 2017-12-11
### Added
- `JitterRng` added as a high-quality alternative entropy source using the
system timer
- new `seq` module with `sample_iter`, `sample_slice`, etc.
- WASM support via dummy implementations (fail at run-time)
- Additional benchmarks, covering generators and new seq code
### Changed
- `thread_rng` uses `JitterRng` if seeding from system time fails
(slower but more secure than previous method)
### Deprecated
- `sample` function deprecated (replaced by `sample_iter`)
## [0.3.18] - 2017-11-06
### Changed
- `thread_rng` is seeded from the system time if `OsRng` fails
- `weak_rng` now uses `thread_rng` internally
## [0.3.17] - 2017-10-07
### Changed
- Fuchsia: Magenta was renamed Zircon
## [0.3.16] - 2017-07-27
### Added
- Implement Debug for mote non-public types
- implement `Rand` for (i|u)i128
- Support for Fuchsia
### Changed
- Add inline attribute to SampleRange::construct_range.
This improves the benchmark for sample in 11% and for shuffle in 16%.
- Use `RtlGenRandom` instead of `CryptGenRandom`
## [0.3.15] - 2016-11-26
### Added
- Add `Rng` trait method `choose_mut`
- Redox support
### Changed
- Use `arc4rand` for `OsRng` on FreeBSD.
- Use `arc4random(3)` for `OsRng` on OpenBSD.
### Fixed
- Fix filling buffers 4 GiB or larger with `OsRng::fill_bytes` on Windows
## [0.3.14] - 2016-02-13
### Fixed
- Inline definitions from winapi/advapi32, wich decreases build times
## [0.3.13] - 2016-01-09
### Fixed
- Compatible with Rust 1.7.0-nightly (needed some extra type annotations)
## [0.3.12] - 2015-11-09
### Changed
- Replaced the methods in `next_f32` and `next_f64` with the technique described
Saito & Matsumoto at MCQMC'08. The new method should exhibit a slightly more
uniform distribution.
- Depend on libc 0.2
### Fixed
- Fix iterator protocol issue in `rand::sample`
## [0.3.11] - 2015-08-31
### Added
- Implement `Rand` for arrays with n <= 32
## [0.3.10] - 2015-08-17
### Added
- Support for NaCl platforms
### Changed
- Allow `Rng` to be `?Sized`, impl for `&mut R` and `Box<R>` where `R: ?Sized + Rng`
## [0.3.9] - 2015-06-18
### Changed
- Use `winapi` for Windows API things
### Fixed
- Fixed test on stable/nightly
- Fix `getrandom` syscall number for aarch64-unknown-linux-gnu
## [0.3.8] - 2015-04-23
### Changed
- `log` is a dev dependency
### Fixed
- Fix race condition of atomics in `is_getrandom_available`
## [0.3.7] - 2015-04-03
### Fixed
- Derive Copy/Clone changes
## [0.3.6] - 2015-04-02
### Changed
- Move to stable Rust!
## [0.3.5] - 2015-04-01
### Fixed
- Compatible with Rust master
## [0.3.4] - 2015-03-31
### Added
- Implement Clone for `Weighted`
### Fixed
- Compatible with Rust master
## [0.3.3] - 2015-03-26
### Fixed
- Fix compile on Windows
## [0.3.2] - 2015-03-26
## [0.3.1] - 2015-03-26
### Fixed
- Fix compile on Windows
## [0.3.0] - 2015-03-25
### Changed
- Update to use log version 0.3.x
## [0.2.1] - 2015-03-22
### Fixed
- Compatible with Rust master
- Fixed iOS compilation
## [0.2.0] - 2015-03-06
### Fixed
- Compatible with Rust master (move from `old_io` to `std::io`)
## [0.1.4] - 2015-03-04
### Fixed
- Compatible with Rust master (use wrapping ops)
## [0.1.3] - 2015-02-20
### Fixed
- Compatible with Rust master
### Removed
- Removed Copy inplementaions from RNGs
## [0.1.2] - 2015-02-03
### Added
- Imported functionality from `std::rand`, including:
- `StdRng`, `SeedableRng`, `TreadRng`, `weak_rng()`
- `ReaderRng`: A wrapper around any Reader to treat it as an RNG.
- Imported documentation from `std::rand`
- Imported tests from `std::rand`
## [0.1.1] - 2015-02-03
### Added
- Migrate to a cargo-compatible directory structure.
### Fixed
- Do not use entropy during `gen_weighted_bool(1)`
## [Rust 0.12.0] - 2014-10-09
### Added
- Impl Rand for tuples of arity 11 and 12
- Include ChaCha pseudorandom generator
- Add `next_f64` and `next_f32` to Rng
- Implement Clone for PRNGs
### Changed
- Rename `TaskRng` to `ThreadRng` and `task_rng` to `thread_rng` (since a
runtime is removed from Rust).
### Fixed
- Improved performance of ISAAC and ISAAC64 by 30% and 12 % respectively, by
informing the optimiser that indexing is never out-of-bounds.
### Removed
- Removed the Deprecated `choose_option`
## [Rust 0.11.0] - 2014-07-02
### Added
- document when to use `OSRng` in cryptographic context, and explain why we use `/dev/urandom` instead of `/dev/random`
- `Rng::gen_iter()` which will return an infinite stream of random values
- `Rng::gen_ascii_chars()` which will return an infinite stream of random ascii characters
### Changed
- Now only depends on libcore! 2adf5363f88ffe06f6d2ea5c338d1b186d47f4a1
- Remove `Rng.choose()`, rename `Rng.choose_option()` to `.choose()`
- Rename OSRng to OsRng
- The WeightedChoice structure is no longer built with a `Vec<Weighted<T>>`,
but rather a `&mut [Weighted<T>]`. This means that the WeightedChoice
structure now has a lifetime associated with it.
- The `sample` method on `Rng` has been moved to a top-level function in the
`rand` module due to its dependence on `Vec`.
### Removed
- `Rng::gen_vec()` was removed. Previous behavior can be regained with
`rng.gen_iter().take(n).collect()`
- `Rng::gen_ascii_str()` was removed. Previous behavior can be regained with
`rng.gen_ascii_chars().take(n).collect()`
- {IsaacRng, Isaac64Rng, XorShiftRng}::new() have all been removed. These all
relied on being able to use an OSRng for seeding, but this is no longer
available in librand (where these types are defined). To retain the same
functionality, these types now implement the `Rand` trait so they can be
generated with a random seed from another random number generator. This allows
the stdlib to use an OSRng to create seeded instances of these RNGs.
- Rand implementations for `Box<T>` and `@T` were removed. These seemed to be
pretty rare in the codebase, and it allows for librand to not depend on
liballoc. Additionally, other pointer types like Rc<T> and Arc<T> were not
supported.
- Remove a slew of old deprecated functions
## [Rust 0.10] - 2014-04-03
### Changed
- replace `Rng.shuffle's` functionality with `.shuffle_mut`
- bubble up IO errors when creating an OSRng
### Fixed
- Use `fill()` instead of `read()`
- Rewrite OsRng in Rust for windows
## [0.10-pre] - 2014-03-02
### Added
- Seperate `rand` out of the standard library

View File

@ -1,45 +0,0 @@
# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
#
# When uploading crates to the registry Cargo will automatically
# "normalize" Cargo.toml files for maximal compatibility
# with all versions of Cargo and also rewrite `path` dependencies
# to registry (e.g. crates.io) dependencies
#
# If you believe there's an error in this file please file an
# issue against the rust-lang/cargo repository. If you're
# editing this file be aware that the upstream Cargo.toml
# will likely look very different (and much more reasonable)
[package]
name = "rand"
version = "0.4.6"
authors = ["The Rust Project Developers"]
description = "Random number generators and other randomness functionality.\n"
homepage = "https://github.com/rust-lang-nursery/rand"
documentation = "https://docs.rs/rand"
readme = "README.md"
keywords = ["random", "rng"]
categories = ["algorithms"]
license = "MIT/Apache-2.0"
repository = "https://github.com/rust-lang-nursery/rand"
[features]
alloc = []
default = ["std"]
i128_support = []
nightly = ["i128_support"]
std = ["libc"]
[target."cfg(target_env = \"sgx\")".dependencies.rand_core]
version = "0.3"
default-features = false
[target."cfg(target_env = \"sgx\")".dependencies.rdrand]
version = "0.4.0"
[target."cfg(target_os = \"fuchsia\")".dependencies.fuchsia-cprng]
version = "0.1.0"
[target."cfg(unix)".dependencies.libc]
version = "0.2"
optional = true
[target."cfg(windows)".dependencies.winapi]
version = "0.3"
features = ["minwindef", "ntsecapi", "profileapi", "winnt"]

View File

@ -1,201 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,25 +0,0 @@
Copyright (c) 2014 The Rust Project Developers
Permission is hereby granted, free of charge, to any
person obtaining a copy of this software and associated
documentation files (the "Software"), to deal in the
Software without restriction, including without
limitation the rights to use, copy, modify, merge,
publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software
is furnished to do so, subject to the following
conditions:
The above copyright notice and this permission notice
shall be included in all copies or substantial portions
of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

View File

@ -1,139 +0,0 @@
rand
====
A Rust library for random number generators and other randomness functionality.
[![Build Status](https://travis-ci.org/rust-lang-nursery/rand.svg?branch=master)](https://travis-ci.org/rust-lang-nursery/rand)
[![Build status](https://ci.appveyor.com/api/projects/status/rm5c9o33k3jhchbw?svg=true)](https://ci.appveyor.com/project/alexcrichton/rand)
[Documentation](https://docs.rs/rand)
## Usage
Add this to your `Cargo.toml`:
```toml
[dependencies]
rand = "0.4"
```
and this to your crate root:
```rust
extern crate rand;
```
### Versions
Version `0.4`was released in December 2017. It contains almost no breaking
changes since the `0.3` series, but nevertheless contains some significant
new code, including a new "external" entropy source (`JitterRng`) and `no_std`
support.
Version `0.5` is in development and contains significant performance
improvements for the ISAAC random number generators.
## Examples
There is built-in support for a random number generator (RNG) associated with each thread stored in thread-local storage. This RNG can be accessed via thread_rng, or used implicitly via random. This RNG is normally randomly seeded from an operating-system source of randomness, e.g. /dev/urandom on Unix systems, and will automatically reseed itself from this source after generating 32 KiB of random data.
```rust
let tuple = rand::random::<(f64, char)>();
println!("{:?}", tuple)
```
```rust
use rand::Rng;
let mut rng = rand::thread_rng();
if rng.gen() { // random bool
println!("i32: {}, u32: {}", rng.gen::<i32>(), rng.gen::<u32>())
}
```
It is also possible to use other RNG types, which have a similar interface. The following uses the "ChaCha" algorithm instead of the default.
```rust
use rand::{Rng, ChaChaRng};
let mut rng = rand::ChaChaRng::new_unseeded();
println!("i32: {}, u32: {}", rng.gen::<i32>(), rng.gen::<u32>())
```
## Features
By default, `rand` is built with all stable features available. The following
optional features are available:
- `i128_support` enables support for generating `u128` and `i128` values
- `nightly` enables all unstable features (`i128_support`)
- `std` enabled by default; by setting "default-features = false" `no_std`
mode is activated; this removes features depending on `std` functionality:
- `OsRng` is entirely unavailable
- `JitterRng` code is still present, but a nanosecond timer must be
provided via `JitterRng::new_with_timer`
- Since no external entropy is available, it is not possible to create
generators with fresh seeds (user must provide entropy)
- `thread_rng`, `weak_rng` and `random` are all disabled
- exponential, normal and gamma type distributions are unavailable
since `exp` and `log` functions are not provided in `core`
- any code requiring `Vec` or `Box`
- `alloc` can be used instead of `std` to provide `Vec` and `Box`
## Testing
Unfortunately, `cargo test` does not test everything. The following tests are
recommended:
```
# Basic tests for rand and sub-crates
cargo test --all
# Test no_std support (build only since nearly all tests require std)
cargo build --all --no-default-features
# Test 128-bit support (requires nightly)
cargo test --all --features nightly
# Benchmarks (requires nightly)
cargo bench
# or just to test the benchmark code:
cargo test --benches
```
# `derive(Rand)`
You can derive the `Rand` trait for your custom type via the `#[derive(Rand)]`
directive. To use this first add this to your Cargo.toml:
```toml
rand = "0.4"
rand_derive = "0.3"
```
Next in your crate:
```rust
extern crate rand;
#[macro_use]
extern crate rand_derive;
#[derive(Rand, Debug)]
struct MyStruct {
a: i32,
b: u32,
}
fn main() {
println!("{:?}", rand::random::<MyStruct>());
}
```
# License
`rand` is primarily distributed under the terms of both the MIT
license and the Apache License (Version 2.0).
See LICENSE-APACHE, and LICENSE-MIT for details.

View File

@ -1,38 +0,0 @@
environment:
# At the time this was added AppVeyor was having troubles with checking
# revocation of SSL certificates of sites like static.rust-lang.org and what
# we think is crates.io. The libcurl HTTP client by default checks for
# revocation on Windows and according to a mailing list [1] this can be
# disabled.
#
# The `CARGO_HTTP_CHECK_REVOKE` env var here tells cargo to disable SSL
# revocation checking on Windows in libcurl. Note, though, that rustup, which
# we're using to download Rust here, also uses libcurl as the default backend.
# Unlike Cargo, however, rustup doesn't have a mechanism to disable revocation
# checking. To get rustup working we set `RUSTUP_USE_HYPER` which forces it to
# use the Hyper instead of libcurl backend. Both Hyper and libcurl use
# schannel on Windows but it appears that Hyper configures it slightly
# differently such that revocation checking isn't turned on by default.
#
# [1]: https://curl.haxx.se/mail/lib-2016-03/0202.html
RUSTUP_USE_HYPER: 1
CARGO_HTTP_CHECK_REVOKE: false
matrix:
- TARGET: x86_64-pc-windows-msvc
- TARGET: i686-pc-windows-msvc
install:
- appveyor DownloadFile https://win.rustup.rs/ -FileName rustup-init.exe
- rustup-init.exe -y --default-host %TARGET% --default-toolchain nightly
- set PATH=%PATH%;C:\Users\appveyor\.cargo\bin
- rustc -V
- cargo -V
build: false
test_script:
- cargo test --benches
- cargo test
- cargo test --features nightly
- cargo test --manifest-path rand-derive/Cargo.toml

View File

@ -1,34 +0,0 @@
#![feature(test)]
extern crate test;
extern crate rand;
const RAND_BENCH_N: u64 = 1000;
mod distributions;
use std::mem::size_of;
use test::{black_box, Bencher};
use rand::{StdRng, Rng};
#[bench]
fn rand_f32(b: &mut Bencher) {
let mut rng = StdRng::new().unwrap();
b.iter(|| {
for _ in 0..RAND_BENCH_N {
black_box(rng.next_f32());
}
});
b.bytes = size_of::<f32>() as u64 * RAND_BENCH_N;
}
#[bench]
fn rand_f64(b: &mut Bencher) {
let mut rng = StdRng::new().unwrap();
b.iter(|| {
for _ in 0..RAND_BENCH_N {
black_box(rng.next_f64());
}
});
b.bytes = size_of::<f64>() as u64 * RAND_BENCH_N;
}

View File

@ -1,18 +0,0 @@
use std::mem::size_of;
use test::Bencher;
use rand;
use rand::distributions::exponential::Exp;
use rand::distributions::Sample;
#[bench]
fn rand_exp(b: &mut Bencher) {
let mut rng = rand::weak_rng();
let mut exp = Exp::new(2.71828 * 3.14159);
b.iter(|| {
for _ in 0..::RAND_BENCH_N {
exp.sample(&mut rng);
}
});
b.bytes = size_of::<f64>() as u64 * ::RAND_BENCH_N;
}

View File

@ -1,31 +0,0 @@
use std::mem::size_of;
use test::Bencher;
use rand;
use rand::distributions::IndependentSample;
use rand::distributions::gamma::Gamma;
#[bench]
fn bench_gamma_large_shape(b: &mut Bencher) {
let gamma = Gamma::new(10., 1.0);
let mut rng = rand::weak_rng();
b.iter(|| {
for _ in 0..::RAND_BENCH_N {
gamma.ind_sample(&mut rng);
}
});
b.bytes = size_of::<f64>() as u64 * ::RAND_BENCH_N;
}
#[bench]
fn bench_gamma_small_shape(b: &mut Bencher) {
let gamma = Gamma::new(0.1, 1.0);
let mut rng = rand::weak_rng();
b.iter(|| {
for _ in 0..::RAND_BENCH_N {
gamma.ind_sample(&mut rng);
}
});
b.bytes = size_of::<f64>() as u64 * ::RAND_BENCH_N;
}

View File

@ -1,3 +0,0 @@
mod exponential;
mod normal;
mod gamma;

View File

@ -1,18 +0,0 @@
use std::mem::size_of;
use test::Bencher;
use rand;
use rand::distributions::Sample;
use rand::distributions::normal::Normal;
#[bench]
fn rand_normal(b: &mut Bencher) {
let mut rng = rand::weak_rng();
let mut normal = Normal::new(-2.71828, 3.14159);
b.iter(|| {
for _ in 0..::RAND_BENCH_N {
normal.sample(&mut rng);
}
});
b.bytes = size_of::<f64>() as u64 * ::RAND_BENCH_N;
}

View File

@ -1,133 +0,0 @@
#![feature(test)]
extern crate test;
extern crate rand;
const RAND_BENCH_N: u64 = 1000;
const BYTES_LEN: usize = 1024;
use std::mem::size_of;
use test::{black_box, Bencher};
use rand::{Rng, StdRng, OsRng, JitterRng};
use rand::{XorShiftRng, IsaacRng, Isaac64Rng, ChaChaRng};
macro_rules! gen_bytes {
($fnn:ident, $gen:ident) => {
#[bench]
fn $fnn(b: &mut Bencher) {
let mut rng: $gen = OsRng::new().unwrap().gen();
let mut buf = [0u8; BYTES_LEN];
b.iter(|| {
for _ in 0..RAND_BENCH_N {
rng.fill_bytes(&mut buf);
black_box(buf);
}
});
b.bytes = BYTES_LEN as u64 * RAND_BENCH_N;
}
}
}
macro_rules! gen_bytes_new {
($fnn:ident, $gen:ident) => {
#[bench]
fn $fnn(b: &mut Bencher) {
let mut rng = $gen::new().unwrap();
let mut buf = [0u8; BYTES_LEN];
b.iter(|| {
for _ in 0..RAND_BENCH_N {
rng.fill_bytes(&mut buf);
black_box(buf);
}
});
b.bytes = BYTES_LEN as u64 * RAND_BENCH_N;
}
}
}
gen_bytes!(gen_bytes_xorshift, XorShiftRng);
gen_bytes!(gen_bytes_isaac, IsaacRng);
gen_bytes!(gen_bytes_isaac64, Isaac64Rng);
gen_bytes!(gen_bytes_chacha, ChaChaRng);
gen_bytes_new!(gen_bytes_std, StdRng);
gen_bytes_new!(gen_bytes_os, OsRng);
macro_rules! gen_uint {
($fnn:ident, $ty:ty, $gen:ident) => {
#[bench]
fn $fnn(b: &mut Bencher) {
let mut rng: $gen = OsRng::new().unwrap().gen();
b.iter(|| {
for _ in 0..RAND_BENCH_N {
black_box(rng.gen::<$ty>());
}
});
b.bytes = size_of::<$ty>() as u64 * RAND_BENCH_N;
}
}
}
macro_rules! gen_uint_new {
($fnn:ident, $ty:ty, $gen:ident) => {
#[bench]
fn $fnn(b: &mut Bencher) {
let mut rng = $gen::new().unwrap();
b.iter(|| {
for _ in 0..RAND_BENCH_N {
black_box(rng.gen::<$ty>());
}
});
b.bytes = size_of::<$ty>() as u64 * RAND_BENCH_N;
}
}
}
gen_uint!(gen_u32_xorshift, u32, XorShiftRng);
gen_uint!(gen_u32_isaac, u32, IsaacRng);
gen_uint!(gen_u32_isaac64, u32, Isaac64Rng);
gen_uint!(gen_u32_chacha, u32, ChaChaRng);
gen_uint_new!(gen_u32_std, u32, StdRng);
gen_uint_new!(gen_u32_os, u32, OsRng);
gen_uint!(gen_u64_xorshift, u64, XorShiftRng);
gen_uint!(gen_u64_isaac, u64, IsaacRng);
gen_uint!(gen_u64_isaac64, u64, Isaac64Rng);
gen_uint!(gen_u64_chacha, u64, ChaChaRng);
gen_uint_new!(gen_u64_std, u64, StdRng);
gen_uint_new!(gen_u64_os, u64, OsRng);
#[bench]
fn gen_u64_jitter(b: &mut Bencher) {
let mut rng = JitterRng::new().unwrap();
b.iter(|| {
black_box(rng.gen::<u64>());
});
b.bytes = size_of::<u64>() as u64;
}
macro_rules! init_gen {
($fnn:ident, $gen:ident) => {
#[bench]
fn $fnn(b: &mut Bencher) {
let mut rng: XorShiftRng = OsRng::new().unwrap().gen();
b.iter(|| {
let r2: $gen = rng.gen();
black_box(r2);
});
}
}
}
init_gen!(init_xorshift, XorShiftRng);
init_gen!(init_isaac, IsaacRng);
init_gen!(init_isaac64, Isaac64Rng);
init_gen!(init_chacha, ChaChaRng);
#[bench]
fn init_jitter(b: &mut Bencher) {
b.iter(|| {
black_box(JitterRng::new().unwrap());
});
}

View File

@ -1,62 +0,0 @@
#![feature(test)]
extern crate test;
extern crate rand;
use test::{black_box, Bencher};
use rand::{Rng, weak_rng};
use rand::seq::*;
#[bench]
fn misc_shuffle_100(b: &mut Bencher) {
let mut rng = weak_rng();
let x : &mut [usize] = &mut [1; 100];
b.iter(|| {
rng.shuffle(x);
black_box(&x);
})
}
#[bench]
fn misc_sample_iter_10_of_100(b: &mut Bencher) {
let mut rng = weak_rng();
let x : &[usize] = &[1; 100];
b.iter(|| {
black_box(sample_iter(&mut rng, x, 10).unwrap_or_else(|e| e));
})
}
#[bench]
fn misc_sample_slice_10_of_100(b: &mut Bencher) {
let mut rng = weak_rng();
let x : &[usize] = &[1; 100];
b.iter(|| {
black_box(sample_slice(&mut rng, x, 10));
})
}
#[bench]
fn misc_sample_slice_ref_10_of_100(b: &mut Bencher) {
let mut rng = weak_rng();
let x : &[usize] = &[1; 100];
b.iter(|| {
black_box(sample_slice_ref(&mut rng, x, 10));
})
}
macro_rules! sample_indices {
($name:ident, $amount:expr, $length:expr) => {
#[bench]
fn $name(b: &mut Bencher) {
let mut rng = weak_rng();
b.iter(|| {
black_box(sample_indices(&mut rng, $length, $amount));
})
}
}
}
sample_indices!(misc_sample_indices_10_of_1k, 10, 1000);
sample_indices!(misc_sample_indices_50_of_1k, 50, 1000);
sample_indices!(misc_sample_indices_100_of_1k, 100, 1000);

View File

@ -1,124 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! The exponential distribution.
use {Rng, Rand};
use distributions::{ziggurat, ziggurat_tables, Sample, IndependentSample};
/// A wrapper around an `f64` to generate Exp(1) random numbers.
///
/// See `Exp` for the general exponential distribution.
///
/// Implemented via the ZIGNOR variant[1] of the Ziggurat method. The
/// exact description in the paper was adjusted to use tables for the
/// exponential distribution rather than normal.
///
/// [1]: Jurgen A. Doornik (2005). [*An Improved Ziggurat Method to
/// Generate Normal Random
/// Samples*](http://www.doornik.com/research/ziggurat.pdf). Nuffield
/// College, Oxford
///
/// # Example
///
/// ```rust
/// use rand::distributions::exponential::Exp1;
///
/// let Exp1(x) = rand::random();
/// println!("{}", x);
/// ```
#[derive(Clone, Copy, Debug)]
pub struct Exp1(pub f64);
// This could be done via `-rng.gen::<f64>().ln()` but that is slower.
impl Rand for Exp1 {
#[inline]
fn rand<R:Rng>(rng: &mut R) -> Exp1 {
#[inline]
fn pdf(x: f64) -> f64 {
(-x).exp()
}
#[inline]
fn zero_case<R:Rng>(rng: &mut R, _u: f64) -> f64 {
ziggurat_tables::ZIG_EXP_R - rng.gen::<f64>().ln()
}
Exp1(ziggurat(rng, false,
&ziggurat_tables::ZIG_EXP_X,
&ziggurat_tables::ZIG_EXP_F,
pdf, zero_case))
}
}
/// The exponential distribution `Exp(lambda)`.
///
/// This distribution has density function: `f(x) = lambda *
/// exp(-lambda * x)` for `x > 0`.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{Exp, IndependentSample};
///
/// let exp = Exp::new(2.0);
/// let v = exp.ind_sample(&mut rand::thread_rng());
/// println!("{} is from a Exp(2) distribution", v);
/// ```
#[derive(Clone, Copy, Debug)]
pub struct Exp {
/// `lambda` stored as `1/lambda`, since this is what we scale by.
lambda_inverse: f64
}
impl Exp {
/// Construct a new `Exp` with the given shape parameter
/// `lambda`. Panics if `lambda <= 0`.
#[inline]
pub fn new(lambda: f64) -> Exp {
assert!(lambda > 0.0, "Exp::new called with `lambda` <= 0");
Exp { lambda_inverse: 1.0 / lambda }
}
}
impl Sample<f64> for Exp {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl IndependentSample<f64> for Exp {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
let Exp1(n) = rng.gen::<Exp1>();
n * self.lambda_inverse
}
}
#[cfg(test)]
mod test {
use distributions::{Sample, IndependentSample};
use super::Exp;
#[test]
fn test_exp() {
let mut exp = Exp::new(10.0);
let mut rng = ::test::rng();
for _ in 0..1000 {
assert!(exp.sample(&mut rng) >= 0.0);
assert!(exp.ind_sample(&mut rng) >= 0.0);
}
}
#[test]
#[should_panic]
fn test_exp_invalid_lambda_zero() {
Exp::new(0.0);
}
#[test]
#[should_panic]
fn test_exp_invalid_lambda_neg() {
Exp::new(-10.0);
}
}

View File

@ -1,386 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//
// ignore-lexer-test FIXME #15679
//! The Gamma and derived distributions.
use self::GammaRepr::*;
use self::ChiSquaredRepr::*;
use {Rng, Open01};
use super::normal::StandardNormal;
use super::{IndependentSample, Sample, Exp};
/// The Gamma distribution `Gamma(shape, scale)` distribution.
///
/// The density function of this distribution is
///
/// ```text
/// f(x) = x^(k - 1) * exp(-x / θ) / (Γ(k) * θ^k)
/// ```
///
/// where `Γ` is the Gamma function, `k` is the shape and `θ` is the
/// scale and both `k` and `θ` are strictly positive.
///
/// The algorithm used is that described by Marsaglia & Tsang 2000[1],
/// falling back to directly sampling from an Exponential for `shape
/// == 1`, and using the boosting technique described in [1] for
/// `shape < 1`.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{IndependentSample, Gamma};
///
/// let gamma = Gamma::new(2.0, 5.0);
/// let v = gamma.ind_sample(&mut rand::thread_rng());
/// println!("{} is from a Gamma(2, 5) distribution", v);
/// ```
///
/// [1]: George Marsaglia and Wai Wan Tsang. 2000. "A Simple Method
/// for Generating Gamma Variables" *ACM Trans. Math. Softw.* 26, 3
/// (September 2000),
/// 363-372. DOI:[10.1145/358407.358414](http://doi.acm.org/10.1145/358407.358414)
#[derive(Clone, Copy, Debug)]
pub struct Gamma {
repr: GammaRepr,
}
#[derive(Clone, Copy, Debug)]
enum GammaRepr {
Large(GammaLargeShape),
One(Exp),
Small(GammaSmallShape)
}
// These two helpers could be made public, but saving the
// match-on-Gamma-enum branch from using them directly (e.g. if one
// knows that the shape is always > 1) doesn't appear to be much
// faster.
/// Gamma distribution where the shape parameter is less than 1.
///
/// Note, samples from this require a compulsory floating-point `pow`
/// call, which makes it significantly slower than sampling from a
/// gamma distribution where the shape parameter is greater than or
/// equal to 1.
///
/// See `Gamma` for sampling from a Gamma distribution with general
/// shape parameters.
#[derive(Clone, Copy, Debug)]
struct GammaSmallShape {
inv_shape: f64,
large_shape: GammaLargeShape
}
/// Gamma distribution where the shape parameter is larger than 1.
///
/// See `Gamma` for sampling from a Gamma distribution with general
/// shape parameters.
#[derive(Clone, Copy, Debug)]
struct GammaLargeShape {
scale: f64,
c: f64,
d: f64
}
impl Gamma {
/// Construct an object representing the `Gamma(shape, scale)`
/// distribution.
///
/// Panics if `shape <= 0` or `scale <= 0`.
#[inline]
pub fn new(shape: f64, scale: f64) -> Gamma {
assert!(shape > 0.0, "Gamma::new called with shape <= 0");
assert!(scale > 0.0, "Gamma::new called with scale <= 0");
let repr = if shape == 1.0 {
One(Exp::new(1.0 / scale))
} else if shape < 1.0 {
Small(GammaSmallShape::new_raw(shape, scale))
} else {
Large(GammaLargeShape::new_raw(shape, scale))
};
Gamma { repr: repr }
}
}
impl GammaSmallShape {
fn new_raw(shape: f64, scale: f64) -> GammaSmallShape {
GammaSmallShape {
inv_shape: 1. / shape,
large_shape: GammaLargeShape::new_raw(shape + 1.0, scale)
}
}
}
impl GammaLargeShape {
fn new_raw(shape: f64, scale: f64) -> GammaLargeShape {
let d = shape - 1. / 3.;
GammaLargeShape {
scale: scale,
c: 1. / (9. * d).sqrt(),
d: d
}
}
}
impl Sample<f64> for Gamma {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl Sample<f64> for GammaSmallShape {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl Sample<f64> for GammaLargeShape {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl IndependentSample<f64> for Gamma {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
match self.repr {
Small(ref g) => g.ind_sample(rng),
One(ref g) => g.ind_sample(rng),
Large(ref g) => g.ind_sample(rng),
}
}
}
impl IndependentSample<f64> for GammaSmallShape {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
let Open01(u) = rng.gen::<Open01<f64>>();
self.large_shape.ind_sample(rng) * u.powf(self.inv_shape)
}
}
impl IndependentSample<f64> for GammaLargeShape {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
loop {
let StandardNormal(x) = rng.gen::<StandardNormal>();
let v_cbrt = 1.0 + self.c * x;
if v_cbrt <= 0.0 { // a^3 <= 0 iff a <= 0
continue
}
let v = v_cbrt * v_cbrt * v_cbrt;
let Open01(u) = rng.gen::<Open01<f64>>();
let x_sqr = x * x;
if u < 1.0 - 0.0331 * x_sqr * x_sqr ||
u.ln() < 0.5 * x_sqr + self.d * (1.0 - v + v.ln()) {
return self.d * v * self.scale
}
}
}
}
/// The chi-squared distribution `χ²(k)`, where `k` is the degrees of
/// freedom.
///
/// For `k > 0` integral, this distribution is the sum of the squares
/// of `k` independent standard normal random variables. For other
/// `k`, this uses the equivalent characterisation
/// `χ²(k) = Gamma(k/2, 2)`.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{ChiSquared, IndependentSample};
///
/// let chi = ChiSquared::new(11.0);
/// let v = chi.ind_sample(&mut rand::thread_rng());
/// println!("{} is from a χ²(11) distribution", v)
/// ```
#[derive(Clone, Copy, Debug)]
pub struct ChiSquared {
repr: ChiSquaredRepr,
}
#[derive(Clone, Copy, Debug)]
enum ChiSquaredRepr {
// k == 1, Gamma(alpha, ..) is particularly slow for alpha < 1,
// e.g. when alpha = 1/2 as it would be for this case, so special-
// casing and using the definition of N(0,1)^2 is faster.
DoFExactlyOne,
DoFAnythingElse(Gamma),
}
impl ChiSquared {
/// Create a new chi-squared distribution with degrees-of-freedom
/// `k`. Panics if `k < 0`.
pub fn new(k: f64) -> ChiSquared {
let repr = if k == 1.0 {
DoFExactlyOne
} else {
assert!(k > 0.0, "ChiSquared::new called with `k` < 0");
DoFAnythingElse(Gamma::new(0.5 * k, 2.0))
};
ChiSquared { repr: repr }
}
}
impl Sample<f64> for ChiSquared {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl IndependentSample<f64> for ChiSquared {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
match self.repr {
DoFExactlyOne => {
// k == 1 => N(0,1)^2
let StandardNormal(norm) = rng.gen::<StandardNormal>();
norm * norm
}
DoFAnythingElse(ref g) => g.ind_sample(rng)
}
}
}
/// The Fisher F distribution `F(m, n)`.
///
/// This distribution is equivalent to the ratio of two normalised
/// chi-squared distributions, that is, `F(m,n) = (χ²(m)/m) /
/// (χ²(n)/n)`.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{FisherF, IndependentSample};
///
/// let f = FisherF::new(2.0, 32.0);
/// let v = f.ind_sample(&mut rand::thread_rng());
/// println!("{} is from an F(2, 32) distribution", v)
/// ```
#[derive(Clone, Copy, Debug)]
pub struct FisherF {
numer: ChiSquared,
denom: ChiSquared,
// denom_dof / numer_dof so that this can just be a straight
// multiplication, rather than a division.
dof_ratio: f64,
}
impl FisherF {
/// Create a new `FisherF` distribution, with the given
/// parameter. Panics if either `m` or `n` are not positive.
pub fn new(m: f64, n: f64) -> FisherF {
assert!(m > 0.0, "FisherF::new called with `m < 0`");
assert!(n > 0.0, "FisherF::new called with `n < 0`");
FisherF {
numer: ChiSquared::new(m),
denom: ChiSquared::new(n),
dof_ratio: n / m
}
}
}
impl Sample<f64> for FisherF {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl IndependentSample<f64> for FisherF {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
self.numer.ind_sample(rng) / self.denom.ind_sample(rng) * self.dof_ratio
}
}
/// The Student t distribution, `t(nu)`, where `nu` is the degrees of
/// freedom.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{StudentT, IndependentSample};
///
/// let t = StudentT::new(11.0);
/// let v = t.ind_sample(&mut rand::thread_rng());
/// println!("{} is from a t(11) distribution", v)
/// ```
#[derive(Clone, Copy, Debug)]
pub struct StudentT {
chi: ChiSquared,
dof: f64
}
impl StudentT {
/// Create a new Student t distribution with `n` degrees of
/// freedom. Panics if `n <= 0`.
pub fn new(n: f64) -> StudentT {
assert!(n > 0.0, "StudentT::new called with `n <= 0`");
StudentT {
chi: ChiSquared::new(n),
dof: n
}
}
}
impl Sample<f64> for StudentT {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl IndependentSample<f64> for StudentT {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
let StandardNormal(norm) = rng.gen::<StandardNormal>();
norm * (self.dof / self.chi.ind_sample(rng)).sqrt()
}
}
#[cfg(test)]
mod test {
use distributions::{Sample, IndependentSample};
use super::{ChiSquared, StudentT, FisherF};
#[test]
fn test_chi_squared_one() {
let mut chi = ChiSquared::new(1.0);
let mut rng = ::test::rng();
for _ in 0..1000 {
chi.sample(&mut rng);
chi.ind_sample(&mut rng);
}
}
#[test]
fn test_chi_squared_small() {
let mut chi = ChiSquared::new(0.5);
let mut rng = ::test::rng();
for _ in 0..1000 {
chi.sample(&mut rng);
chi.ind_sample(&mut rng);
}
}
#[test]
fn test_chi_squared_large() {
let mut chi = ChiSquared::new(30.0);
let mut rng = ::test::rng();
for _ in 0..1000 {
chi.sample(&mut rng);
chi.ind_sample(&mut rng);
}
}
#[test]
#[should_panic]
fn test_chi_squared_invalid_dof() {
ChiSquared::new(-1.0);
}
#[test]
fn test_f() {
let mut f = FisherF::new(2.0, 32.0);
let mut rng = ::test::rng();
for _ in 0..1000 {
f.sample(&mut rng);
f.ind_sample(&mut rng);
}
}
#[test]
fn test_t() {
let mut t = StudentT::new(11.0);
let mut rng = ::test::rng();
for _ in 0..1000 {
t.sample(&mut rng);
t.ind_sample(&mut rng);
}
}
}

View File

@ -1,409 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! Sampling from random distributions.
//!
//! This is a generalization of `Rand` to allow parameters to control the
//! exact properties of the generated values, e.g. the mean and standard
//! deviation of a normal distribution. The `Sample` trait is the most
//! general, and allows for generating values that change some state
//! internally. The `IndependentSample` trait is for generating values
//! that do not need to record state.
use core::marker;
use {Rng, Rand};
pub use self::range::Range;
#[cfg(feature="std")]
pub use self::gamma::{Gamma, ChiSquared, FisherF, StudentT};
#[cfg(feature="std")]
pub use self::normal::{Normal, LogNormal};
#[cfg(feature="std")]
pub use self::exponential::Exp;
pub mod range;
#[cfg(feature="std")]
pub mod gamma;
#[cfg(feature="std")]
pub mod normal;
#[cfg(feature="std")]
pub mod exponential;
#[cfg(feature="std")]
mod ziggurat_tables;
/// Types that can be used to create a random instance of `Support`.
pub trait Sample<Support> {
/// Generate a random value of `Support`, using `rng` as the
/// source of randomness.
fn sample<R: Rng>(&mut self, rng: &mut R) -> Support;
}
/// `Sample`s that do not require keeping track of state.
///
/// Since no state is recorded, each sample is (statistically)
/// independent of all others, assuming the `Rng` used has this
/// property.
// FIXME maybe having this separate is overkill (the only reason is to
// take &self rather than &mut self)? or maybe this should be the
// trait called `Sample` and the other should be `DependentSample`.
pub trait IndependentSample<Support>: Sample<Support> {
/// Generate a random value.
fn ind_sample<R: Rng>(&self, &mut R) -> Support;
}
/// A wrapper for generating types that implement `Rand` via the
/// `Sample` & `IndependentSample` traits.
#[derive(Debug)]
pub struct RandSample<Sup> {
_marker: marker::PhantomData<fn() -> Sup>,
}
impl<Sup> Copy for RandSample<Sup> {}
impl<Sup> Clone for RandSample<Sup> {
fn clone(&self) -> Self { *self }
}
impl<Sup: Rand> Sample<Sup> for RandSample<Sup> {
fn sample<R: Rng>(&mut self, rng: &mut R) -> Sup { self.ind_sample(rng) }
}
impl<Sup: Rand> IndependentSample<Sup> for RandSample<Sup> {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> Sup {
rng.gen()
}
}
impl<Sup> RandSample<Sup> {
pub fn new() -> RandSample<Sup> {
RandSample { _marker: marker::PhantomData }
}
}
/// A value with a particular weight for use with `WeightedChoice`.
#[derive(Copy, Clone, Debug)]
pub struct Weighted<T> {
/// The numerical weight of this item
pub weight: u32,
/// The actual item which is being weighted
pub item: T,
}
/// A distribution that selects from a finite collection of weighted items.
///
/// Each item has an associated weight that influences how likely it
/// is to be chosen: higher weight is more likely.
///
/// The `Clone` restriction is a limitation of the `Sample` and
/// `IndependentSample` traits. Note that `&T` is (cheaply) `Clone` for
/// all `T`, as is `u32`, so one can store references or indices into
/// another vector.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{Weighted, WeightedChoice, IndependentSample};
///
/// let mut items = vec!(Weighted { weight: 2, item: 'a' },
/// Weighted { weight: 4, item: 'b' },
/// Weighted { weight: 1, item: 'c' });
/// let wc = WeightedChoice::new(&mut items);
/// let mut rng = rand::thread_rng();
/// for _ in 0..16 {
/// // on average prints 'a' 4 times, 'b' 8 and 'c' twice.
/// println!("{}", wc.ind_sample(&mut rng));
/// }
/// ```
#[derive(Debug)]
pub struct WeightedChoice<'a, T:'a> {
items: &'a mut [Weighted<T>],
weight_range: Range<u32>
}
impl<'a, T: Clone> WeightedChoice<'a, T> {
/// Create a new `WeightedChoice`.
///
/// Panics if:
///
/// - `items` is empty
/// - the total weight is 0
/// - the total weight is larger than a `u32` can contain.
pub fn new(items: &'a mut [Weighted<T>]) -> WeightedChoice<'a, T> {
// strictly speaking, this is subsumed by the total weight == 0 case
assert!(!items.is_empty(), "WeightedChoice::new called with no items");
let mut running_total: u32 = 0;
// we convert the list from individual weights to cumulative
// weights so we can binary search. This *could* drop elements
// with weight == 0 as an optimisation.
for item in items.iter_mut() {
running_total = match running_total.checked_add(item.weight) {
Some(n) => n,
None => panic!("WeightedChoice::new called with a total weight \
larger than a u32 can contain")
};
item.weight = running_total;
}
assert!(running_total != 0, "WeightedChoice::new called with a total weight of 0");
WeightedChoice {
items: items,
// we're likely to be generating numbers in this range
// relatively often, so might as well cache it
weight_range: Range::new(0, running_total)
}
}
}
impl<'a, T: Clone> Sample<T> for WeightedChoice<'a, T> {
fn sample<R: Rng>(&mut self, rng: &mut R) -> T { self.ind_sample(rng) }
}
impl<'a, T: Clone> IndependentSample<T> for WeightedChoice<'a, T> {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> T {
// we want to find the first element that has cumulative
// weight > sample_weight, which we do by binary since the
// cumulative weights of self.items are sorted.
// choose a weight in [0, total_weight)
let sample_weight = self.weight_range.ind_sample(rng);
// short circuit when it's the first item
if sample_weight < self.items[0].weight {
return self.items[0].item.clone();
}
let mut idx = 0;
let mut modifier = self.items.len();
// now we know that every possibility has an element to the
// left, so we can just search for the last element that has
// cumulative weight <= sample_weight, then the next one will
// be "it". (Note that this greatest element will never be the
// last element of the vector, since sample_weight is chosen
// in [0, total_weight) and the cumulative weight of the last
// one is exactly the total weight.)
while modifier > 1 {
let i = idx + modifier / 2;
if self.items[i].weight <= sample_weight {
// we're small, so look to the right, but allow this
// exact element still.
idx = i;
// we need the `/ 2` to round up otherwise we'll drop
// the trailing elements when `modifier` is odd.
modifier += 1;
} else {
// otherwise we're too big, so go left. (i.e. do
// nothing)
}
modifier /= 2;
}
return self.items[idx + 1].item.clone();
}
}
/// Sample a random number using the Ziggurat method (specifically the
/// ZIGNOR variant from Doornik 2005). Most of the arguments are
/// directly from the paper:
///
/// * `rng`: source of randomness
/// * `symmetric`: whether this is a symmetric distribution, or one-sided with P(x < 0) = 0.
/// * `X`: the $x_i$ abscissae.
/// * `F`: precomputed values of the PDF at the $x_i$, (i.e. $f(x_i)$)
/// * `F_DIFF`: precomputed values of $f(x_i) - f(x_{i+1})$
/// * `pdf`: the probability density function
/// * `zero_case`: manual sampling from the tail when we chose the
/// bottom box (i.e. i == 0)
// the perf improvement (25-50%) is definitely worth the extra code
// size from force-inlining.
#[cfg(feature="std")]
#[inline(always)]
fn ziggurat<R: Rng, P, Z>(
rng: &mut R,
symmetric: bool,
x_tab: ziggurat_tables::ZigTable,
f_tab: ziggurat_tables::ZigTable,
mut pdf: P,
mut zero_case: Z)
-> f64 where P: FnMut(f64) -> f64, Z: FnMut(&mut R, f64) -> f64 {
const SCALE: f64 = (1u64 << 53) as f64;
loop {
// reimplement the f64 generation as an optimisation suggested
// by the Doornik paper: we have a lot of precision-space
// (i.e. there are 11 bits of the 64 of a u64 to use after
// creating a f64), so we might as well reuse some to save
// generating a whole extra random number. (Seems to be 15%
// faster.)
//
// This unfortunately misses out on the benefits of direct
// floating point generation if an RNG like dSMFT is
// used. (That is, such RNGs create floats directly, highly
// efficiently and overload next_f32/f64, so by not calling it
// this may be slower than it would be otherwise.)
// FIXME: investigate/optimise for the above.
let bits: u64 = rng.gen();
let i = (bits & 0xff) as usize;
let f = (bits >> 11) as f64 / SCALE;
// u is either U(-1, 1) or U(0, 1) depending on if this is a
// symmetric distribution or not.
let u = if symmetric {2.0 * f - 1.0} else {f};
let x = u * x_tab[i];
let test_x = if symmetric { x.abs() } else {x};
// algebraically equivalent to |u| < x_tab[i+1]/x_tab[i] (or u < x_tab[i+1]/x_tab[i])
if test_x < x_tab[i + 1] {
return x;
}
if i == 0 {
return zero_case(rng, u);
}
// algebraically equivalent to f1 + DRanU()*(f0 - f1) < 1
if f_tab[i + 1] + (f_tab[i] - f_tab[i + 1]) * rng.gen::<f64>() < pdf(x) {
return x;
}
}
}
#[cfg(test)]
mod tests {
use {Rng, Rand};
use super::{RandSample, WeightedChoice, Weighted, Sample, IndependentSample};
#[derive(PartialEq, Debug)]
struct ConstRand(usize);
impl Rand for ConstRand {
fn rand<R: Rng>(_: &mut R) -> ConstRand {
ConstRand(0)
}
}
// 0, 1, 2, 3, ...
struct CountingRng { i: u32 }
impl Rng for CountingRng {
fn next_u32(&mut self) -> u32 {
self.i += 1;
self.i - 1
}
fn next_u64(&mut self) -> u64 {
self.next_u32() as u64
}
}
#[test]
fn test_rand_sample() {
let mut rand_sample = RandSample::<ConstRand>::new();
assert_eq!(rand_sample.sample(&mut ::test::rng()), ConstRand(0));
assert_eq!(rand_sample.ind_sample(&mut ::test::rng()), ConstRand(0));
}
#[test]
fn test_weighted_choice() {
// this makes assumptions about the internal implementation of
// WeightedChoice, specifically: it doesn't reorder the items,
// it doesn't do weird things to the RNG (so 0 maps to 0, 1 to
// 1, internally; modulo a modulo operation).
macro_rules! t {
($items:expr, $expected:expr) => {{
let mut items = $items;
let wc = WeightedChoice::new(&mut items);
let expected = $expected;
let mut rng = CountingRng { i: 0 };
for &val in expected.iter() {
assert_eq!(wc.ind_sample(&mut rng), val)
}
}}
}
t!(vec!(Weighted { weight: 1, item: 10}), [10]);
// skip some
t!(vec!(Weighted { weight: 0, item: 20},
Weighted { weight: 2, item: 21},
Weighted { weight: 0, item: 22},
Weighted { weight: 1, item: 23}),
[21,21, 23]);
// different weights
t!(vec!(Weighted { weight: 4, item: 30},
Weighted { weight: 3, item: 31}),
[30,30,30,30, 31,31,31]);
// check that we're binary searching
// correctly with some vectors of odd
// length.
t!(vec!(Weighted { weight: 1, item: 40},
Weighted { weight: 1, item: 41},
Weighted { weight: 1, item: 42},
Weighted { weight: 1, item: 43},
Weighted { weight: 1, item: 44}),
[40, 41, 42, 43, 44]);
t!(vec!(Weighted { weight: 1, item: 50},
Weighted { weight: 1, item: 51},
Weighted { weight: 1, item: 52},
Weighted { weight: 1, item: 53},
Weighted { weight: 1, item: 54},
Weighted { weight: 1, item: 55},
Weighted { weight: 1, item: 56}),
[50, 51, 52, 53, 54, 55, 56]);
}
#[test]
fn test_weighted_clone_initialization() {
let initial : Weighted<u32> = Weighted {weight: 1, item: 1};
let clone = initial.clone();
assert_eq!(initial.weight, clone.weight);
assert_eq!(initial.item, clone.item);
}
#[test] #[should_panic]
fn test_weighted_clone_change_weight() {
let initial : Weighted<u32> = Weighted {weight: 1, item: 1};
let mut clone = initial.clone();
clone.weight = 5;
assert_eq!(initial.weight, clone.weight);
}
#[test] #[should_panic]
fn test_weighted_clone_change_item() {
let initial : Weighted<u32> = Weighted {weight: 1, item: 1};
let mut clone = initial.clone();
clone.item = 5;
assert_eq!(initial.item, clone.item);
}
#[test] #[should_panic]
fn test_weighted_choice_no_items() {
WeightedChoice::<isize>::new(&mut []);
}
#[test] #[should_panic]
fn test_weighted_choice_zero_weight() {
WeightedChoice::new(&mut [Weighted { weight: 0, item: 0},
Weighted { weight: 0, item: 1}]);
}
#[test] #[should_panic]
fn test_weighted_choice_weight_overflows() {
let x = ::std::u32::MAX / 2; // x + x + 2 is the overflow
WeightedChoice::new(&mut [Weighted { weight: x, item: 0 },
Weighted { weight: 1, item: 1 },
Weighted { weight: x, item: 2 },
Weighted { weight: 1, item: 3 }]);
}
}

