luciano/nippy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[Crypto] Rename prng->srng

Browse source 
Better reflects the fact that the source of randomness is now
actually conditional (e.g. via InstanceStrong).
This commit is contained in:
Peter Taoussanis 2018-10-07 09:38:02 +02:00
parent 90f0ff9315
commit cfc904799b
1 changed files with 11 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
src/taoensso/nippy/crypto.clj
View file

@ -12,25 +12,25 @@
(do (do
(enc/compile-if (fn [] (java.security.SecureRandom/getInstanceStrong)) ; Java 8+, blocking (enc/compile-if (fn [] (java.security.SecureRandom/getInstanceStrong)) ; Java 8+, blocking
(def ^:private prng* (enc/thread-local-proxy (java.security.SecureRandom/getInstanceStrong))) (def ^:private srng* (enc/thread-local-proxy (java.security.SecureRandom/getInstanceStrong)))
(def ^:private prng* (enc/thread-local-proxy (java.security.SecureRandom/getInstance "SHA1PRNG")))) (def ^:private srng* (enc/thread-local-proxy (java.security.SecureRandom/getInstance "SHA1SRNG"))))
(defn prng (defn srng
"Favours security over performance. May block while waiting on system entropy!" "Favours security over performance. May block while waiting on system entropy!"
^java.security.SecureRandom [] ^java.security.SecureRandom []
(let [rng ^java.security.SecureRandom (.get ^ThreadLocal prng*)] (let [rng ^java.security.SecureRandom (.get ^ThreadLocal srng*)]
;; Occasionally supplement current seed for extra security. ;; Occasionally supplement current seed for extra security.
;; Otherwise an attacker could *theoretically* observe large amounts of ;; Otherwise an attacker could *theoretically* observe large amounts of
;; prng output to determine initial seed, Ref. https://goo.gl/MPM91w ;; srng output to determine initial seed, Ref. https://goo.gl/MPM91w
(when (< (.nextDouble rng) 2.44140625E-4) (.setSeed rng (.generateSeed rng 8))) (when (< (.nextDouble rng) 2.44140625E-4) (.setSeed rng (.generateSeed rng 8)))
rng)) rng))
(defn rand-bytes "Uses `prng`" ^bytes [size] (let [ba (byte-array size)] (.nextBytes (prng) ba) ba)) (defn rand-bytes "Uses `srng`" ^bytes [size] (let [ba (byte-array size)] (.nextBytes (srng) ba) ba))
(defn rand-double "Uses `prng`" ^double [] (.nextDouble (prng))) (defn rand-double "Uses `srng`" ^double [] (.nextDouble (srng)))
(defn rand-long "Uses `prng`" ^long [] (.nextLong (prng))) (defn rand-long "Uses `srng`" ^long [] (.nextLong (srng)))
(defn rand-gauss "Uses `prng`" ^double [] (.nextGaussian (prng))) (defn rand-gauss "Uses `srng`" ^double [] (.nextGaussian (srng)))
(defn rand-bool "Uses `prng`" [] (.nextBoolean (prng))) (defn rand-bool "Uses `srng`" [] (.nextBoolean (srng)))
(defn rand-nth "Uses `prng`" (defn rand-nth "Uses `srng`"
[coll] (nth coll (int (* (rand-double) (count coll)))))) [coll] (nth coll (int (* (rand-double) (count coll))))))
(comment (seq (rand-bytes 16))) (comment (seq (rand-bytes 16)))