- 
                Notifications
    You must be signed in to change notification settings 
- Fork 13.9k
Description
Ugh. #101011 probably needs reverting before 1.65 hits stable, or Rust apps may1 fail AppStore review on iOS and tvOS.
Apparently, getentropy on Darwin platforms is actually only considered public API on MacOS. This is surprising, since there are several indications to the contrary:
- 
In the declaration in the public header ( sys/random.h) on MacOS, it has a availability annotation that indicates it's fine in iOS/tvOS 10.0 and watchOS 3.0:int getentropy(void* buffer, size_t size) __OSX_AVAILABLE(10.12) __IOS_AVAILABLE(10.0) __TVOS_AVAILABLE(10.0) __WATCHOS_AVAILABLE(3.0); 
- 
Apple's security guidelines say to use it for random number generation. 
Sadly, does seem to indeed be true that sys/random.h does not exist in any of the platform SDKs aside from MacOSX.sdk, and it also seems to have lead to one to iOS App Store rejection. TBH, it being an accidentally missing file feels plausible, but who knows and it doesn't matter anyway.
This is a bummer, and I guess now I know, I can't really trust the the available annotations anymore.
Footnotes
- 
There's actually a good chance that our use of weak!evades this detection, but I don't want to rely on this or make random Rust apps test it for us. ↩