View File

@ -1,201 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! The normal and derived distributions.
use {Rng, Rand, Open01};
use distributions::{ziggurat, ziggurat_tables, Sample, IndependentSample};
/// A wrapper around an `f64` to generate N(0, 1) random numbers
/// (a.k.a. a standard normal, or Gaussian).
///
/// See `Normal` for the general normal distribution.
///
/// Implemented via the ZIGNOR variant[1] of the Ziggurat method.
///
/// [1]: Jurgen A. Doornik (2005). [*An Improved Ziggurat Method to
/// Generate Normal Random
/// Samples*](http://www.doornik.com/research/ziggurat.pdf). Nuffield
/// College, Oxford
///
/// # Example
///
/// ```rust
/// use rand::distributions::normal::StandardNormal;
///
/// let StandardNormal(x) = rand::random();
/// println!("{}", x);
/// ```
#[derive(Clone, Copy, Debug)]
pub struct StandardNormal(pub f64);
impl Rand for StandardNormal {
fn rand<R:Rng>(rng: &mut R) -> StandardNormal {
#[inline]
fn pdf(x: f64) -> f64 {
(-x*x/2.0).exp()
}
#[inline]
fn zero_case<R:Rng>(rng: &mut R, u: f64) -> f64 {
// compute a random number in the tail by hand
// strange initial conditions, because the loop is not
// do-while, so the condition should be true on the first
// run, they get overwritten anyway (0 < 1, so these are
// good).
let mut x = 1.0f64;
let mut y = 0.0f64;
while -2.0 * y < x * x {
let Open01(x_) = rng.gen::<Open01<f64>>();
let Open01(y_) = rng.gen::<Open01<f64>>();
x = x_.ln() / ziggurat_tables::ZIG_NORM_R;
y = y_.ln();
}
if u < 0.0 { x - ziggurat_tables::ZIG_NORM_R } else { ziggurat_tables::ZIG_NORM_R - x }
}
StandardNormal(ziggurat(
rng,
true, // this is symmetric
&ziggurat_tables::ZIG_NORM_X,
&ziggurat_tables::ZIG_NORM_F,
pdf, zero_case))
}
}
/// The normal distribution `N(mean, std_dev**2)`.
///
/// This uses the ZIGNOR variant of the Ziggurat method, see
/// `StandardNormal` for more details.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{Normal, IndependentSample};
///
/// // mean 2, standard deviation 3
/// let normal = Normal::new(2.0, 3.0);
/// let v = normal.ind_sample(&mut rand::thread_rng());
/// println!("{} is from a N(2, 9) distribution", v)
/// ```
#[derive(Clone, Copy, Debug)]
pub struct Normal {
mean: f64,
std_dev: f64,
}
impl Normal {
/// Construct a new `Normal` distribution with the given mean and
/// standard deviation.
///
/// # Panics
///
/// Panics if `std_dev < 0`.
#[inline]
pub fn new(mean: f64, std_dev: f64) -> Normal {
assert!(std_dev >= 0.0, "Normal::new called with `std_dev` < 0");
Normal {
mean: mean,
std_dev: std_dev
}
}
}
impl Sample<f64> for Normal {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl IndependentSample<f64> for Normal {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
let StandardNormal(n) = rng.gen::<StandardNormal>();
self.mean + self.std_dev * n
}
}
/// The log-normal distribution `ln N(mean, std_dev**2)`.
///
/// If `X` is log-normal distributed, then `ln(X)` is `N(mean,
/// std_dev**2)` distributed.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{LogNormal, IndependentSample};
///
/// // mean 2, standard deviation 3
/// let log_normal = LogNormal::new(2.0, 3.0);
/// let v = log_normal.ind_sample(&mut rand::thread_rng());
/// println!("{} is from an ln N(2, 9) distribution", v)
/// ```
#[derive(Clone, Copy, Debug)]
pub struct LogNormal {
norm: Normal
}
impl LogNormal {
/// Construct a new `LogNormal` distribution with the given mean
/// and standard deviation.
///
/// # Panics
///
/// Panics if `std_dev < 0`.
#[inline]
pub fn new(mean: f64, std_dev: f64) -> LogNormal {
assert!(std_dev >= 0.0, "LogNormal::new called with `std_dev` < 0");
LogNormal { norm: Normal::new(mean, std_dev) }
}
}
impl Sample<f64> for LogNormal {
fn sample<R: Rng>(&mut self, rng: &mut R) -> f64 { self.ind_sample(rng) }
}
impl IndependentSample<f64> for LogNormal {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> f64 {
self.norm.ind_sample(rng).exp()
}
}
#[cfg(test)]
mod tests {
use distributions::{Sample, IndependentSample};
use super::{Normal, LogNormal};
#[test]
fn test_normal() {
let mut norm = Normal::new(10.0, 10.0);
let mut rng = ::test::rng();
for _ in 0..1000 {
norm.sample(&mut rng);
norm.ind_sample(&mut rng);
}
}
#[test]
#[should_panic]
fn test_normal_invalid_sd() {
Normal::new(10.0, -1.0);
}
#[test]
fn test_log_normal() {
let mut lnorm = LogNormal::new(10.0, 10.0);
let mut rng = ::test::rng();
for _ in 0..1000 {
lnorm.sample(&mut rng);
lnorm.ind_sample(&mut rng);
}
}
#[test]
#[should_panic]
fn test_log_normal_invalid_sd() {
LogNormal::new(10.0, -1.0);
}
}

View File

@ -1,241 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! Generating numbers between two others.
// this is surprisingly complicated to be both generic & correct
use core::num::Wrapping as w;
use Rng;
use distributions::{Sample, IndependentSample};
/// Sample values uniformly between two bounds.
///
/// This gives a uniform distribution (assuming the RNG used to sample
/// it is itself uniform & the `SampleRange` implementation for the
/// given type is correct), even for edge cases like `low = 0u8`,
/// `high = 170u8`, for which a naive modulo operation would return
/// numbers less than 85 with double the probability to those greater
/// than 85.
///
/// Types should attempt to sample in `[low, high)`, i.e., not
/// including `high`, but this may be very difficult. All the
/// primitive integer types satisfy this property, and the float types
/// normally satisfy it, but rounding may mean `high` can occur.
///
/// # Example
///
/// ```rust
/// use rand::distributions::{IndependentSample, Range};
///
/// fn main() {
/// let between = Range::new(10, 10000);
/// let mut rng = rand::thread_rng();
/// let mut sum = 0;
/// for _ in 0..1000 {
/// sum += between.ind_sample(&mut rng);
/// }
/// println!("{}", sum);
/// }
/// ```
#[derive(Clone, Copy, Debug)]
pub struct Range<X> {
low: X,
range: X,
accept_zone: X
}
impl<X: SampleRange + PartialOrd> Range<X> {
/// Create a new `Range` instance that samples uniformly from
/// `[low, high)`. Panics if `low >= high`.
pub fn new(low: X, high: X) -> Range<X> {
assert!(low < high, "Range::new called with `low >= high`");
SampleRange::construct_range(low, high)
}
}
impl<Sup: SampleRange> Sample<Sup> for Range<Sup> {
#[inline]
fn sample<R: Rng>(&mut self, rng: &mut R) -> Sup { self.ind_sample(rng) }
}
impl<Sup: SampleRange> IndependentSample<Sup> for Range<Sup> {
fn ind_sample<R: Rng>(&self, rng: &mut R) -> Sup {
SampleRange::sample_range(self, rng)
}
}
/// The helper trait for types that have a sensible way to sample
/// uniformly between two values. This should not be used directly,
/// and is only to facilitate `Range`.
pub trait SampleRange : Sized {
/// Construct the `Range` object that `sample_range`
/// requires. This should not ever be called directly, only via
/// `Range::new`, which will check that `low < high`, so this
/// function doesn't have to repeat the check.
fn construct_range(low: Self, high: Self) -> Range<Self>;
/// Sample a value from the given `Range` with the given `Rng` as
/// a source of randomness.
fn sample_range<R: Rng>(r: &Range<Self>, rng: &mut R) -> Self;
}
macro_rules! integer_impl {
($ty:ty, $unsigned:ident) => {
impl SampleRange for $ty {
// we play free and fast with unsigned vs signed here
// (when $ty is signed), but that's fine, since the
// contract of this macro is for $ty and $unsigned to be
// "bit-equal", so casting between them is a no-op & a
// bijection.
#[inline]
fn construct_range(low: $ty, high: $ty) -> Range<$ty> {
let range = (w(high as $unsigned) - w(low as $unsigned)).0;
let unsigned_max: $unsigned = ::core::$unsigned::MAX;
// this is the largest number that fits into $unsigned
// that `range` divides evenly, so, if we've sampled
// `n` uniformly from this region, then `n % range` is
// uniform in [0, range)
let zone = unsigned_max - unsigned_max % range;
Range {
low: low,
range: range as $ty,
accept_zone: zone as $ty
}
}
#[inline]
fn sample_range<R: Rng>(r: &Range<$ty>, rng: &mut R) -> $ty {
loop {
// rejection sample
let v = rng.gen::<$unsigned>();
// until we find something that fits into the
// region which r.range evenly divides (this will
// be uniformly distributed)
if v < r.accept_zone as $unsigned {
// and return it, with some adjustments
return (w(r.low) + w((v % r.range as $unsigned) as $ty)).0;
}
}
}
}
}
}
integer_impl! { i8, u8 }
integer_impl! { i16, u16 }
integer_impl! { i32, u32 }
integer_impl! { i64, u64 }
#[cfg(feature = "i128_support")]
integer_impl! { i128, u128 }
integer_impl! { isize, usize }
integer_impl! { u8, u8 }
integer_impl! { u16, u16 }
integer_impl! { u32, u32 }
integer_impl! { u64, u64 }
#[cfg(feature = "i128_support")]
integer_impl! { u128, u128 }
integer_impl! { usize, usize }
macro_rules! float_impl {
($ty:ty) => {
impl SampleRange for $ty {
fn construct_range(low: $ty, high: $ty) -> Range<$ty> {
Range {
low: low,
range: high - low,
accept_zone: 0.0 // unused
}
}
fn sample_range<R: Rng>(r: &Range<$ty>, rng: &mut R) -> $ty {
r.low + r.range * rng.gen::<$ty>()
}
}
}
}
float_impl! { f32 }
float_impl! { f64 }
#[cfg(test)]
mod tests {
use distributions::{Sample, IndependentSample};
use super::Range as Range;
#[should_panic]
#[test]
fn test_range_bad_limits_equal() {
Range::new(10, 10);
}
#[should_panic]
#[test]
fn test_range_bad_limits_flipped() {
Range::new(10, 5);
}
#[test]
fn test_integers() {
let mut rng = ::test::rng();
macro_rules! t {
($($ty:ident),*) => {{
$(
let v: &[($ty, $ty)] = &[(0, 10),
(10, 127),
(::core::$ty::MIN, ::core::$ty::MAX)];
for &(low, high) in v.iter() {
let mut sampler: Range<$ty> = Range::new(low, high);
for _ in 0..1000 {
let v = sampler.sample(&mut rng);
assert!(low <= v && v < high);
let v = sampler.ind_sample(&mut rng);
assert!(low <= v && v < high);
}
}
)*
}}
}
#[cfg(not(feature = "i128_support"))]
t!(i8, i16, i32, i64, isize,
u8, u16, u32, u64, usize);
#[cfg(feature = "i128_support")]
t!(i8, i16, i32, i64, i128, isize,
u8, u16, u32, u64, u128, usize);
}
#[test]
fn test_floats() {
let mut rng = ::test::rng();
macro_rules! t {
($($ty:ty),*) => {{
$(
let v: &[($ty, $ty)] = &[(0.0, 100.0),
(-1e35, -1e25),
(1e-35, 1e-25),
(-1e35, 1e35)];
for &(low, high) in v.iter() {
let mut sampler: Range<$ty> = Range::new(low, high);
for _ in 0..1000 {
let v = sampler.sample(&mut rng);
assert!(low <= v && v < high);
let v = sampler.ind_sample(&mut rng);
assert!(low <= v && v < high);
}
}
)*
}}
}
t!(f32, f64)
}
}

View File

@ -1,280 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
// Tables for distributions which are sampled using the ziggurat
// algorithm. Autogenerated by `ziggurat_tables.py`.
pub type ZigTable = &'static [f64; 257];
pub const ZIG_NORM_R: f64 = 3.654152885361008796;
pub static ZIG_NORM_X: [f64; 257] =
[3.910757959537090045, 3.654152885361008796, 3.449278298560964462, 3.320244733839166074,
3.224575052047029100, 3.147889289517149969, 3.083526132001233044, 3.027837791768635434,
2.978603279880844834, 2.934366867207854224, 2.894121053612348060, 2.857138730872132548,
2.822877396825325125, 2.790921174000785765, 2.760944005278822555, 2.732685359042827056,
2.705933656121858100, 2.680514643284522158, 2.656283037575502437, 2.633116393630324570,
2.610910518487548515, 2.589575986706995181, 2.569035452680536569, 2.549221550323460761,
2.530075232158516929, 2.511544441625342294, 2.493583041269680667, 2.476149939669143318,
2.459208374333311298, 2.442725318198956774, 2.426670984935725972, 2.411018413899685520,
2.395743119780480601, 2.380822795170626005, 2.366237056715818632, 2.351967227377659952,
2.337996148795031370, 2.324308018869623016, 2.310888250599850036, 2.297723348901329565,
2.284800802722946056, 2.272108990226823888, 2.259637095172217780, 2.247375032945807760,
2.235313384928327984, 2.223443340090905718, 2.211756642882544366, 2.200245546609647995,
2.188902771624720689, 2.177721467738641614, 2.166695180352645966, 2.155817819875063268,
2.145083634046203613, 2.134487182844320152, 2.124023315687815661, 2.113687150684933957,
2.103474055713146829, 2.093379631137050279, 2.083399693996551783, 2.073530263516978778,
2.063767547809956415, 2.054107931648864849, 2.044547965215732788, 2.035084353727808715,
2.025713947862032960, 2.016433734904371722, 2.007240830558684852, 1.998132471356564244,
1.989106007615571325, 1.980158896898598364, 1.971288697931769640, 1.962493064942461896,
1.953769742382734043, 1.945116560006753925, 1.936531428273758904, 1.928012334050718257,
1.919557336591228847, 1.911164563769282232, 1.902832208548446369, 1.894558525668710081,
1.886341828534776388, 1.878180486290977669, 1.870072921069236838, 1.862017605397632281,
1.854013059758148119, 1.846057850283119750, 1.838150586580728607, 1.830289919680666566,
1.822474540091783224, 1.814703175964167636, 1.806974591348693426, 1.799287584547580199,
1.791640986550010028, 1.784033659547276329, 1.776464495522344977, 1.768932414909077933,
1.761436365316706665, 1.753975320315455111, 1.746548278279492994, 1.739154261283669012,
1.731792314050707216, 1.724461502945775715, 1.717160915015540690, 1.709889657069006086,
1.702646854797613907, 1.695431651932238548, 1.688243209434858727, 1.681080704722823338,
1.673943330923760353, 1.666830296159286684, 1.659740822855789499, 1.652674147080648526,
1.645629517902360339, 1.638606196773111146, 1.631603456932422036, 1.624620582830568427,
1.617656869570534228, 1.610711622367333673, 1.603784156023583041, 1.596873794420261339,
1.589979870021648534, 1.583101723393471438, 1.576238702733332886, 1.569390163412534456,
1.562555467528439657, 1.555733983466554893, 1.548925085471535512, 1.542128153226347553,
1.535342571438843118, 1.528567729435024614, 1.521803020758293101, 1.515047842773992404,
1.508301596278571965, 1.501563685112706548, 1.494833515777718391, 1.488110497054654369,
1.481394039625375747, 1.474683555695025516, 1.467978458615230908, 1.461278162507407830,
1.454582081885523293, 1.447889631277669675, 1.441200224845798017, 1.434513276002946425,
1.427828197027290358, 1.421144398672323117, 1.414461289772464658, 1.407778276843371534,
1.401094763676202559, 1.394410150925071257, 1.387723835686884621, 1.381035211072741964,
1.374343665770030531, 1.367648583594317957, 1.360949343030101844, 1.354245316759430606,
1.347535871177359290, 1.340820365893152122, 1.334098153216083604, 1.327368577624624679,
1.320630975217730096, 1.313884673146868964, 1.307128989027353860, 1.300363230327433728,
1.293586693733517645, 1.286798664489786415, 1.279998415710333237, 1.273185207661843732,
1.266358287014688333, 1.259516886060144225, 1.252660221891297887, 1.245787495544997903,
1.238897891102027415, 1.231990574742445110, 1.225064693752808020, 1.218119375481726552,
1.211153726239911244, 1.204166830140560140, 1.197157747875585931, 1.190125515422801650,
1.183069142678760732, 1.175987612011489825, 1.168879876726833800, 1.161744859441574240,
1.154581450355851802, 1.147388505416733873, 1.140164844363995789, 1.132909248648336975,
1.125620459211294389, 1.118297174115062909, 1.110938046009249502, 1.103541679420268151,
1.096106627847603487, 1.088631390649514197, 1.081114409698889389, 1.073554065787871714,
1.065948674757506653, 1.058296483326006454, 1.050595664586207123, 1.042844313139370538,
1.035040439828605274, 1.027181966030751292, 1.019266717460529215, 1.011292417434978441,
1.003256679539591412, 0.995156999629943084, 0.986990747093846266, 0.978755155288937750,
0.970447311058864615, 0.962064143217605250, 0.953602409875572654, 0.945058684462571130,
0.936429340280896860, 0.927710533396234771, 0.918898183643734989, 0.909987953490768997,
0.900975224455174528, 0.891855070726792376, 0.882622229578910122, 0.873271068082494550,
0.863795545546826915, 0.854189171001560554, 0.844444954902423661, 0.834555354079518752,
0.824512208745288633, 0.814306670128064347, 0.803929116982664893, 0.793369058833152785,
0.782615023299588763, 0.771654424216739354, 0.760473406422083165, 0.749056662009581653,
0.737387211425838629, 0.725446140901303549, 0.713212285182022732, 0.700661841097584448,
0.687767892786257717, 0.674499822827436479, 0.660822574234205984, 0.646695714884388928,
0.632072236375024632, 0.616896989996235545, 0.601104617743940417, 0.584616766093722262,
0.567338257040473026, 0.549151702313026790, 0.529909720646495108, 0.509423329585933393,
0.487443966121754335, 0.463634336771763245, 0.437518402186662658, 0.408389134588000746,
0.375121332850465727, 0.335737519180459465, 0.286174591747260509, 0.215241895913273806,
0.000000000000000000];
pub static ZIG_NORM_F: [f64; 257] =
[0.000477467764586655, 0.001260285930498598, 0.002609072746106363, 0.004037972593371872,
0.005522403299264754, 0.007050875471392110, 0.008616582769422917, 0.010214971439731100,
0.011842757857943104, 0.013497450601780807, 0.015177088307982072, 0.016880083152595839,
0.018605121275783350, 0.020351096230109354, 0.022117062707379922, 0.023902203305873237,
0.025705804008632656, 0.027527235669693315, 0.029365939758230111, 0.031221417192023690,
0.033093219458688698, 0.034980941461833073, 0.036884215688691151, 0.038802707404656918,
0.040736110656078753, 0.042684144916619378, 0.044646552251446536, 0.046623094902089664,
0.048613553216035145, 0.050617723861121788, 0.052635418276973649, 0.054666461325077916,
0.056710690106399467, 0.058767952921137984, 0.060838108349751806, 0.062921024437977854,
0.065016577971470438, 0.067124653828023989, 0.069245144397250269, 0.071377949059141965,
0.073522973714240991, 0.075680130359194964, 0.077849336702372207, 0.080030515814947509,
0.082223595813495684, 0.084428509570654661, 0.086645194450867782, 0.088873592068594229,
0.091113648066700734, 0.093365311913026619, 0.095628536713353335, 0.097903279039215627,
0.100189498769172020, 0.102487158942306270, 0.104796225622867056, 0.107116667775072880,
0.109448457147210021, 0.111791568164245583, 0.114145977828255210, 0.116511665626037014,
0.118888613443345698, 0.121276805485235437, 0.123676228202051403, 0.126086870220650349,
0.128508722280473636, 0.130941777174128166, 0.133386029692162844, 0.135841476571757352,
0.138308116449064322, 0.140785949814968309, 0.143274978974047118, 0.145775208006537926,
0.148286642733128721, 0.150809290682410169, 0.153343161060837674, 0.155888264725064563,
0.158444614156520225, 0.161012223438117663, 0.163591108232982951, 0.166181285765110071,
0.168782774801850333, 0.171395595638155623, 0.174019770082499359, 0.176655321444406654,
0.179302274523530397, 0.181960655600216487, 0.184630492427504539, 0.187311814224516926,
0.190004651671193070, 0.192709036904328807, 0.195425003514885592, 0.198152586546538112,
0.200891822495431333, 0.203642749311121501, 0.206405406398679298, 0.209179834621935651,
0.211966076307852941, 0.214764175252008499, 0.217574176725178370, 0.220396127481011589,
0.223230075764789593, 0.226076071323264877, 0.228934165415577484, 0.231804410825248525,
0.234686861873252689, 0.237581574432173676, 0.240488605941449107, 0.243408015423711988,
0.246339863502238771, 0.249284212419516704, 0.252241126056943765, 0.255210669955677150,
0.258192911338648023, 0.261187919133763713, 0.264195763998317568, 0.267216518344631837,
0.270250256366959984, 0.273297054069675804, 0.276356989296781264, 0.279430141762765316,
0.282516593084849388, 0.285616426816658109, 0.288729728483353931, 0.291856585618280984,
0.294997087801162572, 0.298151326697901342, 0.301319396102034120, 0.304501391977896274,
0.307697412505553769, 0.310907558127563710, 0.314131931597630143, 0.317370638031222396,
0.320623784958230129, 0.323891482377732021, 0.327173842814958593, 0.330470981380537099,
0.333783015832108509, 0.337110066638412809, 0.340452257045945450, 0.343809713148291340,
0.347182563958251478, 0.350570941482881204, 0.353974980801569250, 0.357394820147290515,
0.360830600991175754, 0.364282468130549597, 0.367750569780596226, 0.371235057669821344,
0.374736087139491414, 0.378253817247238111, 0.381788410875031348, 0.385340034841733958,
0.388908860020464597, 0.392495061461010764, 0.396098818517547080, 0.399720314981931668,
0.403359739222868885, 0.407017284331247953, 0.410693148271983222, 0.414387534042706784,
0.418100649839684591, 0.421832709231353298, 0.425583931339900579, 0.429354541031341519,
0.433144769114574058, 0.436954852549929273, 0.440785034667769915, 0.444635565397727750,
0.448506701509214067, 0.452398706863882505, 0.456311852680773566, 0.460246417814923481,
0.464202689050278838, 0.468180961407822172, 0.472181538469883255, 0.476204732721683788,
0.480250865911249714, 0.484320269428911598, 0.488413284707712059, 0.492530263646148658,
0.496671569054796314, 0.500837575128482149, 0.505028667945828791, 0.509245245998136142,
0.513487720749743026, 0.517756517232200619, 0.522052074674794864, 0.526374847174186700,
0.530725304406193921, 0.535103932383019565, 0.539511234259544614, 0.543947731192649941,
0.548413963257921133, 0.552910490428519918, 0.557437893621486324, 0.561996775817277916,
0.566587763258951771, 0.571211506738074970, 0.575868682975210544, 0.580559996103683473,
0.585286179266300333, 0.590047996335791969, 0.594846243770991268, 0.599681752622167719,
0.604555390700549533, 0.609468064928895381, 0.614420723892076803, 0.619414360609039205,
0.624450015550274240, 0.629528779928128279, 0.634651799290960050, 0.639820277456438991,
0.645035480824251883, 0.650298743114294586, 0.655611470583224665, 0.660975147780241357,
0.666391343912380640, 0.671861719900766374, 0.677388036222513090, 0.682972161648791376,
0.688616083008527058, 0.694321916130032579, 0.700091918140490099, 0.705928501336797409,
0.711834248882358467, 0.717811932634901395, 0.723864533472881599, 0.729995264565802437,
0.736207598131266683, 0.742505296344636245, 0.748892447223726720, 0.755373506511754500,
0.761953346841546475, 0.768637315803334831, 0.775431304986138326, 0.782341832659861902,
0.789376143571198563, 0.796542330428254619, 0.803849483176389490, 0.811307874318219935,
0.818929191609414797, 0.826726833952094231, 0.834716292992930375, 0.842915653118441077,
0.851346258465123684, 0.860033621203008636, 0.869008688043793165, 0.878309655816146839,
0.887984660763399880, 0.898095921906304051, 0.908726440060562912, 0.919991505048360247,
0.932060075968990209, 0.945198953453078028, 0.959879091812415930, 0.977101701282731328,
1.000000000000000000];
pub const ZIG_EXP_R: f64 = 7.697117470131050077;
pub static ZIG_EXP_X: [f64; 257] =
[8.697117470131052741, 7.697117470131050077, 6.941033629377212577, 6.478378493832569696,
6.144164665772472667, 5.882144315795399869, 5.666410167454033697, 5.482890627526062488,
5.323090505754398016, 5.181487281301500047, 5.054288489981304089, 4.938777085901250530,
4.832939741025112035, 4.735242996601741083, 4.644491885420085175, 4.559737061707351380,
4.480211746528421912, 4.405287693473573185, 4.334443680317273007, 4.267242480277365857,
4.203313713735184365, 4.142340865664051464, 4.084051310408297830, 4.028208544647936762,
3.974606066673788796, 3.923062500135489739, 3.873417670399509127, 3.825529418522336744,
3.779270992411667862, 3.734528894039797375, 3.691201090237418825, 3.649195515760853770,
3.608428813128909507, 3.568825265648337020, 3.530315889129343354, 3.492837654774059608,
3.456332821132760191, 3.420748357251119920, 3.386035442460300970, 3.352149030900109405,
3.319047470970748037, 3.286692171599068679, 3.255047308570449882, 3.224079565286264160,
3.193757903212240290, 3.164053358025972873, 3.134938858084440394, 3.106389062339824481,
3.078380215254090224, 3.050890016615455114, 3.023897504455676621, 2.997382949516130601,
2.971327759921089662, 2.945714394895045718, 2.920526286512740821, 2.895747768600141825,
2.871364012015536371, 2.847360965635188812, 2.823725302450035279, 2.800444370250737780,
2.777506146439756574, 2.754899196562344610, 2.732612636194700073, 2.710636095867928752,
2.688959688741803689, 2.667573980773266573, 2.646469963151809157, 2.625639026797788489,
2.605072938740835564, 2.584763820214140750, 2.564704126316905253, 2.544886627111869970,
2.525304390037828028, 2.505950763528594027, 2.486819361740209455, 2.467904050297364815,
2.449198932978249754, 2.430698339264419694, 2.412396812688870629, 2.394289099921457886,
2.376370140536140596, 2.358635057409337321, 2.341079147703034380, 2.323697874390196372,
2.306486858283579799, 2.289441870532269441, 2.272558825553154804, 2.255833774367219213,
2.239262898312909034, 2.222842503111036816, 2.206569013257663858, 2.190438966723220027,
2.174449009937774679, 2.158595893043885994, 2.142876465399842001, 2.127287671317368289,
2.111826546019042183, 2.096490211801715020, 2.081275874393225145, 2.066180819490575526,
2.051202409468584786, 2.036338080248769611, 2.021585338318926173, 2.006941757894518563,
1.992404978213576650, 1.977972700957360441, 1.963642687789548313, 1.949412758007184943,
1.935280786297051359, 1.921244700591528076, 1.907302480018387536, 1.893452152939308242,
1.879691795072211180, 1.866019527692827973, 1.852433515911175554, 1.838931967018879954,
1.825513128903519799, 1.812175288526390649, 1.798916770460290859, 1.785735935484126014,
1.772631179231305643, 1.759600930889074766, 1.746643651946074405, 1.733757834985571566,
1.720942002521935299, 1.708194705878057773, 1.695514524101537912, 1.682900062917553896,
1.670349953716452118, 1.657862852574172763, 1.645437439303723659, 1.633072416535991334,
1.620766508828257901, 1.608518461798858379, 1.596327041286483395, 1.584191032532688892,
1.572109239386229707, 1.560080483527888084, 1.548103603714513499, 1.536177455041032092,
1.524300908219226258, 1.512472848872117082, 1.500692176842816750, 1.488957805516746058,
1.477268661156133867, 1.465623682245745352, 1.454021818848793446, 1.442462031972012504,
1.430943292938879674, 1.419464582769983219, 1.408024891569535697, 1.396623217917042137,
1.385258568263121992, 1.373929956328490576, 1.362636402505086775, 1.351376933258335189,
1.340150580529504643, 1.328956381137116560, 1.317793376176324749, 1.306660610415174117,
1.295557131686601027, 1.284481990275012642, 1.273434238296241139, 1.262412929069615330,
1.251417116480852521, 1.240445854334406572, 1.229498195693849105, 1.218573192208790124,
1.207669893426761121, 1.196787346088403092, 1.185924593404202199, 1.175080674310911677,
1.164254622705678921, 1.153445466655774743, 1.142652227581672841, 1.131873919411078511,
1.121109547701330200, 1.110358108727411031, 1.099618588532597308, 1.088889961938546813,
1.078171191511372307, 1.067461226479967662, 1.056759001602551429, 1.046063435977044209,
1.035373431790528542, 1.024687873002617211, 1.014005623957096480, 1.003325527915696735,
0.992646405507275897, 0.981967053085062602, 0.971286240983903260, 0.960602711668666509,
0.949915177764075969, 0.939222319955262286, 0.928522784747210395, 0.917815182070044311,
0.907098082715690257, 0.896370015589889935, 0.885629464761751528, 0.874874866291025066,
0.864104604811004484, 0.853317009842373353, 0.842510351810368485, 0.831682837734273206,
0.820832606554411814, 0.809957724057418282, 0.799056177355487174, 0.788125868869492430,
0.777164609759129710, 0.766170112735434672, 0.755139984181982249, 0.744071715500508102,
0.732962673584365398, 0.721810090308756203, 0.710611050909655040, 0.699362481103231959,
0.688061132773747808, 0.676703568029522584, 0.665286141392677943, 0.653804979847664947,
0.642255960424536365, 0.630634684933490286, 0.618936451394876075, 0.607156221620300030,
0.595288584291502887, 0.583327712748769489, 0.571267316532588332, 0.559100585511540626,
0.546820125163310577, 0.534417881237165604, 0.521885051592135052, 0.509211982443654398,
0.496388045518671162, 0.483401491653461857, 0.470239275082169006, 0.456886840931420235,
0.443327866073552401, 0.429543940225410703, 0.415514169600356364, 0.401214678896277765,
0.386617977941119573, 0.371692145329917234, 0.356399760258393816, 0.340696481064849122,
0.324529117016909452, 0.307832954674932158, 0.290527955491230394, 0.272513185478464703,
0.253658363385912022, 0.233790483059674731, 0.212671510630966620, 0.189958689622431842,
0.165127622564187282, 0.137304980940012589, 0.104838507565818778, 0.063852163815001570,
0.000000000000000000];
pub static ZIG_EXP_F: [f64; 257] =
[0.000167066692307963, 0.000454134353841497, 0.000967269282327174, 0.001536299780301573,
0.002145967743718907, 0.002788798793574076, 0.003460264777836904, 0.004157295120833797,
0.004877655983542396, 0.005619642207205489, 0.006381905937319183, 0.007163353183634991,
0.007963077438017043, 0.008780314985808977, 0.009614413642502212, 0.010464810181029981,
0.011331013597834600, 0.012212592426255378, 0.013109164931254991, 0.014020391403181943,
0.014945968011691148, 0.015885621839973156, 0.016839106826039941, 0.017806200410911355,
0.018786700744696024, 0.019780424338009740, 0.020787204072578114, 0.021806887504283581,
0.022839335406385240, 0.023884420511558174, 0.024942026419731787, 0.026012046645134221,
0.027094383780955803, 0.028188948763978646, 0.029295660224637411, 0.030414443910466622,
0.031545232172893622, 0.032687963508959555, 0.033842582150874358, 0.035009037697397431,
0.036187284781931443, 0.037377282772959382, 0.038578995503074871, 0.039792391023374139,
0.041017441380414840, 0.042254122413316254, 0.043502413568888197, 0.044762297732943289,
0.046033761076175184, 0.047316792913181561, 0.048611385573379504, 0.049917534282706379,
0.051235237055126281, 0.052564494593071685, 0.053905310196046080, 0.055257689676697030,
0.056621641283742870, 0.057997175631200659, 0.059384305633420280, 0.060783046445479660,
0.062193415408541036, 0.063615431999807376, 0.065049117786753805, 0.066494496385339816,
0.067951593421936643, 0.069420436498728783, 0.070901055162371843, 0.072393480875708752,
0.073897746992364746, 0.075413888734058410, 0.076941943170480517, 0.078481949201606435,
0.080033947542319905, 0.081597980709237419, 0.083174093009632397, 0.084762330532368146,
0.086362741140756927, 0.087975374467270231, 0.089600281910032886, 0.091237516631040197,
0.092887133556043569, 0.094549189376055873, 0.096223742550432825, 0.097910853311492213,
0.099610583670637132, 0.101322997425953631, 0.103048160171257702, 0.104786139306570145,
0.106537004050001632, 0.108300825451033755, 0.110077676405185357, 0.111867631670056283,
0.113670767882744286, 0.115487163578633506, 0.117316899211555525, 0.119160057175327641,
0.121016721826674792, 0.122886979509545108, 0.124770918580830933, 0.126668629437510671,
0.128580204545228199, 0.130505738468330773, 0.132445327901387494, 0.134399071702213602,
0.136367070926428829, 0.138349428863580176, 0.140346251074862399, 0.142357645432472146,
0.144383722160634720, 0.146424593878344889, 0.148480375643866735, 0.150551185001039839,
0.152637142027442801, 0.154738369384468027, 0.156854992369365148, 0.158987138969314129,
0.161134939917591952, 0.163298528751901734, 0.165478041874935922, 0.167673618617250081,
0.169885401302527550, 0.172113535315319977, 0.174358169171353411, 0.176619454590494829,
0.178897546572478278, 0.181192603475496261, 0.183504787097767436, 0.185834262762197083,
0.188181199404254262, 0.190545769663195363, 0.192928149976771296, 0.195328520679563189,
0.197747066105098818, 0.200183974691911210, 0.202639439093708962, 0.205113656293837654,
0.207606827724221982, 0.210119159388988230, 0.212650861992978224, 0.215202151075378628,
0.217773247148700472, 0.220364375843359439, 0.222975768058120111, 0.225607660116683956,
0.228260293930716618, 0.230933917169627356, 0.233628783437433291, 0.236345152457059560,
0.239083290262449094, 0.241843469398877131, 0.244625969131892024, 0.247431075665327543,
0.250259082368862240, 0.253110290015629402, 0.255985007030415324, 0.258883549749016173,
0.261806242689362922, 0.264753418835062149, 0.267725419932044739, 0.270722596799059967,
0.273745309652802915, 0.276793928448517301, 0.279868833236972869, 0.282970414538780746,
0.286099073737076826, 0.289255223489677693, 0.292439288161892630, 0.295651704281261252,
0.298892921015581847, 0.302163400675693528, 0.305463619244590256, 0.308794066934560185,
0.312155248774179606, 0.315547685227128949, 0.318971912844957239, 0.322428484956089223,
0.325917972393556354, 0.329440964264136438, 0.332998068761809096, 0.336589914028677717,
0.340217149066780189, 0.343880444704502575, 0.347580494621637148, 0.351318016437483449,
0.355093752866787626, 0.358908472948750001, 0.362762973354817997, 0.366658079781514379,
0.370594648435146223, 0.374573567615902381, 0.378595759409581067, 0.382662181496010056,
0.386773829084137932, 0.390931736984797384, 0.395136981833290435, 0.399390684475231350,
0.403694012530530555, 0.408048183152032673, 0.412454465997161457, 0.416914186433003209,
0.421428728997616908, 0.425999541143034677, 0.430628137288459167, 0.435316103215636907,
0.440065100842354173, 0.444876873414548846, 0.449753251162755330, 0.454696157474615836,
0.459707615642138023, 0.464789756250426511, 0.469944825283960310, 0.475175193037377708,
0.480483363930454543, 0.485871987341885248, 0.491343869594032867, 0.496901987241549881,
0.502549501841348056, 0.508289776410643213, 0.514126393814748894, 0.520063177368233931,
0.526104213983620062, 0.532253880263043655, 0.538516872002862246, 0.544898237672440056,
0.551403416540641733, 0.558038282262587892, 0.564809192912400615, 0.571723048664826150,
0.578787358602845359, 0.586010318477268366, 0.593400901691733762, 0.600968966365232560,
0.608725382079622346, 0.616682180915207878, 0.624852738703666200, 0.633251994214366398,
0.641896716427266423, 0.650805833414571433, 0.660000841079000145, 0.669506316731925177,
0.679350572264765806, 0.689566496117078431, 0.700192655082788606, 0.711274760805076456,
0.722867659593572465, 0.735038092431424039, 0.747868621985195658, 0.761463388849896838,
0.775956852040116218, 0.791527636972496285, 0.808421651523009044, 0.826993296643051101,
0.847785500623990496, 0.871704332381204705, 0.900469929925747703, 0.938143680862176477,
1.000000000000000000];

