1use rand_core::{CryptoRng, RngCore};
2
3pub struct SafeShuffler<R: CryptoRng + RngCore> {
4 rng: R,
5}
6
7impl<R: CryptoRng + RngCore> SafeShuffler<R> {
8 pub fn new(rng: R) -> Self {
9 SafeShuffler { rng }
10 }
11
12 pub fn shuffle<T>(&mut self, mut seq: Vec<T>) -> Vec<T> {
13 for i in 0..seq.len() {
14 let index = self.safe_range(seq.len());
15 seq.swap(i, index as usize);
16 }
17 seq
18 }
19
20 fn safe_range(&mut self, upper_bound: usize) -> usize {
21 let _word_size = usize::BITS / 8;
22
23 let bit_length = usize::MAX.count_ones() - upper_bound.leading_zeros();
24 let min_byte_length = (bit_length + 7) / 8;
25
26 let mut buffer: [u8; 8] = [0; 8];
27 let mut num: usize;
28
29 loop {
30 self.rng.fill_bytes(&mut buffer);
31
32 let byte_mask = (1 << (min_byte_length * 8)) - 1;
33 let msb_offset = 8 - (bit_length & 7);
34 let bit_mask = byte_mask >> msb_offset;
35
36 let unmasked = usize::from_be_bytes(buffer);
37 num = unmasked & bit_mask;
38
39 if num < upper_bound {
40 break;
41 }
42 }
43 num
44 }
45}