kernel: replace various custom random iv buffer filling functions with calls to prng()
This commit is contained in:
parent
b137763fe7
commit
a121806126
|
@ -15,7 +15,7 @@
|
|||
|
||||
#include "ip.h"
|
||||
#include "ipv6.h"
|
||||
#include "libsec.h"
|
||||
#include <libsec.h>
|
||||
|
||||
#define BITS2BYTES(bi) (((bi) + BI2BY - 1) / BI2BY)
|
||||
#define BYTES2BITS(by) ((by) * BI2BY)
|
||||
|
@ -840,15 +840,13 @@ static void
|
|||
aescbcespinit(Espcb *ecb, char *name, uchar *k, unsigned n)
|
||||
{
|
||||
uchar key[Aeskeysz], ivec[Aeskeysz];
|
||||
int i;
|
||||
|
||||
n = BITS2BYTES(n);
|
||||
if(n > Aeskeysz)
|
||||
n = Aeskeysz;
|
||||
memset(key, 0, sizeof(key));
|
||||
memmove(key, k, n);
|
||||
for(i = 0; i < Aeskeysz; i++)
|
||||
ivec[i] = nrand(256);
|
||||
prng(ivec, Aeskeysz);
|
||||
ecb->espalg = name;
|
||||
ecb->espblklen = Aesblk;
|
||||
ecb->espivlen = Aesblk;
|
||||
|
@ -900,15 +898,13 @@ static void
|
|||
aesctrespinit(Espcb *ecb, char *name, uchar *k, unsigned n)
|
||||
{
|
||||
uchar key[Aesblk], ivec[Aesblk];
|
||||
int i;
|
||||
|
||||
n = BITS2BYTES(n);
|
||||
if(n > Aeskeysz)
|
||||
n = Aeskeysz;
|
||||
memset(key, 0, sizeof(key));
|
||||
memmove(key, k, n);
|
||||
for(i = 0; i < Aesblk; i++)
|
||||
ivec[i] = nrand(256);
|
||||
prng(ivec, Aesblk);
|
||||
ecb->espalg = name;
|
||||
ecb->espblklen = Aesblk;
|
||||
ecb->espivlen = Aesblk;
|
||||
|
@ -1010,15 +1006,13 @@ static void
|
|||
desespinit(Espcb *ecb, char *name, uchar *k, unsigned n)
|
||||
{
|
||||
uchar key[Desblk], ivec[Desblk];
|
||||
int i;
|
||||
|
||||
n = BITS2BYTES(n);
|
||||
if(n > Desblk)
|
||||
n = Desblk;
|
||||
memset(key, 0, sizeof(key));
|
||||
memmove(key, k, n);
|
||||
for(i = 0; i < Desblk; i++)
|
||||
ivec[i] = nrand(256);
|
||||
prng(ivec, Desblk);
|
||||
ecb->espalg = name;
|
||||
ecb->espblklen = Desblk;
|
||||
ecb->espivlen = Desblk;
|
||||
|
@ -1034,15 +1028,13 @@ static void
|
|||
des3espinit(Espcb *ecb, char *name, uchar *k, unsigned n)
|
||||
{
|
||||
uchar key[3][Desblk], ivec[Desblk];
|
||||
int i;
|
||||
|
||||
n = BITS2BYTES(n);
|
||||
if(n > Des3keysz)
|
||||
n = Des3keysz;
|
||||
memset(key, 0, sizeof(key));
|
||||
memmove(key, k, n);
|
||||
for(i = 0; i < Desblk; i++)
|
||||
ivec[i] = nrand(256);
|
||||
prng(ivec, Desblk);
|
||||
ecb->espalg = name;
|
||||
ecb->espblklen = Desblk;
|
||||
ecb->espivlen = Desblk;
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
#include "io.h"
|
||||
#include "ureg.h"
|
||||
#include "../port/error.h"
|
||||
#include "libsec.h"
|
||||
#include <libsec.h>
|
||||
|
||||
int dec16(uchar *out, int lim, char *in, int n);
|
||||
|
||||
|
|
|
@ -1998,7 +1998,6 @@ descipherinit(Conv *c)
|
|||
{
|
||||
uchar key[8];
|
||||
uchar ivec[8];
|
||||
int i;
|
||||
int n = c->cipher->keylen;
|
||||
|
||||
cipherfree(c);
|
||||
|
@ -2019,8 +2018,7 @@ descipherinit(Conv *c)
|
|||
/* out */
|
||||
memset(key, 0, sizeof(key));
|
||||
setkey(key, n, &c->out, "cipher");
|
||||
for(i=0; i<8; i++)
|
||||
ivec[i] = nrand(256);
|
||||
prng(ivec, 8);
|
||||
c->out.cipherblklen = 8;
|
||||
c->out.cipherivlen = 8;
|
||||
c->out.cipher = desencrypt;
|
||||
|
|
|
@ -680,17 +680,6 @@ sslread(Chan *c, void *a, long n, vlong off)
|
|||
return n;
|
||||
}
|
||||
|
||||
/*
|
||||
* this algorithm doesn't have to be great since we're just
|
||||
* trying to obscure the block fill
|
||||
*/
|
||||
static void
|
||||
randfill(uchar *buf, int len)
|
||||
{
|
||||
while(len-- > 0)
|
||||
*buf++ = nrand(256);
|
||||
}
|
||||
|
||||
static long
|
||||
sslbwrite(Chan *c, Block *b, ulong)
|
||||
{
|
||||
|
@ -779,7 +768,7 @@ sslput(Dstate *s, Block * volatile b)
|
|||
/* SSL style count */
|
||||
if(pad){
|
||||
nb = padblock(nb, -pad);
|
||||
randfill(nb->wp, pad);
|
||||
prng(nb->wp, pad);
|
||||
nb->wp += pad;
|
||||
m += pad;
|
||||
|
||||
|
|
|
@ -1234,13 +1234,6 @@ tlsread(Chan *c, void *a, long n, vlong off)
|
|||
return n;
|
||||
}
|
||||
|
||||
static void
|
||||
randfill(uchar *buf, int len)
|
||||
{
|
||||
while(len-- > 0)
|
||||
*buf++ = nrand(256);
|
||||
}
|
||||
|
||||
/*
|
||||
* write a block in tls records
|
||||
*/
|
||||
|
@ -1325,7 +1318,7 @@ if(tr->debug)pdump(BLEN(b), b->rp, "sent:");
|
|||
n = (*sec->aead_enc)(sec, aad, aadlen, p + RecHdrLen, p + RecHdrLen + ivlen, n) + ivlen;
|
||||
else {
|
||||
if(ivlen > 0)
|
||||
randfill(p + RecHdrLen, ivlen);
|
||||
prng(p + RecHdrLen, ivlen);
|
||||
packMac(sec, aad, aadlen, p + RecHdrLen + ivlen, n, p + RecHdrLen + ivlen + n);
|
||||
n = (*sec->enc)(sec, p + RecHdrLen, ivlen + n + maclen);
|
||||
}
|
||||
|
@ -1523,7 +1516,7 @@ initaesgcmkey(Encalg *ea, Secret *s, uchar *p, uchar *iv)
|
|||
s->maclen = 16;
|
||||
s->recivlen = 8;
|
||||
memmove(s->mackey, iv, ea->ivlen);
|
||||
randfill(s->mackey + ea->ivlen, s->recivlen);
|
||||
prng(s->mackey + ea->ivlen, s->recivlen);
|
||||
setupAESGCMstate(s->enckey, p, ea->keylen, nil, 0);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue