// Copyright 2010 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

//go:build unix

// Unix cryptographically secure pseudorandom number
// generator.

package rand

import (
	
	
	
	
	
	
	
	
)

const urandomDevice = "/dev/urandom"

func init() {
	if boring.Enabled {
		Reader = boring.RandReader
		return
	}
	Reader = &reader{}
}

// A reader satisfies reads by reading from urandomDevice
type reader struct {
	f    io.Reader
	mu   sync.Mutex
	used atomic.Uint32 // Atomic: 0 - never used, 1 - used, but f == nil, 2 - used, and f != nil
}

// altGetRandom if non-nil specifies an OS-specific function to get
// urandom-style randomness.
var altGetRandom func([]byte) (err error)

func warnBlocked() {
	println("crypto/rand: blocked for 60 seconds waiting to read random data from the kernel")
}

func ( *reader) ( []byte) ( int,  error) {
	boring.Unreachable()
	if .used.CompareAndSwap(0, 1) {
		// First use of randomness. Start timer to warn about
		// being blocked on entropy not being available.
		 := time.AfterFunc(time.Minute, warnBlocked)
		defer .Stop()
	}
	if altGetRandom != nil && altGetRandom() == nil {
		return len(), nil
	}
	if .used.Load() != 2 {
		.mu.Lock()
		if .used.Load() != 2 {
			,  := os.Open(urandomDevice)
			if  != nil {
				.mu.Unlock()
				return 0, 
			}
			.f = hideAgainReader{}
			.used.Store(2)
		}
		.mu.Unlock()
	}
	return io.ReadFull(.f, )
}

// hideAgainReader masks EAGAIN reads from /dev/urandom.
// See golang.org/issue/9205
type hideAgainReader struct {
	r io.Reader
}

func ( hideAgainReader) ( []byte) ( int,  error) {
	,  = .r.Read()
	if errors.Is(, syscall.EAGAIN) {
		 = nil
	}
	return
}