cmd/auth: remove private /dev/random reading routines, use genrandom()

14 files changed, 31 insertions, 131 deletions

diff --git a/sys/src/cmd/auth/as.c b/sys/src/cmd/auth/as.c
index 59317b0af..5a4800834 100644
--- a/sys/src/cmd/auth/as.c
+++ b/sys/src/cmd/auth/as.c
@@ -52,7 +52,6 @@ main(int argc, char *argv[])
 	}ARGEND
 
 	initcap();
-	srand(getpid()*time(0));
 	if(argc >= 2)
 		runas(argv[0], argv[1]);
 	else
@@ -96,15 +95,6 @@ usage(void)
 	exits("usage");
 }
 
-void
-memrandom(void *p, int n)
-{
-	uchar *cp;
-
-	for(cp = (uchar*)p; n > 0; n--)
-		*cp++ = fastrand();
-}
-
 /*
  *  keep caphash fd open since opens of it could be disabled
  */
@@ -138,7 +128,7 @@ mkcap(char *from, char *to)
 	nfrom = strlen(from);
 	cap = emalloc(nfrom+1+nto+1+sizeof(rand)*3+1);
 	sprint(cap, "%s@%s", from, to);
-	memrandom(rand, sizeof(rand));
+	genrandom(rand, sizeof(rand));
 	key = cap+nfrom+1+nto+1;
 	enc64(key, sizeof(rand)*3, rand, sizeof(rand));
 
diff --git a/sys/src/cmd/auth/authsrv.c b/sys/src/cmd/auth/authsrv.c
index 0340e9e29..9c499e03f 100644
--- a/sys/src/cmd/auth/authsrv.c
+++ b/sys/src/cmd/auth/authsrv.c
@@ -33,7 +33,6 @@ void	replyerror(char*, ...);
 void	getraddr(char*);
 void	mkkey(Authkey*);
 void	mkticket(Ticketreq*, Ticket*);
-void	randombytes(uchar*, int);
 void	nthash(uchar hash[MShashlen], char *passwd);
 void	lmhash(uchar hash[MShashlen], char *passwd);
 void	ntv2hash(uchar hash[MShashlen], char *passwd, char *user, char *dom);
@@ -64,7 +63,6 @@ main(int argc, char *argv[])
 	if(db == 0)
 		syslog(0, AUTHLOG, "no /lib/ndb/auth");
 
-	srand(time(0)*getpid());
 	for(;;){
 		n = readn(0, buf, sizeof(buf));
 		if(n <= 0 || convM2TR(buf, n, &tr) <= 0)
@@ -167,7 +165,7 @@ challengebox(Ticketreq *tr)
 	netkey = finddeskey(NETKEYDB, tr->uid, nkbuf);
 	if(key == nil && netkey == nil){
 		/* make one up so caller doesn't know it was wrong */
-		randombytes((uchar*)nkbuf, DESKEYLEN);
+		genrandom((uchar*)nkbuf, DESKEYLEN);
 		netkey = nkbuf;
 		if(debug)
 			syslog(0, AUTHLOG, "cr-fail uid %s@%s", tr->uid, raddr);
@@ -185,7 +183,7 @@ challengebox(Ticketreq *tr)
 	 */
 	memset(buf, 0, sizeof(buf));
 	buf[0] = AuthOK;
-	chal = lnrand(MAXNETCHAL);
+	chal = nfastrand(MAXNETCHAL);
 	sprint(buf+1, "%lud", chal);
 	if(write(1, buf, NETCHLEN+1) < 0)
 		exits(0);
@@ -322,7 +320,7 @@ http(Ticketreq *tr)
 
