From f1c71b58d88bfa18fe6f116f6b1463d2db7cf15d Mon Sep 17 00:00:00 2001
From: Peter Taoussanis <ptaoussanis@gmail.com>
Date: Wed, 24 Jun 2020 12:28:20 +0200
Subject: [PATCH] [Crypto] Use `enc/srng`

---
 src/taoensso/nippy.clj        |  4 ++--
 src/taoensso/nippy/crypto.clj | 30 ++++++++----------------------
 2 files changed, 10 insertions(+), 24 deletions(-)

diff --git a/src/taoensso/nippy.clj b/src/taoensso/nippy.clj
index dec4102..06763e5 100644
--- a/src/taoensso/nippy.clj
+++ b/src/taoensso/nippy.clj
@@ -24,8 +24,8 @@
     LazySeq IRecord ISeq IType]))
 
 (if (vector? enc/encore-version)
-  (enc/assert-min-encore-version [2 67 1])
-  (enc/assert-min-encore-version  2.67))
+  (enc/assert-min-encore-version [2 121 0])
+  (enc/assert-min-encore-version  2.121))
 
 (comment
   (set! *unchecked-math* :warn-on-boxed)
diff --git a/src/taoensso/nippy/crypto.clj b/src/taoensso/nippy/crypto.clj
index 9bcc093..5d6a6a7 100644
--- a/src/taoensso/nippy/crypto.clj
+++ b/src/taoensso/nippy/crypto.clj
@@ -11,28 +11,14 @@
 ;;;; Randomness
 
 (do
-  (enc/compile-if (fn [] (java.security.SecureRandom/getInstanceStrong)) ; Java 8+, blocking
-    (def ^:private srng* (enc/thread-local-proxy (java.security.SecureRandom/getInstanceStrong)))
-    (def ^:private srng* (enc/thread-local-proxy (java.security.SecureRandom/getInstance "SHA1SRNG"))))
-
-  (defn srng
-    "Favours security over performance. May block while waiting on system entropy!"
-    ^java.security.SecureRandom []
-    (let [rng ^java.security.SecureRandom (.get ^ThreadLocal srng*)]
-      ;; Occasionally supplement current seed for extra security.
-      ;; Otherwise an attacker could *theoretically* observe large amounts of
-      ;; srng output to determine initial seed, Ref. https://goo.gl/MPM91w
-      (when (< (.nextDouble rng) 2.44140625E-4) (.setSeed rng (.generateSeed rng 8)))
-      rng))
-
-  (defn rand-nth    "Uses `srng`"         [coll] (nth coll (int (* (.nextDouble (srng)) (count coll)))))
-  (defn rand-bytes  "Uses `srng`" ^bytes  [size] (let [ba (byte-array size)] (.nextBytes    (srng) ba) ba))
-  (defn rand-double "Uses `srng`" ^double []                                 (.nextDouble   (srng)))
-  (defn rand-gauss  "Uses `srng`" ^double []                                 (.nextGaussian (srng)))
-  (defn rand-bool   "Uses `srng`"         []                                 (.nextBoolean  (srng)))
-  (defn rand-long   "Uses `srng`"
-    (^long   [ ]                   (.nextLong   (srng)))
-    (^long   [n] (long (* (long n) (.nextDouble (srng)))))))
+  (defn rand-nth            [coll]           (nth coll (int (* (.nextDouble   (enc/srng)) (count coll)))))
+  (defn rand-bytes  ^bytes  [size] (let [ba (byte-array size)] (.nextBytes    (enc/srng) ba) ba))
+  (defn rand-double ^double []                                 (.nextDouble   (enc/srng)))
+  (defn rand-gauss  ^double []                                 (.nextGaussian (enc/srng)))
+  (defn rand-bool           []                                 (.nextBoolean  (enc/srng)))
+  (defn rand-long
+    (^long   [ ]                   (.nextLong   (enc/srng)))
+    (^long   [n] (long (* (long n) (.nextDouble (enc/srng)))))))
 
 (comment
   (seq (rand-bytes 16))