kernel: replace various custom random iv buffer filling functions with calls to prng()

sys/src/9/ip/esp.c

@@ -15,7 +15,7 @@
 
 #include	"ip.h"
 #include	"ipv6.h"
-#include	"libsec.h"
+#include	<libsec.h>
 
 #define BITS2BYTES(bi) (((bi) + BI2BY - 1) / BI2BY)
 #define BYTES2BITS(by)  ((by) * BI2BY)
@@ -840,15 +840,13 @@ static void
 aescbcespinit(Espcb *ecb, char *name, uchar *k, unsigned n)
 {
 	uchar key[Aeskeysz], ivec[Aeskeysz];
-	int i;
 
 	n = BITS2BYTES(n);
 	if(n > Aeskeysz)
 		n = Aeskeysz;
 	memset(key, 0, sizeof(key));
 	memmove(key, k, n);
-	for(i = 0; i < Aeskeysz; i++)
-		ivec[i] = nrand(256);
+	prng(ivec, Aeskeysz);
 	ecb->espalg = name;
 	ecb->espblklen = Aesblk;
 	ecb->espivlen = Aesblk;
@@ -900,15 +898,13 @@ static void
 aesctrespinit(Espcb *ecb, char *name, uchar *k, unsigned n)
 {
 	uchar key[Aesblk], ivec[Aesblk];
-	int i;
 
 	n = BITS2BYTES(n);
 	if(n > Aeskeysz)
 		n = Aeskeysz;
 	memset(key, 0, sizeof(key));
 	memmove(key, k, n);
-	for(i = 0; i < Aesblk; i++)
-		ivec[i] = nrand(256);
+	prng(ivec, Aesblk);
 	ecb->espalg = name;
 	ecb->espblklen = Aesblk;
 	ecb->espivlen = Aesblk;
@@ -1010,15 +1006,13 @@ static void
 desespinit(Espcb *ecb, char *name, uchar *k, unsigned n)
 {
 	uchar key[Desblk], ivec[Desblk];
-	int i;
 
 	n = BITS2BYTES(n);
 	if(n > Desblk)
 		n = Desblk;
 	memset(key, 0, sizeof(key));
 	memmove(key, k, n);
-	for(i = 0; i < Desblk; i++)
-		ivec[i] = nrand(256);
+	prng(ivec, Desblk);
 	ecb->espalg = name;
 	ecb->espblklen = Desblk;
 	ecb->espivlen = Desblk;
@@ -1034,15 +1028,13 @@ static void
 des3espinit(Espcb *ecb, char *name, uchar *k, unsigned n)
 {
 	uchar key[3][Desblk], ivec[Desblk];
-	int i;
 
 	n = BITS2BYTES(n);
 	if(n > Des3keysz)
 		n = Des3keysz;
 	memset(key, 0, sizeof(key));
 	memmove(key, k, n);
-	for(i = 0; i < Desblk; i++)
-		ivec[i] = nrand(256);
+	prng(ivec, Desblk);
 	ecb->espalg = name;
 	ecb->espblklen = Desblk;
 	ecb->espivlen = Desblk;

sys/src/9/port/devfs.c

@@ -21,7 +21,7 @@
 #include "io.h"
 #include "ureg.h"
 #include "../port/error.h"
-#include "libsec.h"
+#include <libsec.h>
 
 int  dec16(uchar *out, int lim, char *in, int n);
 

sys/src/9/port/devsdp.c

@@ -1998,7 +1998,6 @@ descipherinit(Conv *c)
 {
 	uchar key[8];
 	uchar ivec[8];
-	int i;
 	int n = c->cipher->keylen;
 
 	cipherfree(c);
@@ -2019,8 +2018,7 @@ descipherinit(Conv *c)
 	/* out */
 	memset(key, 0, sizeof(key));
 	setkey(key, n, &c->out, "cipher");
-	for(i=0; i<8; i++)
-		ivec[i] = nrand(256);
+	prng(ivec, 8);
 	c->out.cipherblklen = 8;
 	c->out.cipherivlen = 8;
 	c->out.cipher = desencrypt;

sys/src/9/port/devssl.c

@@ -680,17 +680,6 @@ sslread(Chan *c, void *a, long n, vlong off)
 	return n;
 }
 
-/*
- *  this algorithm doesn't have to be great since we're just
- *  trying to obscure the block fill
- */
-static void
-randfill(uchar *buf, int len)
-{
-	while(len-- > 0)
-		*buf++ = nrand(256);
-}
-
 static long
 sslbwrite(Chan *c, Block *b, ulong)
 {
@@ -779,7 +768,7 @@ sslput(Dstate *s, Block * volatile b)
 		/* SSL style count */
 		if(pad){
 			nb = padblock(nb, -pad);
-			randfill(nb->wp, pad);
+			prng(nb->wp, pad);
 			nb->wp += pad;
 			m += pad;
 

sys/src/9/port/devtls.c

@@ -1234,13 +1234,6 @@ tlsread(Chan *c, void *a, long n, vlong off)
 	return n;
 }
 
-static void
-randfill(uchar *buf, int len)
-{
-	while(len-- > 0)
-		*buf++ = nrand(256);
-}
-
 /*
  *  write a block in tls records
  */
@@ -1325,7 +1318,7 @@ if(tr->debug)pdump(BLEN(b), b->rp, "sent:");
 				n = (*sec->aead_enc)(sec, aad, aadlen, p + RecHdrLen, p + RecHdrLen + ivlen, n) + ivlen;
 			else {
 				if(ivlen > 0)
-					randfill(p + RecHdrLen, ivlen);
+					prng(p + RecHdrLen, ivlen);
 				packMac(sec, aad, aadlen, p + RecHdrLen + ivlen, n, p + RecHdrLen + ivlen + n);
 				n = (*sec->enc)(sec, p + RecHdrLen, ivlen + n + maclen);
 			}
@@ -1523,7 +1516,7 @@ initaesgcmkey(Encalg *ea, Secret *s, uchar *p, uchar *iv)
 	s->maclen = 16;
 	s->recivlen = 8;
 	memmove(s->mackey, iv, ea->ivlen);
-	randfill(s->mackey + ea->ivlen, s->recivlen);
+	prng(s->mackey + ea->ivlen, s->recivlen);
 	setupAESGCMstate(s->enckey, p, ea->keylen, nil, 0);
 }