 	/* send back a ticket encrypted with the key */
 	mkticket(tr, &t);
-	randombytes((uchar*)t.chal, CHALLEN);
+	genrandom((uchar*)t.chal, CHALLEN);
 	t.num = AuthHr;
 	n = 0;
 	tbuf[n++] = AuthOK;
@@ -388,7 +386,7 @@ apop(Ticketreq *tr, int type)
 	/*
 	 *  Create a challenge and send it.
 	 */
-	randombytes((uchar*)rb, sizeof(rb));
+	genrandom((uchar*)rb, sizeof(rb));
 	p = chal;
 	p += snprint(p, sizeof(chal), "<%lux%lux.%lux%lux@%s>",
 		rb[0], rb[1], rb[2], rb[3], domainname());
@@ -502,7 +500,7 @@ vnc(Ticketreq *tr)
 	/*
 	 *  Create a challenge and send it.
 	 */
-	randombytes(chal+6, VNCchallen);
+	genrandom(chal+6, VNCchallen);
 	chal[0] = AuthOKvar;
 	sprint((char*)chal+1, "%-5d", VNCchallen);
 	if(write(1, chal, sizeof(chal)) != sizeof(chal))
@@ -514,7 +512,7 @@ vnc(Ticketreq *tr)
 	memset(sbuf, 0, sizeof(sbuf));
 	secret = findsecret(KEYDB, tr->uid, sbuf);
 	if(secret == nil){
-		randombytes((uchar*)sbuf, sizeof(sbuf));
+		genrandom((uchar*)sbuf, sizeof(sbuf));
 		secret = sbuf;
 	}
 	for(i = 0; i < 8; i++)
@@ -565,7 +563,7 @@ chap(Ticketreq *tr)
 	/*
 	 *  Create a challenge and send it.
 	 */
-	randombytes((uchar*)chal, sizeof(chal));
+	genrandom((uchar*)chal, sizeof(chal));
 	write(1, chal, sizeof(chal));
 
 	/*
@@ -682,7 +680,7 @@ mschap(Ticketreq *tr)
 	/*
 	 *  Create a challenge and send it.
 	 */
-	randombytes((uchar*)chal, sizeof(chal));
+	genrandom(chal, sizeof(chal));
 	write(1, chal, sizeof(chal));
 
 	/*
@@ -1001,8 +999,8 @@ getraddr(char *dir)
 void
 mkkey(Authkey *k)
 {
-	randombytes((uchar*)k->des, DESKEYLEN);
-	randombytes((uchar*)k->aes, AESKEYLEN);
+	genrandom((uchar*)k->des, DESKEYLEN);
+	genrandom((uchar*)k->aes, AESKEYLEN);
 }
 
 void
@@ -1012,19 +1010,7 @@ mkticket(Ticketreq *tr, Ticket *t)
 	memmove(t->chal, tr->chal, CHALLEN);
 	safecpy(t->cuid, tr->uid, sizeof(t->cuid));
 	safecpy(t->suid, tr->uid, sizeof(t->suid));
-	randombytes((uchar*)t->key, DESKEYLEN);
-}
-
-void
-randombytes(uchar *buf, int len)
-{
-	int i;
-
-	if(readfile("/dev/random", (char*)buf, len) >= 0)
-		return;
-
-	for(i = 0; i < len; i++)
-		buf[i] = rand();
+	genrandom((uchar*)t->key, DESKEYLEN);
 }
 
 /*
diff --git a/sys/src/cmd/auth/changeuser.c b/sys/src/cmd/auth/changeuser.c
index e40572769..47b0ff58e 100644
--- a/sys/src/cmd/auth/changeuser.c
+++ b/sys/src/cmd/auth/changeuser.c
@@ -1,5 +1,6 @@
 #include <u.h>
 #include <libc.h>
+#include <libsec.h>
 #include <authsrv.h>
 #include <ctype.h>
 #include <bio.h>
@@ -19,13 +20,12 @@ void
 main(int argc, char *argv[])
 {
 	char *u, answer[32], p9pass[32];
-	int which, i, newkey, newbio, dosecret;
+	int which, newkey, newbio, dosecret;
 	long t;
 	Authkey key;
 	Acctbio a;
 	Fs *f;
 
-	srand(getpid()*time(0));
 	fmtinstall('K', deskeyfmt);
 
 	which = 0;
@@ -84,8 +84,7 @@ main(int argc, char *argv[])
 		}
 		if(newkey){
 			memset(&key, 0, sizeof(key));
-			for(i=0; i<DESKEYLEN; i++)
-				key.des[i] = nrand(256);
+			genrandom((uchar*)key.des, DESKEYLEN);
 		}
 		if(a.user == 0){
 			t = getexpiration(f->keys, u);
diff --git a/sys/src/cmd/auth/convkeys.c b/sys/src/cmd/auth/convkeys.c
index 7886fa457..252c43f1c 100644
--- a/sys/src/cmd/auth/convkeys.c
+++ b/sys/src/cmd/auth/convkeys.c
@@ -74,23 +74,6 @@ main(int argc, char *argv[])
 	exits(nil);
 }
 