View File

@ -1,754 +0,0 @@
// Copyright 2017 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//
// Based on jitterentropy-library, http://www.chronox.de/jent.html.
// Copyright Stephan Mueller <smueller@chronox.de>, 2014 - 2017.
//
// With permission from Stephan Mueller to relicense the Rust translation under
// the MIT license.
//! Non-physical true random number generator based on timing jitter.
use Rng;
use core::{fmt, mem, ptr};
#[cfg(feature="std")]
use std::sync::atomic::{AtomicUsize, ATOMIC_USIZE_INIT, Ordering};
const MEMORY_BLOCKS: usize = 64;
const MEMORY_BLOCKSIZE: usize = 32;
const MEMORY_SIZE: usize = MEMORY_BLOCKS * MEMORY_BLOCKSIZE;
/// A true random number generator based on jitter in the CPU execution time,
/// and jitter in memory access time.
///
/// This is a true random number generator, as opposed to pseudo-random
/// generators. Random numbers generated by `JitterRng` can be seen as fresh
/// entropy. A consequence is that is orders of magnitude slower than `OsRng`
/// and PRNGs (about 10^3 .. 10^6 slower).
///
/// There are very few situations where using this RNG is appropriate. Only very
/// few applications require true entropy. A normal PRNG can be statistically
/// indistinguishable, and a cryptographic PRNG should also be as impossible to
/// predict.
///
/// Use of `JitterRng` is recommended for initializing cryptographic PRNGs when
/// `OsRng` is not available.
///
/// This implementation is based on
/// [Jitterentropy](http://www.chronox.de/jent.html) version 2.1.0.
//
// Note: the C implementation relies on being compiled without optimizations.
// This implementation goes through lengths to make the compiler not optimise
// out what is technically dead code, but that does influence timing jitter.
pub struct JitterRng {
data: u64, // Actual random number
// Number of rounds to run the entropy collector per 64 bits
rounds: u32,
// Timer and previous time stamp, used by `measure_jitter`
timer: fn() -> u64,
prev_time: u64,
// Deltas used for the stuck test
last_delta: i64,
last_delta2: i64,
// Memory for the Memory Access noise source
mem_prev_index: usize,
mem: [u8; MEMORY_SIZE],
// Make `next_u32` not waste 32 bits
data_remaining: Option<u32>,
}
// Custom Debug implementation that does not expose the internal state
impl fmt::Debug for JitterRng {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "JitterRng {{}}")
}
}
/// An error that can occur when `test_timer` fails.
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum TimerError {
/// No timer available.
NoTimer,
/// Timer too coarse to use as an entropy source.
CoarseTimer,
/// Timer is not monotonically increasing.
NotMonotonic,
/// Variations of deltas of time too small.
TinyVariantions,
/// Too many stuck results (indicating no added entropy).
TooManyStuck,
#[doc(hidden)]
__Nonexhaustive,
}
impl TimerError {
fn description(&self) -> &'static str {
match *self {
TimerError::NoTimer => "no timer available",
TimerError::CoarseTimer => "coarse timer",
TimerError::NotMonotonic => "timer not monotonic",
TimerError::TinyVariantions => "time delta variations too small",
TimerError::TooManyStuck => "too many stuck results",
TimerError::__Nonexhaustive => unreachable!(),
}
}
}
impl fmt::Display for TimerError {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "{}", self.description())
}
}
#[cfg(feature="std")]
impl ::std::error::Error for TimerError {
fn description(&self) -> &str {
self.description()
}
}
// Initialise to zero; must be positive
#[cfg(feature="std")]
static JITTER_ROUNDS: AtomicUsize = ATOMIC_USIZE_INIT;
impl JitterRng {
/// Create a new `JitterRng`.
/// Makes use of `std::time` for a timer.
///
/// During initialization CPU execution timing jitter is measured a few
/// hundred times. If this does not pass basic quality tests, an error is
/// returned. The test result is cached to make subsequent calls faster.
#[cfg(feature="std")]
pub fn new() -> Result<JitterRng, TimerError> {
let mut ec = JitterRng::new_with_timer(platform::get_nstime);
let mut rounds = JITTER_ROUNDS.load(Ordering::Relaxed) as u32;
if rounds == 0 {
// No result yet: run test.
// This allows the timer test to run multiple times; we don't care.
rounds = ec.test_timer()?;
JITTER_ROUNDS.store(rounds as usize, Ordering::Relaxed);
}
ec.set_rounds(rounds);
Ok(ec)
}
/// Create a new `JitterRng`.
/// A custom timer can be supplied, making it possible to use `JitterRng` in
/// `no_std` environments.
///
/// The timer must have nanosecond precision.
///
/// This method is more low-level than `new()`. It is the responsibility of
/// the caller to run `test_timer` before using any numbers generated with
/// `JitterRng`, and optionally call `set_rounds()`.
pub fn new_with_timer(timer: fn() -> u64) -> JitterRng {
let mut ec = JitterRng {
data: 0,
rounds: 64,
timer: timer,
prev_time: 0,
last_delta: 0,
last_delta2: 0,
mem_prev_index: 0,
mem: [0; MEMORY_SIZE],
data_remaining: None,
};
// Fill `data`, `prev_time`, `last_delta` and `last_delta2` with
// non-zero values.
ec.prev_time = timer();
ec.gen_entropy();
// Do a single read from `self.mem` to make sure the Memory Access noise
// source is not optimised out.
// Note: this read is important, it effects optimisations for the entire
// module!
black_box(ec.mem[0]);
ec
}
/// Configures how many rounds are used to generate each 64-bit value.
/// This must be greater than zero, and has a big impact on performance
/// and output quality.
///
/// `new_with_timer` conservatively uses 64 rounds, but often less rounds
/// can be used. The `test_timer()` function returns the minimum number of
/// rounds required for full strength (platform dependent), so one may use
/// `rng.set_rounds(rng.test_timer()?);` or cache the value.
pub fn set_rounds(&mut self, rounds: u32) {
assert!(rounds > 0);
self.rounds = rounds;
}
// Calculate a random loop count used for the next round of an entropy
// collection, based on bits from a fresh value from the timer.
//
// The timer is folded to produce a number that contains at most `n_bits`
// bits.
//
// Note: A constant should be added to the resulting random loop count to
// prevent loops that run 0 times.
#[inline(never)]
fn random_loop_cnt(&mut self, n_bits: u32) -> u32 {
let mut rounds = 0;
let mut time = (self.timer)();
// Mix with the current state of the random number balance the random
// loop counter a bit more.
time ^= self.data;
// We fold the time value as much as possible to ensure that as many
// bits of the time stamp are included as possible.
let folds = (64 + n_bits - 1) / n_bits;
let mask = (1 << n_bits) - 1;
for _ in 0..folds {
rounds ^= time & mask;
time = time >> n_bits;
}
rounds as u32
}
// CPU jitter noise source
// Noise source based on the CPU execution time jitter
//
// This function injects the individual bits of the time value into the
// entropy pool using an LFSR.
//
// The code is deliberately inefficient with respect to the bit shifting.
// This function not only acts as folding operation, but this function's
// execution is used to measure the CPU execution time jitter. Any change to
// the loop in this function implies that careful retesting must be done.
#[inline(never)]
fn lfsr_time(&mut self, time: u64, var_rounds: bool) {
fn lfsr(mut data: u64, time: u64) -> u64{
for i in 1..65 {
let mut tmp = time << (64 - i);
tmp = tmp >> (64 - 1);
// Fibonacci LSFR with polynomial of
// x^64 + x^61 + x^56 + x^31 + x^28 + x^23 + 1 which is
// primitive according to
// http://poincare.matf.bg.ac.rs/~ezivkovm/publications/primpol1.pdf
// (the shift values are the polynomial values minus one
// due to counting bits from 0 to 63). As the current
// position is always the LSB, the polynomial only needs
// to shift data in from the left without wrap.
data ^= tmp;
data ^= (data >> 63) & 1;
data ^= (data >> 60) & 1;
data ^= (data >> 55) & 1;
data ^= (data >> 30) & 1;
data ^= (data >> 27) & 1;
data ^= (data >> 22) & 1;
data = data.rotate_left(1);
}
data
}
// Note: in the reference implementation only the last round effects
// `self.data`, all the other results are ignored. To make sure the
// other rounds are not optimised out, we first run all but the last
// round on a throw-away value instead of the real `self.data`.
let mut lfsr_loop_cnt = 0;
if var_rounds { lfsr_loop_cnt = self.random_loop_cnt(4) };
let mut throw_away: u64 = 0;
for _ in 0..lfsr_loop_cnt {
throw_away = lfsr(throw_away, time);
}
black_box(throw_away);
self.data = lfsr(self.data, time);
}
// Memory Access noise source
// This is a noise source based on variations in memory access times
//
// This function performs memory accesses which will add to the timing
// variations due to an unknown amount of CPU wait states that need to be
// added when accessing memory. The memory size should be larger than the L1
// caches as outlined in the documentation and the associated testing.
//
// The L1 cache has a very high bandwidth, albeit its access rate is usually
// slower than accessing CPU registers. Therefore, L1 accesses only add
// minimal variations as the CPU has hardly to wait. Starting with L2,
// significant variations are added because L2 typically does not belong to
// the CPU any more and therefore a wider range of CPU wait states is
// necessary for accesses. L3 and real memory accesses have even a wider
// range of wait states. However, to reliably access either L3 or memory,
// the `self.mem` memory must be quite large which is usually not desirable.
#[inline(never)]
fn memaccess(&mut self, var_rounds: bool) {
let mut acc_loop_cnt = 128;
if var_rounds { acc_loop_cnt += self.random_loop_cnt(4) };
let mut index = self.mem_prev_index;
for _ in 0..acc_loop_cnt {
// Addition of memblocksize - 1 to index with wrap around logic to
// ensure that every memory location is hit evenly.
// The modulus also allows the compiler to remove the indexing
// bounds check.
index = (index + MEMORY_BLOCKSIZE - 1) % MEMORY_SIZE;
// memory access: just add 1 to one byte
// memory access implies read from and write to memory location
let tmp = self.mem[index];
self.mem[index] = tmp.wrapping_add(1);
}
self.mem_prev_index = index;
}
// Stuck test by checking the:
// - 1st derivation of the jitter measurement (time delta)
// - 2nd derivation of the jitter measurement (delta of time deltas)
// - 3rd derivation of the jitter measurement (delta of delta of time
// deltas)
//
// All values must always be non-zero.
// This test is a heuristic to see whether the last measurement holds
// entropy.
fn stuck(&mut self, current_delta: i64) -> bool {
let delta2 = self.last_delta - current_delta;
let delta3 = delta2 - self.last_delta2;
self.last_delta = current_delta;
self.last_delta2 = delta2;
current_delta == 0 || delta2 == 0 || delta3 == 0
}
// This is the heart of the entropy generation: calculate time deltas and
// use the CPU jitter in the time deltas. The jitter is injected into the
// entropy pool.
//
// Ensure that `self.prev_time` is primed before using the output of this
// function. This can be done by calling this function and not using its
// result.
fn measure_jitter(&mut self) -> Option<()> {
// Invoke one noise source before time measurement to add variations
self.memaccess(true);
// Get time stamp and calculate time delta to previous
// invocation to measure the timing variations
let time = (self.timer)();
// Note: wrapping_sub combined with a cast to `i64` generates a correct
// delta, even in the unlikely case this is a timer that is not strictly
// monotonic.
let current_delta = time.wrapping_sub(self.prev_time) as i64;
self.prev_time = time;
// Call the next noise source which also injects the data
self.lfsr_time(current_delta as u64, true);
// Check whether we have a stuck measurement (i.e. does the last
// measurement holds entropy?).
if self.stuck(current_delta) { return None };
// Rotate the data buffer by a prime number (any odd number would
// do) to ensure that every bit position of the input time stamp
// has an even chance of being merged with a bit position in the
// entropy pool. We do not use one here as the adjacent bits in
// successive time deltas may have some form of dependency. The
// chosen value of 7 implies that the low 7 bits of the next
// time delta value is concatenated with the current time delta.
self.data = self.data.rotate_left(7);
Some(())
}
// Shuffle the pool a bit by mixing some value with a bijective function
// (XOR) into the pool.
//
// The function generates a mixer value that depends on the bits set and
// the location of the set bits in the random number generated by the
// entropy source. Therefore, based on the generated random number, this
// mixer value can have 2^64 different values. That mixer value is
// initialized with the first two SHA-1 constants. After obtaining the
// mixer value, it is XORed into the random number.
//
// The mixer value is not assumed to contain any entropy. But due to the
// XOR operation, it can also not destroy any entropy present in the
// entropy pool.
#[inline(never)]
fn stir_pool(&mut self) {
// This constant is derived from the first two 32 bit initialization
// vectors of SHA-1 as defined in FIPS 180-4 section 5.3.1
// The order does not really matter as we do not rely on the specific
// numbers. We just pick the SHA-1 constants as they have a good mix of
// bit set and unset.
const CONSTANT: u64 = 0x67452301efcdab89;
// The start value of the mixer variable is derived from the third
// and fourth 32 bit initialization vector of SHA-1 as defined in
// FIPS 180-4 section 5.3.1
let mut mixer = 0x98badcfe10325476;
// This is a constant time function to prevent leaking timing
// information about the random number.
// The normal code is:
// ```
// for i in 0..64 {
// if ((self.data >> i) & 1) == 1 { mixer ^= CONSTANT; }
// }
// ```
// This is a bit fragile, as LLVM really wants to use branches here, and
// we rely on it to not recognise the opportunity.
for i in 0..64 {
let apply = (self.data >> i) & 1;
let mask = !apply.wrapping_sub(1);
mixer ^= CONSTANT & mask;
mixer = mixer.rotate_left(1);
}
self.data ^= mixer;
}
fn gen_entropy(&mut self) -> u64 {
// Prime `self.prev_time`, and run the noice sources to make sure the
// first loop round collects the expected entropy.
let _ = self.measure_jitter();
for _ in 0..self.rounds {
// If a stuck measurement is received, repeat measurement
// Note: we do not guard against an infinite loop, that would mean
// the timer suddenly became broken.
while self.measure_jitter().is_none() {}
}
self.stir_pool();
self.data
}
/// Basic quality tests on the timer, by measuring CPU timing jitter a few
/// hundred times.
///
/// If succesful, this will return the estimated number of rounds necessary
/// to collect 64 bits of entropy. Otherwise a `TimerError` with the cause
/// of the failure will be returned.
pub fn test_timer(&mut self) -> Result<u32, TimerError> {
// We could add a check for system capabilities such as `clock_getres`
// or check for `CONFIG_X86_TSC`, but it does not make much sense as the
// following sanity checks verify that we have a high-resolution timer.
#[cfg(all(target_arch = "wasm32", not(target_os = "emscripten")))]
return Err(TimerError::NoTimer);
let mut delta_sum = 0;
let mut old_delta = 0;
let mut time_backwards = 0;
let mut count_mod = 0;
let mut count_stuck = 0;
// TESTLOOPCOUNT needs some loops to identify edge systems.
// 100 is definitely too little.
const TESTLOOPCOUNT: u64 = 300;
const CLEARCACHE: u64 = 100;
for i in 0..(CLEARCACHE + TESTLOOPCOUNT) {
// Measure time delta of core entropy collection logic
let time = (self.timer)();
self.memaccess(true);
self.lfsr_time(time, true);
let time2 = (self.timer)();
// Test whether timer works
if time == 0 || time2 == 0 {
return Err(TimerError::NoTimer);
}
let delta = time2.wrapping_sub(time) as i64;
// Test whether timer is fine grained enough to provide delta even
// when called shortly after each other -- this implies that we also
// have a high resolution timer
if delta == 0 {
return Err(TimerError::CoarseTimer);
}
// Up to here we did not modify any variable that will be
// evaluated later, but we already performed some work. Thus we
// already have had an impact on the caches, branch prediction,
// etc. with the goal to clear it to get the worst case
// measurements.
if i < CLEARCACHE { continue; }
if self.stuck(delta) { count_stuck += 1; }
// Test whether we have an increasing timer.
if !(time2 > time) { time_backwards += 1; }
// Count the number of times the counter increases in steps of 100ns
// or greater.
if (delta % 100) == 0 { count_mod += 1; }
// Ensure that we have a varying delta timer which is necessary for
// the calculation of entropy -- perform this check only after the
// first loop is executed as we need to prime the old_delta value
delta_sum += (delta - old_delta).abs() as u64;
old_delta = delta;
}
// We allow the time to run backwards for up to three times.
// This can happen if the clock is being adjusted by NTP operations.
// If such an operation just happens to interfere with our test, it
// should not fail. The value of 3 should cover the NTP case being
// performed during our test run.
if time_backwards > 3 {
return Err(TimerError::NotMonotonic);
}
// Test that the available amount of entropy per round does not get to
// low. We expect 1 bit of entropy per round as a reasonable minimum
// (although less is possible, it means the collector loop has to run
// much more often).
// `assert!(delta_average >= log2(1))`
// `assert!(delta_sum / TESTLOOPCOUNT >= 1)`
// `assert!(delta_sum >= TESTLOOPCOUNT)`
if delta_sum < TESTLOOPCOUNT {
return Err(TimerError::TinyVariantions);
}
// Ensure that we have variations in the time stamp below 100 for at
// least 10% of all checks -- on some platforms, the counter increments
// in multiples of 100, but not always
if count_mod > (TESTLOOPCOUNT * 9 / 10) {
return Err(TimerError::CoarseTimer);
}
// If we have more than 90% stuck results, then this Jitter RNG is
// likely to not work well.
if count_stuck > (TESTLOOPCOUNT * 9 / 10) {
return Err(TimerError::TooManyStuck);
}
// Estimate the number of `measure_jitter` rounds necessary for 64 bits
// of entropy.
//
// We don't try very hard to come up with a good estimate of the
// available bits of entropy per round here for two reasons:
// 1. Simple estimates of the available bits (like Shannon entropy) are
// too optimistic.
// 2) Unless we want to waste a lot of time during intialization, there
// only a small number of samples are available.
//
// Therefore we use a very simple and conservative estimate:
// `let bits_of_entropy = log2(delta_average) / 2`.
//
// The number of rounds `measure_jitter` should run to collect 64 bits
// of entropy is `64 / bits_of_entropy`.
//
// To have smaller rounding errors, intermediate values are multiplied
// by `FACTOR`. To compensate for `log2` and division rounding down,
// add 1.
let delta_average = delta_sum / TESTLOOPCOUNT;
// println!("delta_average: {}", delta_average);
const FACTOR: u32 = 3;
fn log2(x: u64) -> u32 { 64 - x.leading_zeros() }
// pow(δ, FACTOR) must be representable; if you have overflow reduce FACTOR
Ok(64 * 2 * FACTOR / (log2(delta_average.pow(FACTOR)) + 1))
}
/// Statistical test: return the timer delta of one normal run of the
/// `JitterEntropy` entropy collector.
///
/// Setting `var_rounds` to `true` will execute the memory access and the
/// CPU jitter noice sources a variable amount of times (just like a real
/// `JitterEntropy` round).
///
/// Setting `var_rounds` to `false` will execute the noice sources the
/// minimal number of times. This can be used to measure the minimum amount
/// of entropy one round of entropy collector can collect in the worst case.
///
/// # Example
///
/// Use `timer_stats` to run the [NIST SP 800-90B Entropy Estimation Suite]
/// (https://github.com/usnistgov/SP800-90B_EntropyAssessment).
///
/// This is the recommended way to test the quality of `JitterRng`. It
/// should be run before using the RNG on untested hardware, after changes
/// that could effect how the code is optimised, and after major compiler
/// compiler changes, like a new LLVM version.
///
/// First generate two files `jitter_rng_var.bin` and `jitter_rng_var.min`.
///
/// Execute `python noniid_main.py -v jitter_rng_var.bin 8`, and validate it
/// with `restart.py -v jitter_rng_var.bin 8 <min-entropy>`.
/// This number is the expected amount of entropy that is at least available
/// for each round of the entropy collector. This number should be greater
/// than the amount estimated with `64 / test_timer()`.
///
/// Execute `python noniid_main.py -v -u 4 jitter_rng_var.bin 4`, and
/// validate it with `restart.py -v -u 4 jitter_rng_var.bin 4 <min-entropy>`.
/// This number is the expected amount of entropy that is available in the
/// last 4 bits of the timer delta after running noice sources. Note that
/// a value of 3.70 is the minimum estimated entropy for true randomness.
///
/// Execute `python noniid_main.py -v -u 4 jitter_rng_var.bin 4`, and
/// validate it with `restart.py -v -u 4 jitter_rng_var.bin 4 <min-entropy>`.
/// This number is the expected amount of entropy that is available to the
/// entropy collecter if both noice sources only run their minimal number of
/// times. This measures the absolute worst-case, and gives a lower bound
/// for the available entropy.
///
/// ```rust,no_run
/// use rand::JitterRng;
///
/// # use std::error::Error;
/// # use std::fs::File;
/// # use std::io::Write;
/// #
/// # fn try_main() -> Result<(), Box<Error>> {
/// fn get_nstime() -> u64 {
/// use std::time::{SystemTime, UNIX_EPOCH};
///
/// let dur = SystemTime::now().duration_since(UNIX_EPOCH).unwrap();
/// // The correct way to calculate the current time is
/// // `dur.as_secs() * 1_000_000_000 + dur.subsec_nanos() as u64`
/// // But this is faster, and the difference in terms of entropy is
/// // negligible (log2(10^9) == 29.9).
/// dur.as_secs() << 30 | dur.subsec_nanos() as u64
/// }
///
/// // Do not initialize with `JitterRng::new`, but with `new_with_timer`.
/// // 'new' always runst `test_timer`, and can therefore fail to
/// // initialize. We want to be able to get the statistics even when the
/// // timer test fails.
/// let mut rng = JitterRng::new_with_timer(get_nstime);
///
/// // 1_000_000 results are required for the NIST SP 800-90B Entropy
/// // Estimation Suite
/// // FIXME: this number is smaller here, otherwise the Doc-test is too slow
/// const ROUNDS: usize = 10_000;
/// let mut deltas_variable: Vec<u8> = Vec::with_capacity(ROUNDS);
/// let mut deltas_minimal: Vec<u8> = Vec::with_capacity(ROUNDS);
///
/// for _ in 0..ROUNDS {
/// deltas_variable.push(rng.timer_stats(true) as u8);
/// deltas_minimal.push(rng.timer_stats(false) as u8);
/// }
///
/// // Write out after the statistics collection loop, to not disturb the
/// // test results.
/// File::create("jitter_rng_var.bin")?.write(&deltas_variable)?;
/// File::create("jitter_rng_min.bin")?.write(&deltas_minimal)?;
/// #
/// # Ok(())
/// # }
/// #
/// # fn main() {
/// # try_main().unwrap();
/// # }
/// ```
#[cfg(feature="std")]
pub fn timer_stats(&mut self, var_rounds: bool) -> i64 {
let time = platform::get_nstime();
self.memaccess(var_rounds);
self.lfsr_time(time, var_rounds);
let time2 = platform::get_nstime();
time2.wrapping_sub(time) as i64
}
}
#[cfg(feature="std")]
mod platform {
#[cfg(not(any(target_os = "macos", target_os = "ios", target_os = "windows", all(target_arch = "wasm32", not(target_os = "emscripten")))))]
pub fn get_nstime() -> u64 {
use std::time::{SystemTime, UNIX_EPOCH};
let dur = SystemTime::now().duration_since(UNIX_EPOCH).unwrap();
// The correct way to calculate the current time is
// `dur.as_secs() * 1_000_000_000 + dur.subsec_nanos() as u64`
// But this is faster, and the difference in terms of entropy is negligible
// (log2(10^9) == 29.9).
dur.as_secs() << 30 | dur.subsec_nanos() as u64
}
#[cfg(any(target_os = "macos", target_os = "ios"))]
pub fn get_nstime() -> u64 {
extern crate libc;
// On Mac OS and iOS std::time::SystemTime only has 1000ns resolution.
// We use `mach_absolute_time` instead. This provides a CPU dependent unit,
// to get real nanoseconds the result should by multiplied by numer/denom
// from `mach_timebase_info`.
// But we are not interested in the exact nanoseconds, just entropy. So we
// use the raw result.
unsafe { libc::mach_absolute_time() }
}
#[cfg(target_os = "windows")]
pub fn get_nstime() -> u64 {
extern crate winapi;
unsafe {
let mut t = super::mem::zeroed();
winapi::um::profileapi::QueryPerformanceCounter(&mut t);
*t.QuadPart() as u64
}
}
#[cfg(all(target_arch = "wasm32", not(target_os = "emscripten")))]
pub fn get_nstime() -> u64 {
unreachable!()
}
}
// A function that is opaque to the optimizer to assist in avoiding dead-code
// elimination. Taken from `bencher`.
fn black_box<T>(dummy: T) -> T {
unsafe {
let ret = ptr::read_volatile(&dummy);
mem::forget(dummy);
ret
}
}
impl Rng for JitterRng {
fn next_u32(&mut self) -> u32 {
// We want to use both parts of the generated entropy
if let Some(high) = self.data_remaining.take() {
high
} else {
let data = self.next_u64();
self.data_remaining = Some((data >> 32) as u32);
data as u32
}
}
fn next_u64(&mut self) -> u64 {
self.gen_entropy()
}
fn fill_bytes(&mut self, dest: &mut [u8]) {
let mut left = dest;
while left.len() >= 8 {
let (l, r) = {left}.split_at_mut(8);
left = r;
let chunk: [u8; 8] = unsafe {
mem::transmute(self.next_u64().to_le())
};
l.copy_from_slice(&chunk);
}
let n = left.len();
if n > 0 {
let chunk: [u8; 8] = unsafe {
mem::transmute(self.next_u64().to_le())
};
left.copy_from_slice(&chunk[..n]);
}
}
}
// There are no tests included because (1) this is an "external" RNG, so output
// is not reproducible and (2) `test_timer` *will* fail on some platforms.

File diff suppressed because it is too large Load Diff

View File

@ -1,656 +0,0 @@
// Copyright 2013-2015 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! Interfaces to the operating system provided random number
//! generators.
use std::{io, fmt};
#[cfg(not(target_env = "sgx"))]
use std::mem;
use Rng;
/// A random number generator that retrieves randomness straight from
/// the operating system. Platform sources:
///
/// - Unix-like systems (Linux, Android, Mac OSX): read directly from
/// `/dev/urandom`, or from `getrandom(2)` system call if available.
/// - OpenBSD: calls `getentropy(2)`
/// - FreeBSD: uses the `kern.arandom` `sysctl(2)` mib
/// - Windows: calls `RtlGenRandom`, exported from `advapi32.dll` as
/// `SystemFunction036`.
/// - iOS: calls SecRandomCopyBytes as /dev/(u)random is sandboxed.
/// - PNaCl: calls into the `nacl-irt-random-0.1` IRT interface.
///
/// This usually does not block. On some systems (e.g. FreeBSD, OpenBSD,
/// Max OS X, and modern Linux) this may block very early in the init
/// process, if the CSPRNG has not been seeded yet.[1]
///
/// [1] See <https://www.python.org/dev/peps/pep-0524/> for a more
/// in-depth discussion.
pub struct OsRng(imp::OsRng);
impl OsRng {
/// Create a new `OsRng`.
pub fn new() -> io::Result<OsRng> {
imp::OsRng::new().map(OsRng)
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 { self.0.next_u32() }
fn next_u64(&mut self) -> u64 { self.0.next_u64() }
fn fill_bytes(&mut self, v: &mut [u8]) { self.0.fill_bytes(v) }
}
impl fmt::Debug for OsRng {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "OsRng {{}}")
}
}
#[cfg(not(target_env = "sgx"))]
fn next_u32(fill_buf: &mut FnMut(&mut [u8])) -> u32 {
let mut buf: [u8; 4] = [0; 4];
fill_buf(&mut buf);
unsafe { mem::transmute::<[u8; 4], u32>(buf) }
}
#[cfg(not(target_env = "sgx"))]
fn next_u64(fill_buf: &mut FnMut(&mut [u8])) -> u64 {
let mut buf: [u8; 8] = [0; 8];
fill_buf(&mut buf);
unsafe { mem::transmute::<[u8; 8], u64>(buf) }
}
#[cfg(all(unix, not(target_os = "ios"),
not(target_os = "nacl"),
not(target_os = "freebsd"),
not(target_os = "fuchsia"),
not(target_os = "openbsd"),
not(target_os = "redox")))]
mod imp {
extern crate libc;
use super::{next_u32, next_u64};
use self::OsRngInner::*;
use std::io;
use std::fs::File;
use Rng;
use read::ReadRng;
#[cfg(all(target_os = "linux",
any(target_arch = "x86_64",
target_arch = "x86",
target_arch = "arm",
target_arch = "aarch64",
target_arch = "powerpc")))]
fn getrandom(buf: &mut [u8]) -> libc::c_long {
extern "C" {
fn syscall(number: libc::c_long, ...) -> libc::c_long;
}
#[cfg(target_arch = "x86_64")]
const NR_GETRANDOM: libc::c_long = 318;
#[cfg(target_arch = "x86")]
const NR_GETRANDOM: libc::c_long = 355;
#[cfg(target_arch = "arm")]
const NR_GETRANDOM: libc::c_long = 384;
#[cfg(target_arch = "aarch64")]
const NR_GETRANDOM: libc::c_long = 278;
#[cfg(target_arch = "powerpc")]
const NR_GETRANDOM: libc::c_long = 359;
unsafe {
syscall(NR_GETRANDOM, buf.as_mut_ptr(), buf.len(), 0)
}
}
#[cfg(not(all(target_os = "linux",
any(target_arch = "x86_64",
target_arch = "x86",
target_arch = "arm",
target_arch = "aarch64",
target_arch = "powerpc"))))]
fn getrandom(_buf: &mut [u8]) -> libc::c_long { -1 }
fn getrandom_fill_bytes(v: &mut [u8]) {
let mut read = 0;
let len = v.len();
while read < len {
let result = getrandom(&mut v[read..]);
if result == -1 {
let err = io::Error::last_os_error();
if err.kind() == io::ErrorKind::Interrupted {
continue
} else {
panic!("unexpected getrandom error: {}", err);
}
} else {
read += result as usize;
}
}
}
#[cfg(all(target_os = "linux",
any(target_arch = "x86_64",
target_arch = "x86",
target_arch = "arm",
target_arch = "aarch64",
target_arch = "powerpc")))]
fn is_getrandom_available() -> bool {
use std::sync::atomic::{AtomicBool, ATOMIC_BOOL_INIT, Ordering};
use std::sync::{Once, ONCE_INIT};
static CHECKER: Once = ONCE_INIT;
static AVAILABLE: AtomicBool = ATOMIC_BOOL_INIT;
CHECKER.call_once(|| {
let mut buf: [u8; 0] = [];
let result = getrandom(&mut buf);
let available = if result == -1 {
let err = io::Error::last_os_error().raw_os_error();
err != Some(libc::ENOSYS)
} else {
true
};
AVAILABLE.store(available, Ordering::Relaxed);
});
AVAILABLE.load(Ordering::Relaxed)
}
#[cfg(not(all(target_os = "linux",
any(target_arch = "x86_64",
target_arch = "x86",
target_arch = "arm",
target_arch = "aarch64",
target_arch = "powerpc"))))]
fn is_getrandom_available() -> bool { false }
pub struct OsRng {
inner: OsRngInner,
}
enum OsRngInner {
OsGetrandomRng,
OsReadRng(ReadRng<File>),
}
impl OsRng {
pub fn new() -> io::Result<OsRng> {
if is_getrandom_available() {
return Ok(OsRng { inner: OsGetrandomRng });
}
let reader = try!(File::open("/dev/urandom"));
let reader_rng = ReadRng::new(reader);
Ok(OsRng { inner: OsReadRng(reader_rng) })
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
match self.inner {
OsGetrandomRng => next_u32(&mut getrandom_fill_bytes),
OsReadRng(ref mut rng) => rng.next_u32(),
}
}
fn next_u64(&mut self) -> u64 {
match self.inner {
OsGetrandomRng => next_u64(&mut getrandom_fill_bytes),
OsReadRng(ref mut rng) => rng.next_u64(),
}
}
fn fill_bytes(&mut self, v: &mut [u8]) {
match self.inner {
OsGetrandomRng => getrandom_fill_bytes(v),
OsReadRng(ref mut rng) => rng.fill_bytes(v)
}
}
}
}
#[cfg(target_os = "ios")]
mod imp {
extern crate libc;
use super::{next_u32, next_u64};
use std::io;
use Rng;
use self::libc::{c_int, size_t};
#[derive(Debug)]
pub struct OsRng;
enum SecRandom {}
#[allow(non_upper_case_globals)]
const kSecRandomDefault: *const SecRandom = 0 as *const SecRandom;
#[link(name = "Security", kind = "framework")]
extern {
fn SecRandomCopyBytes(rnd: *const SecRandom,
count: size_t, bytes: *mut u8) -> c_int;
}
impl OsRng {
pub fn new() -> io::Result<OsRng> {
Ok(OsRng)
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
next_u32(&mut |v| self.fill_bytes(v))
}
fn next_u64(&mut self) -> u64 {
next_u64(&mut |v| self.fill_bytes(v))
}
fn fill_bytes(&mut self, v: &mut [u8]) {
let ret = unsafe {
SecRandomCopyBytes(kSecRandomDefault, v.len() as size_t, v.as_mut_ptr())
};
if ret == -1 {
panic!("couldn't generate random bytes: {}", io::Error::last_os_error());
}
}
}
}
#[cfg(target_os = "freebsd")]
mod imp {
extern crate libc;
use std::{io, ptr};
use Rng;
use super::{next_u32, next_u64};
#[derive(Debug)]
pub struct OsRng;
impl OsRng {
pub fn new() -> io::Result<OsRng> {
Ok(OsRng)
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
next_u32(&mut |v| self.fill_bytes(v))
}
fn next_u64(&mut self) -> u64 {
next_u64(&mut |v| self.fill_bytes(v))
}
fn fill_bytes(&mut self, v: &mut [u8]) {
let mib = [libc::CTL_KERN, libc::KERN_ARND];
// kern.arandom permits a maximum buffer size of 256 bytes
for s in v.chunks_mut(256) {
let mut s_len = s.len();
let ret = unsafe {
libc::sysctl(mib.as_ptr(), mib.len() as libc::c_uint,
s.as_mut_ptr() as *mut _, &mut s_len,
ptr::null(), 0)
};
if ret == -1 || s_len != s.len() {
panic!("kern.arandom sysctl failed! (returned {}, s.len() {}, oldlenp {})",
ret, s.len(), s_len);
}
}
}
}
}
#[cfg(target_os = "openbsd")]
mod imp {
extern crate libc;
use std::io;
use Rng;
use super::{next_u32, next_u64};
#[derive(Debug)]
pub struct OsRng;
impl OsRng {
pub fn new() -> io::Result<OsRng> {
Ok(OsRng)
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
next_u32(&mut |v| self.fill_bytes(v))
}
fn next_u64(&mut self) -> u64 {
next_u64(&mut |v| self.fill_bytes(v))
}
fn fill_bytes(&mut self, v: &mut [u8]) {
// getentropy(2) permits a maximum buffer size of 256 bytes
for s in v.chunks_mut(256) {
let ret = unsafe {
libc::getentropy(s.as_mut_ptr() as *mut libc::c_void, s.len())
};
if ret == -1 {
let err = io::Error::last_os_error();
panic!("getentropy failed: {}", err);
}
}
}
}
}
#[cfg(target_os = "redox")]
mod imp {
use std::io;
use std::fs::File;
use Rng;
use read::ReadRng;
#[derive(Debug)]
pub struct OsRng {
inner: ReadRng<File>,
}
impl OsRng {
pub fn new() -> io::Result<OsRng> {
let reader = try!(File::open("rand:"));
let reader_rng = ReadRng::new(reader);
Ok(OsRng { inner: reader_rng })
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
self.inner.next_u32()
}
fn next_u64(&mut self) -> u64 {
self.inner.next_u64()
}
fn fill_bytes(&mut self, v: &mut [u8]) {
self.inner.fill_bytes(v)
}
}
}
#[cfg(target_os = "fuchsia")]
mod imp {
extern crate fuchsia_cprng;
use std::io;
use Rng;
use super::{next_u32, next_u64};
#[derive(Debug)]
pub struct OsRng;
impl OsRng {
pub fn new() -> io::Result<OsRng> {
Ok(OsRng)
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
next_u32(&mut |v| self.fill_bytes(v))
}
fn next_u64(&mut self) -> u64 {
next_u64(&mut |v| self.fill_bytes(v))
}
fn fill_bytes(&mut self, v: &mut [u8]) {
fuchsia_cprng::cprng_draw(v);
}
}
}
#[cfg(windows)]
mod imp {
extern crate winapi;
use std::io;
use Rng;
use super::{next_u32, next_u64};
use self::winapi::shared::minwindef::ULONG;
use self::winapi::um::ntsecapi::RtlGenRandom;
use self::winapi::um::winnt::PVOID;
#[derive(Debug)]
pub struct OsRng;
impl OsRng {
pub fn new() -> io::Result<OsRng> {
Ok(OsRng)
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
next_u32(&mut |v| self.fill_bytes(v))
}
fn next_u64(&mut self) -> u64 {
next_u64(&mut |v| self.fill_bytes(v))
}
fn fill_bytes(&mut self, v: &mut [u8]) {
// RtlGenRandom takes an ULONG (u32) for the length so we need to
// split up the buffer.
for slice in v.chunks_mut(<ULONG>::max_value() as usize) {
let ret = unsafe {
RtlGenRandom(slice.as_mut_ptr() as PVOID, slice.len() as ULONG)
};
if ret == 0 {
panic!("couldn't generate random bytes: {}",
io::Error::last_os_error());
}
}
}
}
}
#[cfg(target_os = "nacl")]
mod imp {
extern crate libc;
use std::io;
use std::mem;
use Rng;
use super::{next_u32, next_u64};
#[derive(Debug)]
pub struct OsRng(extern fn(dest: *mut libc::c_void,
bytes: libc::size_t,
read: *mut libc::size_t) -> libc::c_int);
extern {
fn nacl_interface_query(name: *const libc::c_char,
table: *mut libc::c_void,
table_size: libc::size_t) -> libc::size_t;
}
const INTERFACE: &'static [u8] = b"nacl-irt-random-0.1\0";
#[repr(C)]
struct NaClIRTRandom {
get_random_bytes: Option<extern fn(dest: *mut libc::c_void,
bytes: libc::size_t,
read: *mut libc::size_t) -> libc::c_int>,
}
impl OsRng {
pub fn new() -> io::Result<OsRng> {
let mut iface = NaClIRTRandom {
get_random_bytes: None,
};
let result = unsafe {
nacl_interface_query(INTERFACE.as_ptr() as *const _,
mem::transmute(&mut iface),
mem::size_of::<NaClIRTRandom>() as libc::size_t)
};
if result != 0 {
assert!(iface.get_random_bytes.is_some());
let result = OsRng(iface.get_random_bytes.take().unwrap());
Ok(result)
} else {
let error = io::ErrorKind::NotFound;
let error = io::Error::new(error, "IRT random interface missing");
Err(error)
}
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
next_u32(&mut |v| self.fill_bytes(v))
}
fn next_u64(&mut self) -> u64 {
next_u64(&mut |v| self.fill_bytes(v))
}
fn fill_bytes(&mut self, v: &mut [u8]) {
let mut read = 0;
loop {
let mut r: libc::size_t = 0;
let len = v.len();
let error = (self.0)(v[read..].as_mut_ptr() as *mut _,
(len - read) as libc::size_t,
&mut r as *mut _);
assert!(error == 0, "`get_random_bytes` failed!");
read += r as usize;
if read >= v.len() { break; }
}
}
}
}
#[cfg(all(target_arch = "wasm32", not(target_os = "emscripten")))]
mod imp {
use std::io;
use Rng;
#[derive(Debug)]
pub struct OsRng;
impl OsRng {
pub fn new() -> io::Result<OsRng> {
Err(io::Error::new(io::ErrorKind::Other, "Not supported"))
}
}
impl Rng for OsRng {
fn next_u32(&mut self) -> u32 {
panic!("Not supported")
}
}
}
#[cfg(target_env = "sgx")]
mod imp {
use rdrand::RdRand;
use std::io;
use rand_core::RngCore;
pub struct OsRng{
gen: RdRand
}
impl OsRng {
pub fn new() -> io::Result<OsRng> {
match RdRand::new() {
Ok(rng) => Ok(OsRng { gen: rng }),
Err(_) => Err(io::Error::new(io::ErrorKind::Other, "Not supported"))
}
}
pub(crate) fn next_u32(&mut self) -> u32 {
match self.gen.try_next_u32() {
Some(n) => n,
None => panic!("Non-recoverable hardware failure has occured")
}
}
pub(crate) fn next_u64(&mut self) -> u64 {
match self.gen.try_next_u64() {
Some(n) => n,
None => panic!("Non-recoverable hardware failure has occured")
}
}
pub(crate) fn fill_bytes(&mut self, v: &mut [u8]) {
match self.gen.try_fill_bytes(v) {
Ok(_) => {},
Err(_) => panic!("Non-recoverable hardware failure has occured")
}
}
}
}
#[cfg(test)]
mod test {
use std::sync::mpsc::channel;
use Rng;
use OsRng;
use std::thread;
#[test]
fn test_os_rng() {
let mut r = OsRng::new().unwrap();
r.next_u32();
r.next_u64();
let mut v = [0u8; 1000];
r.fill_bytes(&mut v);
}
#[test]
fn test_os_rng_tasks() {
let mut txs = vec!();
for _ in 0..20 {
let (tx, rx) = channel();
txs.push(tx);
thread::spawn(move|| {
// wait until all the tasks are ready to go.
rx.recv().unwrap();
// deschedule to attempt to interleave things as much
// as possible (XXX: is this a good test?)
let mut r = OsRng::new().unwrap();
thread::yield_now();
let mut v = [0u8; 1000];
for _ in 0..100 {
r.next_u32();
thread::yield_now();
r.next_u64();
thread::yield_now();
r.fill_bytes(&mut v);
thread::yield_now();
}
});
}
// start all the tasks
for tx in txs.iter() {
tx.send(()).unwrap();
}
}
}

View File

@ -1,321 +0,0 @@
// Copyright 2014 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! The ChaCha random number generator.
use core::num::Wrapping as w;
use {Rng, SeedableRng, Rand};
#[allow(bad_style)]
type w32 = w<u32>;
const KEY_WORDS : usize = 8; // 8 words for the 256-bit key
const STATE_WORDS : usize = 16;
const CHACHA_ROUNDS: u32 = 20; // Cryptographically secure from 8 upwards as of this writing
/// A random number generator that uses the ChaCha20 algorithm [1].
///
/// The ChaCha algorithm is widely accepted as suitable for
/// cryptographic purposes, but this implementation has not been
/// verified as such. Prefer a generator like `OsRng` that defers to
/// the operating system for cases that need high security.
///
/// [1]: D. J. Bernstein, [*ChaCha, a variant of
/// Salsa20*](http://cr.yp.to/chacha.html)
#[derive(Copy, Clone, Debug)]
pub struct ChaChaRng {
buffer: [w32; STATE_WORDS], // Internal buffer of output
state: [w32; STATE_WORDS], // Initial state
index: usize, // Index into state
}
static EMPTY: ChaChaRng = ChaChaRng {
buffer: [w(0); STATE_WORDS],
state: [w(0); STATE_WORDS],
index: STATE_WORDS
};
macro_rules! quarter_round{
($a: expr, $b: expr, $c: expr, $d: expr) => {{
$a = $a + $b; $d = $d ^ $a; $d = w($d.0.rotate_left(16));
$c = $c + $d; $b = $b ^ $c; $b = w($b.0.rotate_left(12));
$a = $a + $b; $d = $d ^ $a; $d = w($d.0.rotate_left( 8));
$c = $c + $d; $b = $b ^ $c; $b = w($b.0.rotate_left( 7));
}}
}
macro_rules! double_round{
($x: expr) => {{
// Column round
quarter_round!($x[ 0], $x[ 4], $x[ 8], $x[12]);
quarter_round!($x[ 1], $x[ 5], $x[ 9], $x[13]);
quarter_round!($x[ 2], $x[ 6], $x[10], $x[14]);
quarter_round!($x[ 3], $x[ 7], $x[11], $x[15]);
// Diagonal round
quarter_round!($x[ 0], $x[ 5], $x[10], $x[15]);
quarter_round!($x[ 1], $x[ 6], $x[11], $x[12]);
quarter_round!($x[ 2], $x[ 7], $x[ 8], $x[13]);
quarter_round!($x[ 3], $x[ 4], $x[ 9], $x[14]);
}}
}
#[inline]
fn core(output: &mut [w32; STATE_WORDS], input: &[w32; STATE_WORDS]) {
*output = *input;
for _ in 0..CHACHA_ROUNDS / 2 {
double_round!(output);
}
for i in 0..STATE_WORDS {
output[i] = output[i] + input[i];
}
}
impl ChaChaRng {
/// Create an ChaCha random number generator using the default
/// fixed key of 8 zero words.
///
/// # Examples
///
/// ```rust
/// use rand::{Rng, ChaChaRng};
///
/// let mut ra = ChaChaRng::new_unseeded();
/// println!("{:?}", ra.next_u32());
/// println!("{:?}", ra.next_u32());
/// ```
///
/// Since this equivalent to a RNG with a fixed seed, repeated executions
/// of an unseeded RNG will produce the same result. This code sample will
/// consistently produce:
///
/// - 2917185654
/// - 2419978656
pub fn new_unseeded() -> ChaChaRng {
let mut rng = EMPTY;
rng.init(&[0; KEY_WORDS]);
rng
}
/// Sets the internal 128-bit ChaCha counter to
/// a user-provided value. This permits jumping
/// arbitrarily ahead (or backwards) in the pseudorandom stream.
///
/// Since the nonce words are used to extend the counter to 128 bits,
/// users wishing to obtain the conventional ChaCha pseudorandom stream
/// associated with a particular nonce can call this function with
/// arguments `0, desired_nonce`.
///
/// # Examples
///
/// ```rust
/// use rand::{Rng, ChaChaRng};
///
/// let mut ra = ChaChaRng::new_unseeded();
/// ra.set_counter(0u64, 1234567890u64);
/// println!("{:?}", ra.next_u32());
/// println!("{:?}", ra.next_u32());
/// ```
pub fn set_counter(&mut self, counter_low: u64, counter_high: u64) {
self.state[12] = w((counter_low >> 0) as u32);
self.state[13] = w((counter_low >> 32) as u32);
self.state[14] = w((counter_high >> 0) as u32);
self.state[15] = w((counter_high >> 32) as u32);
self.index = STATE_WORDS; // force recomputation
}
/// Initializes `self.state` with the appropriate key and constants
///
/// We deviate slightly from the ChaCha specification regarding
/// the nonce, which is used to extend the counter to 128 bits.
/// This is provably as strong as the original cipher, though,
/// since any distinguishing attack on our variant also works
/// against ChaCha with a chosen-nonce. See the XSalsa20 [1]
/// security proof for a more involved example of this.
///
/// The modified word layout is:
/// ```text
/// constant constant constant constant
/// key key key key
/// key key key key
/// counter counter counter counter
/// ```
/// [1]: Daniel J. Bernstein. [*Extending the Salsa20
/// nonce.*](http://cr.yp.to/papers.html#xsalsa)
fn init(&mut self, key: &[u32; KEY_WORDS]) {
self.state[0] = w(0x61707865);
self.state[1] = w(0x3320646E);
self.state[2] = w(0x79622D32);
self.state[3] = w(0x6B206574);
for i in 0..KEY_WORDS {
self.state[4+i] = w(key[i]);
}
self.state[12] = w(0);
self.state[13] = w(0);
self.state[14] = w(0);
self.state[15] = w(0);
self.index = STATE_WORDS;
}
/// Refill the internal output buffer (`self.buffer`)
fn update(&mut self) {
core(&mut self.buffer, &self.state);
self.index = 0;
// update 128-bit counter
self.state[12] = self.state[12] + w(1);
if self.state[12] != w(0) { return };
self.state[13] = self.state[13] + w(1);
if self.state[13] != w(0) { return };
self.state[14] = self.state[14] + w(1);
if self.state[14] != w(0) { return };
self.state[15] = self.state[15] + w(1);
}
}
impl Rng for ChaChaRng {
#[inline]
fn next_u32(&mut self) -> u32 {
if self.index == STATE_WORDS {
self.update();
}
let value = self.buffer[self.index % STATE_WORDS];
self.index += 1;
value.0
}
}
impl<'a> SeedableRng<&'a [u32]> for ChaChaRng {
fn reseed(&mut self, seed: &'a [u32]) {
// reset state
self.init(&[0u32; KEY_WORDS]);
// set key in place
let key = &mut self.state[4 .. 4+KEY_WORDS];
for (k, s) in key.iter_mut().zip(seed.iter()) {
*k = w(*s);
}
}
/// Create a ChaCha generator from a seed,
/// obtained from a variable-length u32 array.
/// Only up to 8 words are used; if less than 8
/// words are used, the remaining are set to zero.
fn from_seed(seed: &'a [u32]) -> ChaChaRng {
let mut rng = EMPTY;
rng.reseed(seed);
rng
}
}
impl Rand for ChaChaRng {
fn rand<R: Rng>(other: &mut R) -> ChaChaRng {
let mut key : [u32; KEY_WORDS] = [0; KEY_WORDS];
for word in key.iter_mut() {
*word = other.gen();
}
SeedableRng::from_seed(&key[..])
}
}
#[cfg(test)]
mod test {
use {Rng, SeedableRng};
use super::ChaChaRng;
#[test]
fn test_rng_rand_seeded() {
let s = ::test::rng().gen_iter::<u32>().take(8).collect::<Vec<u32>>();
let mut ra: ChaChaRng = SeedableRng::from_seed(&s[..]);
let mut rb: ChaChaRng = SeedableRng::from_seed(&s[..]);
assert!(::test::iter_eq(ra.gen_ascii_chars().take(100),
rb.gen_ascii_chars().take(100)));
}
#[test]
fn test_rng_seeded() {
let seed : &[_] = &[0,1,2,3,4,5,6,7];
let mut ra: ChaChaRng = SeedableRng::from_seed(seed);
let mut rb: ChaChaRng = SeedableRng::from_seed(seed);
assert!(::test::iter_eq(ra.gen_ascii_chars().take(100),
rb.gen_ascii_chars().take(100)));
}
#[test]
fn test_rng_reseed() {
let s = ::test::rng().gen_iter::<u32>().take(8).collect::<Vec<u32>>();
let mut r: ChaChaRng = SeedableRng::from_seed(&s[..]);
let string1: String = r.gen_ascii_chars().take(100).collect();
r.reseed(&s);
let string2: String = r.gen_ascii_chars().take(100).collect();
assert_eq!(string1, string2);
}
#[test]
fn test_rng_true_values() {
// Test vectors 1 and 2 from
// http://tools.ietf.org/html/draft-nir-cfrg-chacha20-poly1305-04
let seed : &[_] = &[0u32; 8];
let mut ra: ChaChaRng = SeedableRng::from_seed(seed);
let v = (0..16).map(|_| ra.next_u32()).collect::<Vec<_>>();
assert_eq!(v,
vec!(0xade0b876, 0x903df1a0, 0xe56a5d40, 0x28bd8653,
0xb819d2bd, 0x1aed8da0, 0xccef36a8, 0xc70d778b,
0x7c5941da, 0x8d485751, 0x3fe02477, 0x374ad8b8,
0xf4b8436a, 0x1ca11815, 0x69b687c3, 0x8665eeb2));
let v = (0..16).map(|_| ra.next_u32()).collect::<Vec<_>>();
assert_eq!(v,
vec!(0xbee7079f, 0x7a385155, 0x7c97ba98, 0x0d082d73,
0xa0290fcb, 0x6965e348, 0x3e53c612, 0xed7aee32,
0x7621b729, 0x434ee69c, 0xb03371d5, 0xd539d874,
0x281fed31, 0x45fb0a51, 0x1f0ae1ac, 0x6f4d794b));
let seed : &[_] = &[0,1,2,3,4,5,6,7];
let mut ra: ChaChaRng = SeedableRng::from_seed(seed);
// Store the 17*i-th 32-bit word,
// i.e., the i-th word of the i-th 16-word block
let mut v : Vec<u32> = Vec::new();
for _ in 0..16 {
v.push(ra.next_u32());
for _ in 0..16 {
ra.next_u32();
}
}
assert_eq!(v,
vec!(0xf225c81a, 0x6ab1be57, 0x04d42951, 0x70858036,
0x49884684, 0x64efec72, 0x4be2d186, 0x3615b384,
0x11cfa18e, 0xd3c50049, 0x75c775f6, 0x434c6530,
0x2c5bad8f, 0x898881dc, 0x5f1c86d9, 0xc1f8e7f4));
}
#[test]
fn test_rng_clone() {
let seed : &[_] = &[0u32; 8];
let mut rng: ChaChaRng = SeedableRng::from_seed(seed);
let mut clone = rng.clone();
for _ in 0..16 {
assert_eq!(rng.next_u64(), clone.next_u64());
}
}
}

View File

@ -1,328 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! The ISAAC random number generator.
#![allow(non_camel_case_types)]
use core::slice;
use core::iter::repeat;
use core::num::Wrapping as w;
use core::fmt;
use {Rng, SeedableRng, Rand};
#[allow(bad_style)]
type w32 = w<u32>;
const RAND_SIZE_LEN: usize = 8;
const RAND_SIZE: u32 = 1 << RAND_SIZE_LEN;
const RAND_SIZE_USIZE: usize = 1 << RAND_SIZE_LEN;
/// A random number generator that uses the ISAAC algorithm[1].
///
/// The ISAAC algorithm is generally accepted as suitable for
/// cryptographic purposes, but this implementation has not be
/// verified as such. Prefer a generator like `OsRng` that defers to
/// the operating system for cases that need high security.
///
/// [1]: Bob Jenkins, [*ISAAC: A fast cryptographic random number
/// generator*](http://www.burtleburtle.net/bob/rand/isaacafa.html)
#[derive(Copy)]
pub struct IsaacRng {
cnt: u32,
rsl: [w32; RAND_SIZE_USIZE],
mem: [w32; RAND_SIZE_USIZE],
a: w32,
b: w32,
c: w32,
}
static EMPTY: IsaacRng = IsaacRng {
cnt: 0,
rsl: [w(0); RAND_SIZE_USIZE],
mem: [w(0); RAND_SIZE_USIZE],
a: w(0), b: w(0), c: w(0),
};
impl IsaacRng {
/// Create an ISAAC random number generator using the default
/// fixed seed.
pub fn new_unseeded() -> IsaacRng {
let mut rng = EMPTY;
rng.init(false);
rng
}
/// Initialises `self`. If `use_rsl` is true, then use the current value
/// of `rsl` as a seed, otherwise construct one algorithmically (not
/// randomly).
fn init(&mut self, use_rsl: bool) {
let mut a = w(0x9e3779b9);
let mut b = a;
let mut c = a;
let mut d = a;
let mut e = a;
let mut f = a;
let mut g = a;
let mut h = a;
macro_rules! mix {
() => {{
a=a^(b<<11); d=d+a; b=b+c;
b=b^(c>>2); e=e+b; c=c+d;
c=c^(d<<8); f=f+c; d=d+e;
d=d^(e>>16); g=g+d; e=e+f;
e=e^(f<<10); h=h+e; f=f+g;
f=f^(g>>4); a=a+f; g=g+h;
g=g^(h<<8); b=b+g; h=h+a;
h=h^(a>>9); c=c+h; a=a+b;
}}
}
for _ in 0..4 {
mix!();
}
if use_rsl {
macro_rules! memloop {
($arr:expr) => {{
for i in (0..RAND_SIZE_USIZE/8).map(|i| i * 8) {
a=a+$arr[i ]; b=b+$arr[i+1];
c=c+$arr[i+2]; d=d+$arr[i+3];
e=e+$arr[i+4]; f=f+$arr[i+5];
g=g+$arr[i+6]; h=h+$arr[i+7];
mix!();
self.mem[i ]=a; self.mem[i+1]=b;
self.mem[i+2]=c; self.mem[i+3]=d;
self.mem[i+4]=e; self.mem[i+5]=f;
self.mem[i+6]=g; self.mem[i+7]=h;
}
}}
}
memloop!(self.rsl);
memloop!(self.mem);
} else {
for i in (0..RAND_SIZE_USIZE/8).map(|i| i * 8) {
mix!();
self.mem[i ]=a; self.mem[i+1]=b;
self.mem[i+2]=c; self.mem[i+3]=d;
self.mem[i+4]=e; self.mem[i+5]=f;
self.mem[i+6]=g; self.mem[i+7]=h;
}
}
self.isaac();
}
/// Refills the output buffer (`self.rsl`)
#[inline]
fn isaac(&mut self) {
self.c = self.c + w(1);
// abbreviations
let mut a = self.a;
let mut b = self.b + self.c;
const MIDPOINT: usize = RAND_SIZE_USIZE / 2;
macro_rules! ind {
($x:expr) => ( self.mem[($x >> 2usize).0 as usize & (RAND_SIZE_USIZE - 1)] )
}
let r = [(0, MIDPOINT), (MIDPOINT, 0)];
for &(mr_offset, m2_offset) in r.iter() {
macro_rules! rngstepp {
($j:expr, $shift:expr) => {{
let base = $j;
let mix = a << $shift;
let x = self.mem[base + mr_offset];
a = (a ^ mix) + self.mem[base + m2_offset];
let y = ind!(x) + a + b;
self.mem[base + mr_offset] = y;
b = ind!(y >> RAND_SIZE_LEN) + x;
self.rsl[base + mr_offset] = b;
}}
}
macro_rules! rngstepn {
($j:expr, $shift:expr) => {{
let base = $j;
let mix = a >> $shift;
let x = self.mem[base + mr_offset];
a = (a ^ mix) + self.mem[base + m2_offset];
let y = ind!(x) + a + b;
self.mem[base + mr_offset] = y;
b = ind!(y >> RAND_SIZE_LEN) + x;
self.rsl[base + mr_offset] = b;
}}
}
for i in (0..MIDPOINT/4).map(|i| i * 4) {
rngstepp!(i + 0, 13);
rngstepn!(i + 1, 6);
rngstepp!(i + 2, 2);
rngstepn!(i + 3, 16);
}
}
self.a = a;
self.b = b;
self.cnt = RAND_SIZE;
}
}
// Cannot be derived because [u32; 256] does not implement Clone
impl Clone for IsaacRng {
fn clone(&self) -> IsaacRng {
*self
}
}
impl Rng for IsaacRng {
#[inline]
fn next_u32(&mut self) -> u32 {
if self.cnt == 0 {
// make some more numbers
self.isaac();
}
self.cnt -= 1;
// self.cnt is at most RAND_SIZE, but that is before the
// subtraction above. We want to index without bounds
// checking, but this could lead to incorrect code if someone
// misrefactors, so we check, sometimes.
//
// (Changes here should be reflected in Isaac64Rng.next_u64.)
debug_assert!(self.cnt < RAND_SIZE);
// (the % is cheaply telling the optimiser that we're always
// in bounds, without unsafe. NB. this is a power of two, so
// it optimises to a bitwise mask).
self.rsl[(self.cnt % RAND_SIZE) as usize].0
}
}
impl<'a> SeedableRng<&'a [u32]> for IsaacRng {
fn reseed(&mut self, seed: &'a [u32]) {
// make the seed into [seed[0], seed[1], ..., seed[seed.len()
// - 1], 0, 0, ...], to fill rng.rsl.
let seed_iter = seed.iter().map(|&x| x).chain(repeat(0u32));
for (rsl_elem, seed_elem) in self.rsl.iter_mut().zip(seed_iter) {
*rsl_elem = w(seed_elem);
}
self.cnt = 0;
self.a = w(0);
self.b = w(0);
self.c = w(0);
self.init(true);
}
/// Create an ISAAC random number generator with a seed. This can
/// be any length, although the maximum number of elements used is
/// 256 and any more will be silently ignored. A generator
/// constructed with a given seed will generate the same sequence
/// of values as all other generators constructed with that seed.
fn from_seed(seed: &'a [u32]) -> IsaacRng {
let mut rng = EMPTY;
rng.reseed(seed);
rng
}
}
impl Rand for IsaacRng {
fn rand<R: Rng>(other: &mut R) -> IsaacRng {
let mut ret = EMPTY;
unsafe {
let ptr = ret.rsl.as_mut_ptr() as *mut u8;
let slice = slice::from_raw_parts_mut(ptr, RAND_SIZE_USIZE * 4);
other.fill_bytes(slice);
}
ret.cnt = 0;
ret.a = w(0);
ret.b = w(0);
ret.c = w(0);
ret.init(true);
return ret;
}
}
impl fmt::Debug for IsaacRng {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "IsaacRng {{}}")
}
}
#[cfg(test)]
mod test {
use {Rng, SeedableRng};
use super::IsaacRng;
#[test]
fn test_rng_32_rand_seeded() {
let s = ::test::rng().gen_iter::<u32>().take(256).collect::<Vec<u32>>();
let mut ra: IsaacRng = SeedableRng::from_seed(&s[..]);
let mut rb: IsaacRng = SeedableRng::from_seed(&s[..]);
assert!(::test::iter_eq(ra.gen_ascii_chars().take(100),
rb.gen_ascii_chars().take(100)));
}
#[test]
fn test_rng_32_seeded() {
let seed: &[_] = &[1, 23, 456, 7890, 12345];
let mut ra: IsaacRng = SeedableRng::from_seed(seed);
let mut rb: IsaacRng = SeedableRng::from_seed(seed);
assert!(::test::iter_eq(ra.gen_ascii_chars().take(100),
rb.gen_ascii_chars().take(100)));
}
#[test]
fn test_rng_32_reseed() {
let s = ::test::rng().gen_iter::<u32>().take(256).collect::<Vec<u32>>();
let mut r: IsaacRng = SeedableRng::from_seed(&s[..]);
let string1: String = r.gen_ascii_chars().take(100).collect();
r.reseed(&s[..]);
let string2: String = r.gen_ascii_chars().take(100).collect();
assert_eq!(string1, string2);
}
#[test]
fn test_rng_32_true_values() {
let seed: &[_] = &[1, 23, 456, 7890, 12345];
let mut ra: IsaacRng = SeedableRng::from_seed(seed);
// Regression test that isaac is actually using the above vector
let v = (0..10).map(|_| ra.next_u32()).collect::<Vec<_>>();
assert_eq!(v,
vec!(2558573138, 873787463, 263499565, 2103644246, 3595684709,
4203127393, 264982119, 2765226902, 2737944514, 3900253796));
let seed: &[_] = &[12345, 67890, 54321, 9876];
let mut rb: IsaacRng = SeedableRng::from_seed(seed);
// skip forward to the 10000th number
for _ in 0..10000 { rb.next_u32(); }
let v = (0..10).map(|_| rb.next_u32()).collect::<Vec<_>>();
assert_eq!(v,
vec!(3676831399, 3183332890, 2834741178, 3854698763, 2717568474,
1576568959, 3507990155, 179069555, 141456972, 2478885421));
}
}

View File

@ -1,340 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! The ISAAC-64 random number generator.
use core::slice;
use core::iter::repeat;
use core::num::Wrapping as w;
use core::fmt;
use {Rng, SeedableRng, Rand};
#[allow(bad_style)]
type w64 = w<u64>;
const RAND_SIZE_64_LEN: usize = 8;
const RAND_SIZE_64: usize = 1 << RAND_SIZE_64_LEN;
/// A random number generator that uses ISAAC-64[1], the 64-bit
/// variant of the ISAAC algorithm.
///
/// The ISAAC algorithm is generally accepted as suitable for
/// cryptographic purposes, but this implementation has not be
/// verified as such. Prefer a generator like `OsRng` that defers to
/// the operating system for cases that need high security.
///
/// [1]: Bob Jenkins, [*ISAAC: A fast cryptographic random number
/// generator*](http://www.burtleburtle.net/bob/rand/isaacafa.html)
#[derive(Copy)]
pub struct Isaac64Rng {
cnt: usize,
rsl: [w64; RAND_SIZE_64],
mem: [w64; RAND_SIZE_64],
a: w64,
b: w64,
c: w64,
}
static EMPTY_64: Isaac64Rng = Isaac64Rng {
cnt: 0,
rsl: [w(0); RAND_SIZE_64],
mem: [w(0); RAND_SIZE_64],
a: w(0), b: w(0), c: w(0),
};
impl Isaac64Rng {
/// Create a 64-bit ISAAC random number generator using the
/// default fixed seed.
pub fn new_unseeded() -> Isaac64Rng {
let mut rng = EMPTY_64;
rng.init(false);
rng
}
/// Initialises `self`. If `use_rsl` is true, then use the current value
/// of `rsl` as a seed, otherwise construct one algorithmically (not
/// randomly).
fn init(&mut self, use_rsl: bool) {
macro_rules! init {
($var:ident) => (
let mut $var = w(0x9e3779b97f4a7c13);
)
}
init!(a); init!(b); init!(c); init!(d);
init!(e); init!(f); init!(g); init!(h);
macro_rules! mix {
() => {{
a=a-e; f=f^(h>>9); h=h+a;
b=b-f; g=g^(a<<9); a=a+b;
c=c-g; h=h^(b>>23); b=b+c;
d=d-h; a=a^(c<<15); c=c+d;
e=e-a; b=b^(d>>14); d=d+e;
f=f-b; c=c^(e<<20); e=e+f;
g=g-c; d=d^(f>>17); f=f+g;
h=h-d; e=e^(g<<14); g=g+h;
}}
}
for _ in 0..4 {
mix!();
}
if use_rsl {
macro_rules! memloop {
($arr:expr) => {{
for i in (0..RAND_SIZE_64 / 8).map(|i| i * 8) {
a=a+$arr[i ]; b=b+$arr[i+1];
c=c+$arr[i+2]; d=d+$arr[i+3];
e=e+$arr[i+4]; f=f+$arr[i+5];
g=g+$arr[i+6]; h=h+$arr[i+7];
mix!();
self.mem[i ]=a; self.mem[i+1]=b;
self.mem[i+2]=c; self.mem[i+3]=d;
self.mem[i+4]=e; self.mem[i+5]=f;
self.mem[i+6]=g; self.mem[i+7]=h;
}
}}
}
memloop!(self.rsl);
memloop!(self.mem);
} else {
for i in (0..RAND_SIZE_64 / 8).map(|i| i * 8) {
mix!();
self.mem[i ]=a; self.mem[i+1]=b;
self.mem[i+2]=c; self.mem[i+3]=d;
self.mem[i+4]=e; self.mem[i+5]=f;
self.mem[i+6]=g; self.mem[i+7]=h;
}
}
self.isaac64();
}
/// Refills the output buffer (`self.rsl`)
fn isaac64(&mut self) {
self.c = self.c + w(1);
// abbreviations
let mut a = self.a;
let mut b = self.b + self.c;
const MIDPOINT: usize = RAND_SIZE_64 / 2;
const MP_VEC: [(usize, usize); 2] = [(0,MIDPOINT), (MIDPOINT, 0)];
macro_rules! ind {
($x:expr) => {
*self.mem.get_unchecked((($x >> 3usize).0 as usize) & (RAND_SIZE_64 - 1))
}
}
for &(mr_offset, m2_offset) in MP_VEC.iter() {
for base in (0..MIDPOINT / 4).map(|i| i * 4) {
macro_rules! rngstepp {
($j:expr, $shift:expr) => {{
let base = base + $j;
let mix = a ^ (a << $shift);
let mix = if $j == 0 {!mix} else {mix};
unsafe {
let x = *self.mem.get_unchecked(base + mr_offset);
a = mix + *self.mem.get_unchecked(base + m2_offset);
let y = ind!(x) + a + b;
*self.mem.get_unchecked_mut(base + mr_offset) = y;
b = ind!(y >> RAND_SIZE_64_LEN) + x;
*self.rsl.get_unchecked_mut(base + mr_offset) = b;
}
}}
}
macro_rules! rngstepn {
($j:expr, $shift:expr) => {{
let base = base + $j;
let mix = a ^ (a >> $shift);
let mix = if $j == 0 {!mix} else {mix};
unsafe {
let x = *self.mem.get_unchecked(base + mr_offset);
a = mix + *self.mem.get_unchecked(base + m2_offset);
let y = ind!(x) + a + b;
*self.mem.get_unchecked_mut(base + mr_offset) = y;
b = ind!(y >> RAND_SIZE_64_LEN) + x;
*self.rsl.get_unchecked_mut(base + mr_offset) = b;
}
}}
}
rngstepp!(0, 21);
rngstepn!(1, 5);
rngstepp!(2, 12);
rngstepn!(3, 33);
}
}
self.a = a;
self.b = b;
self.cnt = RAND_SIZE_64;
}
}
// Cannot be derived because [u32; 256] does not implement Clone
impl Clone for Isaac64Rng {
fn clone(&self) -> Isaac64Rng {
*self
}
}
impl Rng for Isaac64Rng {
#[inline]
fn next_u32(&mut self) -> u32 {
self.next_u64() as u32
}
#[inline]
fn next_u64(&mut self) -> u64 {
if self.cnt == 0 {
// make some more numbers
self.isaac64();
}
self.cnt -= 1;
// See corresponding location in IsaacRng.next_u32 for
// explanation.
debug_assert!(self.cnt < RAND_SIZE_64);
self.rsl[(self.cnt % RAND_SIZE_64) as usize].0
}
}
impl<'a> SeedableRng<&'a [u64]> for Isaac64Rng {
fn reseed(&mut self, seed: &'a [u64]) {
// make the seed into [seed[0], seed[1], ..., seed[seed.len()
// - 1], 0, 0, ...], to fill rng.rsl.
let seed_iter = seed.iter().map(|&x| x).chain(repeat(0u64));
for (rsl_elem, seed_elem) in self.rsl.iter_mut().zip(seed_iter) {
*rsl_elem = w(seed_elem);
}
self.cnt = 0;
self.a = w(0);
self.b = w(0);
self.c = w(0);
self.init(true);
}
/// Create an ISAAC random number generator with a seed. This can
/// be any length, although the maximum number of elements used is
/// 256 and any more will be silently ignored. A generator
/// constructed with a given seed will generate the same sequence
/// of values as all other generators constructed with that seed.
fn from_seed(seed: &'a [u64]) -> Isaac64Rng {
let mut rng = EMPTY_64;
rng.reseed(seed);
rng
}
}
impl Rand for Isaac64Rng {
fn rand<R: Rng>(other: &mut R) -> Isaac64Rng {
let mut ret = EMPTY_64;
unsafe {
let ptr = ret.rsl.as_mut_ptr() as *mut u8;
let slice = slice::from_raw_parts_mut(ptr, RAND_SIZE_64 * 8);
other.fill_bytes(slice);
}
ret.cnt = 0;
ret.a = w(0);
ret.b = w(0);
ret.c = w(0);
ret.init(true);
return ret;
}
}
impl fmt::Debug for Isaac64Rng {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "Isaac64Rng {{}}")
}
}
#[cfg(test)]
mod test {
use {Rng, SeedableRng};
use super::Isaac64Rng;
#[test]
fn test_rng_64_rand_seeded() {
let s = ::test::rng().gen_iter::<u64>().take(256).collect::<Vec<u64>>();
let mut ra: Isaac64Rng = SeedableRng::from_seed(&s[..]);
let mut rb: Isaac64Rng = SeedableRng::from_seed(&s[..]);
assert!(::test::iter_eq(ra.gen_ascii_chars().take(100),
rb.gen_ascii_chars().take(100)));
}
#[test]
fn test_rng_64_seeded() {
let seed: &[_] = &[1, 23, 456, 7890, 12345];
let mut ra: Isaac64Rng = SeedableRng::from_seed(seed);
let mut rb: Isaac64Rng = SeedableRng::from_seed(seed);
assert!(::test::iter_eq(ra.gen_ascii_chars().take(100),
rb.gen_ascii_chars().take(100)));
}
#[test]
fn test_rng_64_reseed() {
let s = ::test::rng().gen_iter::<u64>().take(256).collect::<Vec<u64>>();
let mut r: Isaac64Rng = SeedableRng::from_seed(&s[..]);
let string1: String = r.gen_ascii_chars().take(100).collect();
r.reseed(&s[..]);
let string2: String = r.gen_ascii_chars().take(100).collect();
assert_eq!(string1, string2);
}
#[test]
fn test_rng_64_true_values() {
let seed: &[_] = &[1, 23, 456, 7890, 12345];
let mut ra: Isaac64Rng = SeedableRng::from_seed(seed);
// Regression test that isaac is actually using the above vector
let v = (0..10).map(|_| ra.next_u64()).collect::<Vec<_>>();
assert_eq!(v,
vec!(547121783600835980, 14377643087320773276, 17351601304698403469,
1238879483818134882, 11952566807690396487, 13970131091560099343,
4469761996653280935, 15552757044682284409, 6860251611068737823,
13722198873481261842));
let seed: &[_] = &[12345, 67890, 54321, 9876];
let mut rb: Isaac64Rng = SeedableRng::from_seed(seed);
// skip forward to the 10000th number
for _ in 0..10000 { rb.next_u64(); }
let v = (0..10).map(|_| rb.next_u64()).collect::<Vec<_>>();
assert_eq!(v,
vec!(18143823860592706164, 8491801882678285927, 2699425367717515619,
17196852593171130876, 2606123525235546165, 15790932315217671084,
596345674630742204, 9947027391921273664, 11788097613744130851,
10391409374914919106));
}
#[test]
fn test_rng_clone() {
let seed: &[_] = &[1, 23, 456, 7890, 12345];
let mut rng: Isaac64Rng = SeedableRng::from_seed(seed);
let mut clone = rng.clone();
for _ in 0..16 {
assert_eq!(rng.next_u64(), clone.next_u64());
}
}
}

View File

@ -1,51 +0,0 @@
// Copyright 2017 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! Pseudo random number generators are algorithms to produce *apparently
//! random* numbers deterministically, and usually fairly quickly.
//!
//! So long as the algorithm is computationally secure, is initialised with
//! sufficient entropy (i.e. unknown by an attacker), and its internal state is
//! also protected (unknown to an attacker), the output will also be
//! *computationally secure*. Computationally Secure Pseudo Random Number
//! Generators (CSPRNGs) are thus suitable sources of random numbers for
//! cryptography. There are a couple of gotchas here, however. First, the seed
//! used for initialisation must be unknown. Usually this should be provided by
//! the operating system and should usually be secure, however this may not
//! always be the case (especially soon after startup). Second, user-space
//! memory may be vulnerable, for example when written to swap space, and after
//! forking a child process should reinitialise any user-space PRNGs. For this
//! reason it may be preferable to source random numbers directly from the OS
//! for cryptographic applications.
//!
//! PRNGs are also widely used for non-cryptographic uses: randomised
//! algorithms, simulations, games. In these applications it is usually not
//! important for numbers to be cryptographically *unguessable*, but even
//! distribution and independence from other samples (from the point of view
//! of someone unaware of the algorithm used, at least) may still be important.
//! Good PRNGs should satisfy these properties, but do not take them for
//! granted; Wikipedia's article on
//! [Pseudorandom number generators](https://en.wikipedia.org/wiki/Pseudorandom_number_generator)
//! provides some background on this topic.
//!
//! Care should be taken when seeding (initialising) PRNGs. Some PRNGs have
//! short periods for some seeds. If one PRNG is seeded from another using the
//! same algorithm, it is possible that both will yield the same sequence of
//! values (with some lag).
mod chacha;
mod isaac;
mod isaac64;
mod xorshift;
pub use self::chacha::ChaChaRng;
pub use self::isaac::IsaacRng;
pub use self::isaac64::Isaac64Rng;
pub use self::xorshift::XorShiftRng;

View File

@ -1,101 +0,0 @@
// Copyright 2017 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! Xorshift generators
use core::num::Wrapping as w;
use {Rng, SeedableRng, Rand};
/// An Xorshift[1] random number
/// generator.
///
/// The Xorshift algorithm is not suitable for cryptographic purposes
/// but is very fast. If you do not know for sure that it fits your
/// requirements, use a more secure one such as `IsaacRng` or `OsRng`.
///
/// [1]: Marsaglia, George (July 2003). ["Xorshift
/// RNGs"](http://www.jstatsoft.org/v08/i14/paper). *Journal of
/// Statistical Software*. Vol. 8 (Issue 14).
#[allow(missing_copy_implementations)]
#[derive(Clone, Debug)]
pub struct XorShiftRng {
x: w<u32>,
y: w<u32>,
z: w<u32>,
w: w<u32>,
}
impl XorShiftRng {
/// Creates a new XorShiftRng instance which is not seeded.
///
/// The initial values of this RNG are constants, so all generators created
/// by this function will yield the same stream of random numbers. It is
/// highly recommended that this is created through `SeedableRng` instead of
/// this function
pub fn new_unseeded() -> XorShiftRng {
XorShiftRng {
x: w(0x193a6754),
y: w(0xa8a7d469),
z: w(0x97830e05),
w: w(0x113ba7bb),
}
}
}
impl Rng for XorShiftRng {
#[inline]
fn next_u32(&mut self) -> u32 {
let x = self.x;
let t = x ^ (x << 11);
self.x = self.y;
self.y = self.z;
self.z = self.w;
let w_ = self.w;
self.w = w_ ^ (w_ >> 19) ^ (t ^ (t >> 8));
self.w.0
}
}
impl SeedableRng<[u32; 4]> for XorShiftRng {
/// Reseed an XorShiftRng. This will panic if `seed` is entirely 0.
fn reseed(&mut self, seed: [u32; 4]) {
assert!(!seed.iter().all(|&x| x == 0),
"XorShiftRng.reseed called with an all zero seed.");
self.x = w(seed[0]);
self.y = w(seed[1]);
self.z = w(seed[2]);
self.w = w(seed[3]);
}
/// Create a new XorShiftRng. This will panic if `seed` is entirely 0.
fn from_seed(seed: [u32; 4]) -> XorShiftRng {
assert!(!seed.iter().all(|&x| x == 0),
"XorShiftRng::from_seed called with an all zero seed.");
XorShiftRng {
x: w(seed[0]),
y: w(seed[1]),
z: w(seed[2]),
w: w(seed[3]),
}
}
}
impl Rand for XorShiftRng {
fn rand<R: Rng>(rng: &mut R) -> XorShiftRng {
let mut tuple: (u32, u32, u32, u32) = rng.gen();
while tuple == (0, 0, 0, 0) {
tuple = rng.gen();
}
let (x, y, z, w_) = tuple;
XorShiftRng { x: w(x), y: w(y), z: w(z), w: w(w_) }
}
}

View File

@ -1,299 +0,0 @@
// Copyright 2013-2014 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! The implementations of `Rand` for the built-in types.
use core::{char, mem};
use {Rand,Rng};
impl Rand for isize {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> isize {
if mem::size_of::<isize>() == 4 {
rng.gen::<i32>() as isize
} else {
rng.gen::<i64>() as isize
}
}
}
impl Rand for i8 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> i8 {
rng.next_u32() as i8
}
}
impl Rand for i16 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> i16 {
rng.next_u32() as i16
}
}
impl Rand for i32 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> i32 {
rng.next_u32() as i32
}
}
impl Rand for i64 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> i64 {
rng.next_u64() as i64
}
}
#[cfg(feature = "i128_support")]
impl Rand for i128 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> i128 {
rng.gen::<u128>() as i128
}
}
impl Rand for usize {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> usize {
if mem::size_of::<usize>() == 4 {
rng.gen::<u32>() as usize
} else {
rng.gen::<u64>() as usize
}
}
}
impl Rand for u8 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> u8 {
rng.next_u32() as u8
}
}
impl Rand for u16 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> u16 {
rng.next_u32() as u16
}
}
impl Rand for u32 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> u32 {
rng.next_u32()
}
}
impl Rand for u64 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> u64 {
rng.next_u64()
}
}
#[cfg(feature = "i128_support")]
impl Rand for u128 {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> u128 {
((rng.next_u64() as u128) << 64) | (rng.next_u64() as u128)
}
}
macro_rules! float_impls {
($mod_name:ident, $ty:ty, $mantissa_bits:expr, $method_name:ident) => {
mod $mod_name {
use {Rand, Rng, Open01, Closed01};
const SCALE: $ty = (1u64 << $mantissa_bits) as $ty;
impl Rand for $ty {
/// Generate a floating point number in the half-open
/// interval `[0,1)`.
///
/// See `Closed01` for the closed interval `[0,1]`,
/// and `Open01` for the open interval `(0,1)`.
#[inline]
fn rand<R: Rng>(rng: &mut R) -> $ty {
rng.$method_name()
}
}
impl Rand for Open01<$ty> {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> Open01<$ty> {
// add a small amount (specifically 2 bits below
// the precision of f64/f32 at 1.0), so that small
// numbers are larger than 0, but large numbers
// aren't pushed to/above 1.
Open01(rng.$method_name() + 0.25 / SCALE)
}
}
impl Rand for Closed01<$ty> {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> Closed01<$ty> {
// rescale so that 1.0 - epsilon becomes 1.0
// precisely.
Closed01(rng.$method_name() * SCALE / (SCALE - 1.0))
}
}
}
}
}
float_impls! { f64_rand_impls, f64, 53, next_f64 }
float_impls! { f32_rand_impls, f32, 24, next_f32 }
impl Rand for char {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> char {
// a char is 21 bits
const CHAR_MASK: u32 = 0x001f_ffff;
loop {
// Rejection sampling. About 0.2% of numbers with at most
// 21-bits are invalid codepoints (surrogates), so this
// will succeed first go almost every time.
match char::from_u32(rng.next_u32() & CHAR_MASK) {
Some(c) => return c,
None => {}
}
}
}
}
impl Rand for bool {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> bool {
rng.gen::<u8>() & 1 == 1
}
}
macro_rules! tuple_impl {
// use variables to indicate the arity of the tuple
($($tyvar:ident),* ) => {
// the trailing commas are for the 1 tuple
impl<
$( $tyvar : Rand ),*
> Rand for ( $( $tyvar ),* , ) {
#[inline]
fn rand<R: Rng>(_rng: &mut R) -> ( $( $tyvar ),* , ) {
(
// use the $tyvar's to get the appropriate number of
// repeats (they're not actually needed)
$(
_rng.gen::<$tyvar>()
),*
,
)
}
}
}
}
impl Rand for () {
#[inline]
fn rand<R: Rng>(_: &mut R) -> () { () }
}
tuple_impl!{A}
tuple_impl!{A, B}
tuple_impl!{A, B, C}
tuple_impl!{A, B, C, D}
tuple_impl!{A, B, C, D, E}
tuple_impl!{A, B, C, D, E, F}
tuple_impl!{A, B, C, D, E, F, G}
tuple_impl!{A, B, C, D, E, F, G, H}
tuple_impl!{A, B, C, D, E, F, G, H, I}
tuple_impl!{A, B, C, D, E, F, G, H, I, J}
tuple_impl!{A, B, C, D, E, F, G, H, I, J, K}
tuple_impl!{A, B, C, D, E, F, G, H, I, J, K, L}
macro_rules! array_impl {
{$n:expr, $t:ident, $($ts:ident,)*} => {
array_impl!{($n - 1), $($ts,)*}
impl<T> Rand for [T; $n] where T: Rand {
#[inline]
fn rand<R: Rng>(_rng: &mut R) -> [T; $n] {
[_rng.gen::<$t>(), $(_rng.gen::<$ts>()),*]
}
}
};
{$n:expr,} => {
impl<T> Rand for [T; $n] {
fn rand<R: Rng>(_rng: &mut R) -> [T; $n] { [] }
}
};
}
array_impl!{32, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T,}
impl<T:Rand> Rand for Option<T> {
#[inline]
fn rand<R: Rng>(rng: &mut R) -> Option<T> {
if rng.gen() {
Some(rng.gen())
} else {
None
}
}
}
#[cfg(test)]
mod tests {
use {Rng, thread_rng, Open01, Closed01};
struct ConstantRng(u64);
impl Rng for ConstantRng {
fn next_u32(&mut self) -> u32 {
let ConstantRng(v) = *self;
v as u32
}
fn next_u64(&mut self) -> u64 {
let ConstantRng(v) = *self;
v
}
}
#[test]
fn floating_point_edge_cases() {
// the test for exact equality is correct here.
assert!(ConstantRng(0xffff_ffff).gen::<f32>() != 1.0);
assert!(ConstantRng(0xffff_ffff_ffff_ffff).gen::<f64>() != 1.0);
}
#[test]
fn rand_open() {
// this is unlikely to catch an incorrect implementation that
// generates exactly 0 or 1, but it keeps it sane.
let mut rng = thread_rng();
for _ in 0..1_000 {
// strict inequalities
let Open01(f) = rng.gen::<Open01<f64>>();
assert!(0.0 < f && f < 1.0);
let Open01(f) = rng.gen::<Open01<f32>>();
assert!(0.0 < f && f < 1.0);
}
}
#[test]
fn rand_closed() {
let mut rng = thread_rng();
for _ in 0..1_000 {
// strict inequalities
let Closed01(f) = rng.gen::<Closed01<f64>>();
assert!(0.0 <= f && f <= 1.0);
let Closed01(f) = rng.gen::<Closed01<f32>>();
assert!(0.0 <= f && f <= 1.0);
}
}
}

