grand: Document this is not for cryptographic purposes

While this is obvious to seasoned experts upon inspection, it is really worth documenting explicitly. https://bugzilla.gnome.org/show_bug.cgi?id=710736
2024-11-10 19:36:18 +01:00 · 2013-10-23 16:41:09 -04:00 · 2013-10-23 16:41:09 -04:00 · 1e1e2d1ff7
commit 1e1e2d1ff7
parent 856d901569
1 changed files with 16 additions and 4 deletions
--- a/glib/grand.c
+++ b/glib/grand.c
@ -65,10 +65,22 @@
 * @short_description: pseudo-random number generator
 *
 * The following functions allow you to use a portable, fast and good
- * pseudo-random number generator (PRNG). It uses the Mersenne Twister
- * PRNG, which was originally developed by Makoto Matsumoto and Takuji
- * Nishimura. Further information can be found at
- * <ulink url="http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html">
+ * pseudo-random number generator (PRNG).
+ * 
+ * <warning><para>Do not use this API for cryptographic purposes such as key
+ * generation, nonces, salts or one-time pads.</para></warning>
+ *
+ * This PRNG is suitable for non-cryptographic use such as in games
+ * (shuffling a card deck, generating levels), generating data for a
+ * test suite, etc. If you need random data for cryptographic
+ * purposes, it is recommended to use platform-specific APIs such as
+ * <literal>/dev/random</literal> on Unix, or CryptGenRandom() on
+ * Windows.
+ *
+ * GRand uses the Mersenne Twister PRNG, which was originally
+ * developed by Makoto Matsumoto and Takuji Nishimura. Further
+ * information can be found at <ulink
+ * url="http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html">
 * http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html</ulink>.
 *
 * If you just need a random number, you simply call the