-void
-randombytes(uchar *p, int len)
-{
-	int i, fd;
-
-	fd = open("/dev/random", OREAD);
-	if(fd < 0){
-		fprint(2, "%s: can't open /dev/random, using rand()\n", argv0);
-		srand(time(0));
-		for(i = 0; i < len; i++)
-			p[i] = rand();
-		return;
-	}
-	read(fd, p, len);
-	close(fd);
-}
-
 int
 badname(char *s)
 {
@@ -181,7 +164,7 @@ convert(char **db, int len)
 		keydbaes = 1;
 	}
 
-	randombytes((uchar*)p, keydboff);
+	genrandom((uchar*)p, keydboff);
 	if(keydbaes){
 		AESstate s;
 
diff --git a/sys/src/cmd/auth/convkeys2.c b/sys/src/cmd/auth/convkeys2.c
index bb4e3e41d..5d06e1f20 100644
--- a/sys/src/cmd/auth/convkeys2.c
+++ b/sys/src/cmd/auth/convkeys2.c
@@ -12,7 +12,6 @@ int	usepass;
 
 int	convert(char*, char*, Authkey*, int);
 void	usage(void);
-void	randombytes(uchar*, int);
 
 void
 main(int argc, char *argv[])
@@ -101,7 +100,7 @@ convert(char *p, char *np, Authkey *key, int len)
 		if(verb)
 			print("%s\n", &p[off]);
 	}
-	randombytes((uchar*)np, KEYDBOFF);
+	genrandom((uchar*)np, KEYDBOFF);
 	len = (len*KEYDBLEN) + KEYDBOFF;
 	oldCBCencrypt(key->des, np, len);
 	return len;
@@ -113,20 +112,3 @@ usage(void)
 	fprint(2, "usage: convkeys2 keyfile\n");
 	exits("usage");
 }
-
-void
-randombytes(uchar *p, int len)
-{
-	int i, fd;
-
-	fd = open("/dev/random", OREAD);
-	if(fd < 0){
-		fprint(2, "convkeys2: can't open /dev/random, using rand()\n");
-		srand(time(0));
-		for(i = 0; i < len; i++)
-			p[i] = rand();
-		return;
-	}
-	read(fd, p, len);
-	close(fd);
-}
diff --git a/sys/src/cmd/auth/cron.c b/sys/src/cmd/auth/cron.c
index 57f1479a9..63142b159 100644
--- a/sys/src/cmd/auth/cron.c
+++ b/sys/src/cmd/auth/cron.c
@@ -191,7 +191,6 @@ main(int argc, char *argv[])
 		fatal("cron already running: %r");
 
 	argv0 = "cron";
-	srand(getpid()*time(0));
 	last = time(0);
 	for(;;){
 		readalljobs();
@@ -656,15 +655,6 @@ qidcmp(Qid a, Qid b)
 	return(a.path != b.path || a.vers != b.vers);
 }
 
-void
-memrandom(void *p, int n)
-{
-	uchar *cp;
-
-	for(cp = (uchar*)p; n > 0; n--)
-		*cp++ = fastrand();
-}
-
 /*
  *  keep caphash fd open since opens of it could be disabled
  */
@@ -699,7 +689,7 @@ mkcap(char *from, char *to)
 	ncap = nfrom + 1 + nto + 1 + sizeof(rand)*3 + 1;
 	cap = emalloc(ncap);
 	snprint(cap, ncap, "%s@%s", from, to);
-	memrandom(rand, sizeof(rand));
+	genrandom(rand, sizeof(rand));
 	key = cap+nfrom+1+nto+1;
 	enc64(key, sizeof(rand)*3, rand, sizeof(rand));
 
diff --git a/sys/src/cmd/auth/factotum/apop.c b/sys/src/cmd/auth/factotum/apop.c
index a900d8f4f..e46b33d3c 100644
--- a/sys/src/cmd/auth/factotum/apop.c
+++ b/sys/src/cmd/auth/factotum/apop.c
@@ -261,7 +261,7 @@ doreply(State *s, char *user, char *response)
 		goto err;
 	}
 
-	memrandom(s->tr.chal, CHALLEN);
+	genrandom((uchar*)s->tr.chal, CHALLEN);
 	safecpy(s->tr.uid, user, sizeof(s->tr.uid));
 	alarm(30*1000);
 	if(_asrequest(s->asfd, &s->tr) < 0){
diff --git a/sys/src/cmd/auth/factotum/chap.c b/sys/src/cmd/auth/factotum/chap.c
index e6e0f6b8f..9559b3941 100644
--- a/sys/src/cmd/auth/factotum/chap.c
+++ b/sys/src/cmd/auth/factotum/chap.c
@@ -188,7 +188,7 @@ chapwrite(Fsstate *fss, void *va, uint n)
 				if(user == nil)
 					break;
 
