Remove direct dependency on rand and rand_core (#193)

Author: complexspaces

Cargo.toml

@@ -42,7 +42,7 @@ xchachapoly = ["use-xchacha20poly1305"]
 
 # Enable std features on dependencies if possible.
 std = [
-    "rand_core/std",
+    "getrandom/std",
     "subtle/std",
     "ring/std",
     "blake2/std",
@@ -73,8 +73,7 @@ harness = false
 travis-ci = { repository = "mcginty/snow", branch = "master" }
 
 [dependencies]
-# TODO: Waiting on https://github.com/RustCrypto/traits/issues/1642
-rand_core = { version = "0.9", default-features = false, features = ["os_rng"] }
+getrandom = { version = "0.3" }
 subtle = { version = "2.4", default-features = false }
 
 # default crypto provider
@@ -101,8 +100,7 @@ serde_json = "1.0"
 serde_derive = "1.0"
 hex = "0.4"
 x25519-dalek = "2.0"
-# TODO: Waiting on https://github.com/RustCrypto/traits/issues/1642
-rand = "0.9"
+rand_core = { version = "0.9", default-features = false }
 
 [build-dependencies]
 rustc_version = "0.4"

src/resolvers/default.rs

@@ -45,7 +45,16 @@ use crate::{
     types::{Cipher, Dh, Hash, Random},
     Error,
 };
-use rand_core::OsRng;
+
+// NB: Intentionally private so RNG details aren't leaked into
+// the public API.
+struct OsRng;
+
+impl Random for OsRng {
+    fn try_fill_bytes(&mut self, dest: &mut [u8]) -> Result<(), Error> {
+        getrandom::fill(dest).map_err(|_| Error::Rng)
+    }
+}
 
 /// The default resolver provided by snow. This resolver is designed to
 /// support as many of the Noise spec primitives as possible with
@@ -177,12 +186,6 @@ struct Kyber1024 {
     pubkey: kyber1024::PublicKey,
 }
 
-impl Random for OsRng {
-    fn try_fill_bytes(&mut self, dest: &mut [u8]) -> Result<(), Error> {
-        <Self as rand_core::TryRngCore>::try_fill_bytes(self, dest).map_err(|_| Error::Rng)
-    }
-}
-
 #[cfg(feature = "use-curve25519")]
 impl Dh25519 {
     fn derive_pubkey(&mut self) {

src/resolvers/ring.rs

@@ -45,6 +45,8 @@ impl CryptoResolver for RingResolver {
     }
 }
 
+// NB: Intentionally private so RNG details aren't leaked into
+// the public API.
 struct RingRng {
     rng: SystemRandom,
 }

tests/vectors.rs

@@ -4,7 +4,6 @@
 extern crate serde_derive;
 
 use hex::FromHex;
-use rand::RngCore;
 use serde::{
     de::{self, Deserialize, Deserializer, Unexpected, Visitor},
     ser::{Serialize, Serializer},
@@ -306,15 +305,13 @@ fn test_vectors_from_json(json: &str) {
 
 fn random_slice<const N: usize>() -> [u8; N] {
     let mut v = [0_u8; N];
-    let mut rng = rand::rng();
-    rng.fill_bytes(&mut v);
+    getrandom::fill(&mut v).unwrap();
     v
 }
 
 fn random_vec(size: usize) -> Vec<u8> {
     let mut v = vec![0_u8; size];
-    let mut rng = rand::rng();
-    rng.fill_bytes(&mut v);
+    getrandom::fill(&mut v).unwrap();
     v
 }