Due to SecureRandom API, any changes to it would break consumers. The needed performance improvements that I wish to see cannot be done because of this.
As such, a new module library/crypto-rand must be created with the new implementation, and SecureRandom deprecated pointing to the new crypto-rand publication.
The new implementation should not extend Java's SecureRandom class, as it has public functions accessible that are bad APIs to use regarding procurement of cryptographically secure random data (the seeding APIs).
public abstract class CryptoRand @DelicateCryptoRandApi protected constructor() {
// @Throws(RNGException::class)
public abstract fun nextBytesCopyTo(buf: ByteArray)
// TODO: default functions that use nextBytesCopyTo
public companion object Default: CryptoRand() {
public override fun nextBytesCopyTo(buf: ByteArray) {
// TODO: platform inline fun implementation
}
}
}
Due to
SecureRandomAPI, any changes to it would break consumers. The needed performance improvements that I wish to see cannot be done because of this.As such, a new module
library/crypto-randmust be created with the new implementation, andSecureRandomdeprecated pointing to the newcrypto-randpublication.The new implementation should not extend Java's
SecureRandomclass, as it has public functions accessible that are bad APIs to use regarding procurement of cryptographically secure random data (the seeding APIs).