View File

@ -1,123 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! A wrapper around any Read to treat it as an RNG.
use std::io::{self, Read};
use std::mem;
use Rng;
/// An RNG that reads random bytes straight from a `Read`. This will
/// work best with an infinite reader, but this is not required.
///
/// # Panics
///
/// It will panic if it there is insufficient data to fulfill a request.
///
/// # Example
///
/// ```rust
/// use rand::{read, Rng};
///
/// let data = vec![1, 2, 3, 4, 5, 6, 7, 8];
/// let mut rng = read::ReadRng::new(&data[..]);
/// println!("{:x}", rng.gen::<u32>());
/// ```
#[derive(Debug)]
pub struct ReadRng<R> {
reader: R
}
impl<R: Read> ReadRng<R> {
/// Create a new `ReadRng` from a `Read`.
pub fn new(r: R) -> ReadRng<R> {
ReadRng {
reader: r
}
}
}
impl<R: Read> Rng for ReadRng<R> {
fn next_u32(&mut self) -> u32 {
// This is designed for speed: reading a LE integer on a LE
// platform just involves blitting the bytes into the memory
// of the u32, similarly for BE on BE; avoiding byteswapping.
let mut buf = [0; 4];
fill(&mut self.reader, &mut buf).unwrap();
unsafe { *(buf.as_ptr() as *const u32) }
}
fn next_u64(&mut self) -> u64 {
// see above for explanation.
let mut buf = [0; 8];
fill(&mut self.reader, &mut buf).unwrap();
unsafe { *(buf.as_ptr() as *const u64) }
}
fn fill_bytes(&mut self, v: &mut [u8]) {
if v.len() == 0 { return }
fill(&mut self.reader, v).unwrap();
}
}
fn fill(r: &mut Read, mut buf: &mut [u8]) -> io::Result<()> {
while buf.len() > 0 {
match try!(r.read(buf)) {
0 => return Err(io::Error::new(io::ErrorKind::Other,
"end of file reached")),
n => buf = &mut mem::replace(&mut buf, &mut [])[n..],
}
}
Ok(())
}
#[cfg(test)]
mod test {
use super::ReadRng;
use Rng;
#[test]
fn test_reader_rng_u64() {
// transmute from the target to avoid endianness concerns.
let v = vec![0u8, 0, 0, 0, 0, 0, 0, 1,
0 , 0, 0, 0, 0, 0, 0, 2,
0, 0, 0, 0, 0, 0, 0, 3];
let mut rng = ReadRng::new(&v[..]);
assert_eq!(rng.next_u64(), 1_u64.to_be());
assert_eq!(rng.next_u64(), 2_u64.to_be());
assert_eq!(rng.next_u64(), 3_u64.to_be());
}
#[test]
fn test_reader_rng_u32() {
let v = vec![0u8, 0, 0, 1, 0, 0, 0, 2, 0, 0, 0, 3];
let mut rng = ReadRng::new(&v[..]);
assert_eq!(rng.next_u32(), 1_u32.to_be());
assert_eq!(rng.next_u32(), 2_u32.to_be());
assert_eq!(rng.next_u32(), 3_u32.to_be());
}
#[test]
fn test_reader_rng_fill_bytes() {
let v = [1u8, 2, 3, 4, 5, 6, 7, 8];
let mut w = [0u8; 8];
let mut rng = ReadRng::new(&v[..]);
rng.fill_bytes(&mut w);
assert!(v == w);
}
#[test]
#[should_panic]
fn test_reader_rng_insufficient_bytes() {
let mut rng = ReadRng::new(&[][..]);
let mut v = [0u8; 3];
rng.fill_bytes(&mut v);
}
}

View File

@ -1,229 +0,0 @@
// Copyright 2013 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! A wrapper around another RNG that reseeds it after it
//! generates a certain number of random bytes.
use core::default::Default;
use {Rng, SeedableRng};
/// How many bytes of entropy the underling RNG is allowed to generate
/// before it is reseeded
const DEFAULT_GENERATION_THRESHOLD: u64 = 32 * 1024;
/// A wrapper around any RNG which reseeds the underlying RNG after it
/// has generated a certain number of random bytes.
#[derive(Debug)]
pub struct ReseedingRng<R, Rsdr> {
rng: R,
generation_threshold: u64,
bytes_generated: u64,
/// Controls the behaviour when reseeding the RNG.
pub reseeder: Rsdr,
}
impl<R: Rng, Rsdr: Reseeder<R>> ReseedingRng<R, Rsdr> {
/// Create a new `ReseedingRng` with the given parameters.
///
/// # Arguments
///
/// * `rng`: the random number generator to use.
/// * `generation_threshold`: the number of bytes of entropy at which to reseed the RNG.
/// * `reseeder`: the reseeding object to use.
pub fn new(rng: R, generation_threshold: u64, reseeder: Rsdr) -> ReseedingRng<R,Rsdr> {
ReseedingRng {
rng: rng,
generation_threshold: generation_threshold,
bytes_generated: 0,
reseeder: reseeder
}
}
/// Reseed the internal RNG if the number of bytes that have been
/// generated exceed the threshold.
pub fn reseed_if_necessary(&mut self) {
if self.bytes_generated >= self.generation_threshold {
self.reseeder.reseed(&mut self.rng);
self.bytes_generated = 0;
}
}
}
impl<R: Rng, Rsdr: Reseeder<R>> Rng for ReseedingRng<R, Rsdr> {
fn next_u32(&mut self) -> u32 {
self.reseed_if_necessary();
self.bytes_generated += 4;
self.rng.next_u32()
}
fn next_u64(&mut self) -> u64 {
self.reseed_if_necessary();
self.bytes_generated += 8;
self.rng.next_u64()
}
fn fill_bytes(&mut self, dest: &mut [u8]) {
self.reseed_if_necessary();
self.bytes_generated += dest.len() as u64;
self.rng.fill_bytes(dest)
}
}
impl<S, R: SeedableRng<S>, Rsdr: Reseeder<R> + Default>
SeedableRng<(Rsdr, S)> for ReseedingRng<R, Rsdr> {
fn reseed(&mut self, (rsdr, seed): (Rsdr, S)) {
self.rng.reseed(seed);
self.reseeder = rsdr;
self.bytes_generated = 0;
}
/// Create a new `ReseedingRng` from the given reseeder and
/// seed. This uses a default value for `generation_threshold`.
fn from_seed((rsdr, seed): (Rsdr, S)) -> ReseedingRng<R, Rsdr> {
ReseedingRng {
rng: SeedableRng::from_seed(seed),
generation_threshold: DEFAULT_GENERATION_THRESHOLD,
bytes_generated: 0,
reseeder: rsdr
}
}
}
/// Something that can be used to reseed an RNG via `ReseedingRng`.
///
/// # Example
///
/// ```rust
/// use rand::{Rng, SeedableRng, StdRng};
/// use rand::reseeding::{Reseeder, ReseedingRng};
///
/// struct TickTockReseeder { tick: bool }
/// impl Reseeder<StdRng> for TickTockReseeder {
/// fn reseed(&mut self, rng: &mut StdRng) {
/// let val = if self.tick {0} else {1};
/// rng.reseed(&[val]);
/// self.tick = !self.tick;
/// }
/// }
/// fn main() {
/// let rsdr = TickTockReseeder { tick: true };
///
/// let inner = StdRng::new().unwrap();
/// let mut rng = ReseedingRng::new(inner, 10, rsdr);
///
/// // this will repeat, because it gets reseeded very regularly.
/// let s: String = rng.gen_ascii_chars().take(100).collect();
/// println!("{}", s);
/// }
///
/// ```
pub trait Reseeder<R> {
/// Reseed the given RNG.
fn reseed(&mut self, rng: &mut R);
}
/// Reseed an RNG using a `Default` instance. This reseeds by
/// replacing the RNG with the result of a `Default::default` call.
#[derive(Clone, Copy, Debug)]
pub struct ReseedWithDefault;
impl<R: Rng + Default> Reseeder<R> for ReseedWithDefault {
fn reseed(&mut self, rng: &mut R) {
*rng = Default::default();
}
}
impl Default for ReseedWithDefault {
fn default() -> ReseedWithDefault { ReseedWithDefault }
}
#[cfg(test)]
mod test {
use std::default::Default;
use std::iter::repeat;
use super::{ReseedingRng, ReseedWithDefault};
use {SeedableRng, Rng};
struct Counter {
i: u32
}
impl Rng for Counter {
fn next_u32(&mut self) -> u32 {
self.i += 1;
// very random
self.i - 1
}
}
impl Default for Counter {
fn default() -> Counter {
Counter { i: 0 }
}
}
impl SeedableRng<u32> for Counter {
fn reseed(&mut self, seed: u32) {
self.i = seed;
}
fn from_seed(seed: u32) -> Counter {
Counter { i: seed }
}
}
type MyRng = ReseedingRng<Counter, ReseedWithDefault>;
#[test]
fn test_reseeding() {
let mut rs = ReseedingRng::new(Counter {i:0}, 400, ReseedWithDefault);
let mut i = 0;
for _ in 0..1000 {
assert_eq!(rs.next_u32(), i % 100);
i += 1;
}
}
#[test]
fn test_rng_seeded() {
let mut ra: MyRng = SeedableRng::from_seed((ReseedWithDefault, 2));
let mut rb: MyRng = SeedableRng::from_seed((ReseedWithDefault, 2));
assert!(::test::iter_eq(ra.gen_ascii_chars().take(100),
rb.gen_ascii_chars().take(100)));
}
#[test]
fn test_rng_reseed() {
let mut r: MyRng = SeedableRng::from_seed((ReseedWithDefault, 3));
let string1: String = r.gen_ascii_chars().take(100).collect();
r.reseed((ReseedWithDefault, 3));
let string2: String = r.gen_ascii_chars().take(100).collect();
assert_eq!(string1, string2);
}
const FILL_BYTES_V_LEN: usize = 13579;
#[test]
fn test_rng_fill_bytes() {
let mut v = repeat(0u8).take(FILL_BYTES_V_LEN).collect::<Vec<_>>();
::test::rng().fill_bytes(&mut v);
// Sanity test: if we've gotten here, `fill_bytes` has not infinitely
// recursed.
assert_eq!(v.len(), FILL_BYTES_V_LEN);
// To test that `fill_bytes` actually did something, check that the
// average of `v` is not 0.
let mut sum = 0.0;
for &x in v.iter() {
sum += x as f64;
}
assert!(sum / v.len() as f64 != 0.0);
}
}

View File

@ -1,337 +0,0 @@
// Copyright 2017 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
//! Functions for randomly accessing and sampling sequences.
use super::Rng;
// This crate is only enabled when either std or alloc is available.
// BTreeMap is not as fast in tests, but better than nothing.
#[cfg(feature="std")] use std::collections::HashMap;
#[cfg(not(feature="std"))] use alloc::btree_map::BTreeMap;
#[cfg(not(feature="std"))] use alloc::Vec;
/// Randomly sample `amount` elements from a finite iterator.
///
/// The following can be returned:
/// - `Ok`: `Vec` of `amount` non-repeating randomly sampled elements. The order is not random.
/// - `Err`: `Vec` of all the elements from `iterable` in sequential order. This happens when the
/// length of `iterable` was less than `amount`. This is considered an error since exactly
/// `amount` elements is typically expected.
///
/// This implementation uses `O(len(iterable))` time and `O(amount)` memory.
///
/// # Example
///
/// ```rust
/// use rand::{thread_rng, seq};
///
/// let mut rng = thread_rng();
/// let sample = seq::sample_iter(&mut rng, 1..100, 5).unwrap();
/// println!("{:?}", sample);
/// ```
pub fn sample_iter<T, I, R>(rng: &mut R, iterable: I, amount: usize) -> Result<Vec<T>, Vec<T>>
where I: IntoIterator<Item=T>,
R: Rng,
{
let mut iter = iterable.into_iter();
let mut reservoir = Vec::with_capacity(amount);
reservoir.extend(iter.by_ref().take(amount));
// Continue unless the iterator was exhausted
//
// note: this prevents iterators that "restart" from causing problems.
// If the iterator stops once, then so do we.
if reservoir.len() == amount {
for (i, elem) in iter.enumerate() {
let k = rng.gen_range(0, i + 1 + amount);
if let Some(spot) = reservoir.get_mut(k) {
*spot = elem;
}
}
Ok(reservoir)
} else {
// Don't hang onto extra memory. There is a corner case where
// `amount` was much less than `len(iterable)`.
reservoir.shrink_to_fit();
Err(reservoir)
}
}
/// Randomly sample exactly `amount` values from `slice`.
///
/// The values are non-repeating and in random order.
///
/// This implementation uses `O(amount)` time and memory.
///
/// Panics if `amount > slice.len()`
///
/// # Example
///
/// ```rust
/// use rand::{thread_rng, seq};
///
/// let mut rng = thread_rng();
/// let values = vec![5, 6, 1, 3, 4, 6, 7];
/// println!("{:?}", seq::sample_slice(&mut rng, &values, 3));
/// ```
pub fn sample_slice<R, T>(rng: &mut R, slice: &[T], amount: usize) -> Vec<T>
where R: Rng,
T: Clone
{
let indices = sample_indices(rng, slice.len(), amount);
let mut out = Vec::with_capacity(amount);
out.extend(indices.iter().map(|i| slice[*i].clone()));
out
}
/// Randomly sample exactly `amount` references from `slice`.
///
/// The references are non-repeating and in random order.
///
/// This implementation uses `O(amount)` time and memory.
///
/// Panics if `amount > slice.len()`
///
/// # Example
///
/// ```rust
/// use rand::{thread_rng, seq};
///
/// let mut rng = thread_rng();
/// let values = vec![5, 6, 1, 3, 4, 6, 7];
/// println!("{:?}", seq::sample_slice_ref(&mut rng, &values, 3));
/// ```
pub fn sample_slice_ref<'a, R, T>(rng: &mut R, slice: &'a [T], amount: usize) -> Vec<&'a T>
where R: Rng
{
let indices = sample_indices(rng, slice.len(), amount);
let mut out = Vec::with_capacity(amount);
out.extend(indices.iter().map(|i| &slice[*i]));
out
}
/// Randomly sample exactly `amount` indices from `0..length`.
///
/// The values are non-repeating and in random order.
///
/// This implementation uses `O(amount)` time and memory.
///
/// This method is used internally by the slice sampling methods, but it can sometimes be useful to
/// have the indices themselves so this is provided as an alternative.
///
/// Panics if `amount > length`
pub fn sample_indices<R>(rng: &mut R, length: usize, amount: usize) -> Vec<usize>
where R: Rng,
{
if amount > length {
panic!("`amount` must be less than or equal to `slice.len()`");
}
// We are going to have to allocate at least `amount` for the output no matter what. However,
// if we use the `cached` version we will have to allocate `amount` as a HashMap as well since
// it inserts an element for every loop.
//
// Therefore, if `amount >= length / 2` then inplace will be both faster and use less memory.
// In fact, benchmarks show the inplace version is faster for length up to about 20 times
// faster than amount.
//
// TODO: there is probably even more fine-tuning that can be done here since
// `HashMap::with_capacity(amount)` probably allocates more than `amount` in practice,
// and a trade off could probably be made between memory/cpu, since hashmap operations
// are slower than array index swapping.
if amount >= length / 20 {
sample_indices_inplace(rng, length, amount)
} else {
sample_indices_cache(rng, length, amount)
}
}
/// Sample an amount of indices using an inplace partial fisher yates method.
///
/// This allocates the entire `length` of indices and randomizes only the first `amount`.
/// It then truncates to `amount` and returns.
///
/// This is better than using a HashMap "cache" when `amount >= length / 2` since it does not
/// require allocating an extra cache and is much faster.
fn sample_indices_inplace<R>(rng: &mut R, length: usize, amount: usize) -> Vec<usize>
where R: Rng,
{
debug_assert!(amount <= length);
let mut indices: Vec<usize> = Vec::with_capacity(length);
indices.extend(0..length);
for i in 0..amount {
let j: usize = rng.gen_range(i, length);
let tmp = indices[i];
indices[i] = indices[j];
indices[j] = tmp;
}
indices.truncate(amount);
debug_assert_eq!(indices.len(), amount);
indices
}
/// This method performs a partial fisher-yates on a range of indices using a HashMap
/// as a cache to record potential collisions.
///
/// The cache avoids allocating the entire `length` of values. This is especially useful when
/// `amount <<< length`, i.e. select 3 non-repeating from 1_000_000
fn sample_indices_cache<R>(
rng: &mut R,
length: usize,
amount: usize,
) -> Vec<usize>
where R: Rng,
{
debug_assert!(amount <= length);
#[cfg(feature="std")] let mut cache = HashMap::with_capacity(amount);
#[cfg(not(feature="std"))] let mut cache = BTreeMap::new();
let mut out = Vec::with_capacity(amount);
for i in 0..amount {
let j: usize = rng.gen_range(i, length);
// equiv: let tmp = slice[i];
let tmp = match cache.get(&i) {
Some(e) => *e,
None => i,
};
// equiv: slice[i] = slice[j];
let x = match cache.get(&j) {
Some(x) => *x,
None => j,
};
// equiv: slice[j] = tmp;
cache.insert(j, tmp);
// note that in the inplace version, slice[i] is automatically "returned" value
out.push(x);
}
debug_assert_eq!(out.len(), amount);
out
}
#[cfg(test)]
mod test {
use super::*;
use {thread_rng, XorShiftRng, SeedableRng};
#[test]
fn test_sample_iter() {
let min_val = 1;
let max_val = 100;
let mut r = thread_rng();
let vals = (min_val..max_val).collect::<Vec<i32>>();
let small_sample = sample_iter(&mut r, vals.iter(), 5).unwrap();
let large_sample = sample_iter(&mut r, vals.iter(), vals.len() + 5).unwrap_err();
assert_eq!(small_sample.len(), 5);
assert_eq!(large_sample.len(), vals.len());
// no randomization happens when amount >= len
assert_eq!(large_sample, vals.iter().collect::<Vec<_>>());
assert!(small_sample.iter().all(|e| {
**e >= min_val && **e <= max_val
}));
}
#[test]
fn test_sample_slice_boundaries() {
let empty: &[u8] = &[];
let mut r = thread_rng();
// sample 0 items
assert_eq!(sample_slice(&mut r, empty, 0), vec![]);
assert_eq!(sample_slice(&mut r, &[42, 2, 42], 0), vec![]);
// sample 1 item
assert_eq!(sample_slice(&mut r, &[42], 1), vec![42]);
let v = sample_slice(&mut r, &[1, 42], 1)[0];
assert!(v == 1 || v == 42);
// sample "all" the items
let v = sample_slice(&mut r, &[42, 133], 2);
assert!(v == vec![42, 133] || v == vec![133, 42]);
assert_eq!(sample_indices_inplace(&mut r, 0, 0), vec![]);
assert_eq!(sample_indices_inplace(&mut r, 1, 0), vec![]);
assert_eq!(sample_indices_inplace(&mut r, 1, 1), vec![0]);
assert_eq!(sample_indices_cache(&mut r, 0, 0), vec![]);
assert_eq!(sample_indices_cache(&mut r, 1, 0), vec![]);
assert_eq!(sample_indices_cache(&mut r, 1, 1), vec![0]);
// Make sure lucky 777's aren't lucky
let slice = &[42, 777];
let mut num_42 = 0;
let total = 1000;
for _ in 0..total {
let v = sample_slice(&mut r, slice, 1);
assert_eq!(v.len(), 1);
let v = v[0];
assert!(v == 42 || v == 777);
if v == 42 {
num_42 += 1;
}
}
let ratio_42 = num_42 as f64 / 1000 as f64;
assert!(0.4 <= ratio_42 || ratio_42 <= 0.6, "{}", ratio_42);
}
#[test]
fn test_sample_slice() {
let xor_rng = XorShiftRng::from_seed;
let max_range = 100;
let mut r = thread_rng();
for length in 1usize..max_range {
let amount = r.gen_range(0, length);
let seed: [u32; 4] = [
r.next_u32(), r.next_u32(), r.next_u32(), r.next_u32()
];
println!("Selecting indices: len={}, amount={}, seed={:?}", length, amount, seed);
// assert that the two index methods give exactly the same result
let inplace = sample_indices_inplace(
&mut xor_rng(seed), length, amount);
let cache = sample_indices_cache(
&mut xor_rng(seed), length, amount);
assert_eq!(inplace, cache);
// assert the basics work
let regular = sample_indices(
&mut xor_rng(seed), length, amount);
assert_eq!(regular.len(), amount);
assert!(regular.iter().all(|e| *e < length));
assert_eq!(regular, inplace);
// also test that sampling the slice works
let vec: Vec<usize> = (0..length).collect();
{
let result = sample_slice(&mut xor_rng(seed), &vec, amount);
assert_eq!(result, regular);
}
{
let result = sample_slice_ref(&mut xor_rng(seed), &vec, amount);
let expected = regular.iter().map(|v| v).collect::<Vec<_>>();
assert_eq!(result, expected);
}
}
}
}

Some files were not shown because too many files have changed in this diff Show More