-				memrandom(pchal, MSchallenv2);
+				genrandom((uchar*)pchal, MSchallenv2);
 
 				/* ChallengeHash() */
 				ds = sha1(pchal, MSchallenv2, nil, nil);
@@ -579,7 +579,7 @@ domschap2(char *passwd, char *user, char *dom, uchar chal[MSchallen], uchar *res
 	*p++ = t >> 48;
 	*p++ = t >> 56;
 
-	memrandom(p, 8);
+	genrandom(p, 8);
 	p += 8;			/* 64bit: client nonce */
 
 	*p++ = 0;		/* 32bit: unknown data */
@@ -617,7 +617,7 @@ domschap2(char *passwd, char *user, char *dom, uchar chal[MSchallen], uchar *res
 	 * LmResponse = Cat(HMAC_MD5(LmHash, Cat(SC, CC)), CC)
 	 */
 	s = hmac_md5(chal, 8, hash, MShashlen, nil, nil);
-	memrandom((uchar*)r->LMresp+16, 8);
+	genrandom((uchar*)r->LMresp+16, 8);
 	hmac_md5((uchar*)r->LMresp+16, 8, hash, MShashlen, (uchar*)r->LMresp, s);
 
 	/*
diff --git a/sys/src/cmd/auth/factotum/dat.h b/sys/src/cmd/auth/factotum/dat.h
index eb89d0d2f..ecf4a0bf6 100644
--- a/sys/src/cmd/auth/factotum/dat.h
+++ b/sys/src/cmd/auth/factotum/dat.h
@@ -203,7 +203,6 @@ char		*getnvramkey(int);
 void		initcap(void);
 int		isclient(char*);
 int		matchattr(Attr*, Attr*, Attr*);
-void 		memrandom(void*, int);
 char 		*mkcap(char*, char*);
 int 		phaseerror(Fsstate*, char*);
 char		*phasename(Fsstate*, int, char*);
diff --git a/sys/src/cmd/auth/factotum/p9sk1.c b/sys/src/cmd/auth/factotum/p9sk1.c
index ea7eaa5ad..0d43ad6a2 100644
--- a/sys/src/cmd/auth/factotum/p9sk1.c
+++ b/sys/src/cmd/auth/factotum/p9sk1.c
@@ -88,7 +88,7 @@ p9skinit(Proto *p, Fsstate *fss)
 		switch(s->vers){
 		case 1:
 			fss->phase = CHaveChal;
-			memrandom(s->cchal, CHALLEN);
+			genrandom((uchar*)s->cchal, CHALLEN);
 			break;
 		case 2:
 			fss->phase = CNeedTreq;
@@ -108,7 +108,7 @@ p9skinit(Proto *p, Fsstate *fss)
 		safecpy(s->tr.authid, _strfindattr(k->attr, "user"), sizeof(s->tr.authid));
 		safecpy(s->tr.authdom, _strfindattr(k->attr, "dom"), sizeof(s->tr.authdom));
 		s->key = k;
-		memrandom(s->tr.chal, sizeof s->tr.chal);
+		genrandom((uchar*)s->tr.chal, sizeof s->tr.chal);
 		switch(s->vers){
 		case 1:
 			fss->phase = SNeedChal;
@@ -449,7 +449,7 @@ mkserverticket(State *s, char *tbuf, int tbuflen)
 	memmove(t.chal, tr->chal, CHALLEN);
 	strcpy(t.cuid, tr->uid);
 	strcpy(t.suid, tr->uid);
-	memrandom(t.key, DESKEYLEN);
+	genrandom((uchar*)t.key, DESKEYLEN);
 	t.num = AuthTc;
 	ret = convT2M(&t, tbuf, tbuflen, (Authkey*)s->key->priv);
 	t.num = AuthTs;
diff --git a/sys/src/cmd/auth/factotum/util.c b/sys/src/cmd/auth/factotum/util.c
index 411935bc1..3fdae8ea0 100644
--- a/sys/src/cmd/auth/factotum/util.c
+++ b/sys/src/cmd/auth/factotum/util.c
@@ -566,15 +566,6 @@ matchattr(Attr *pat, Attr *a0, Attr *a1)
 	return 1;		
 }
 
-void
-memrandom(void *p, int n)
-{
-	uchar *cp;
-
-	for(cp = (uchar*)p; n > 0; n--)
-		*cp++ = fastrand();
-}
-
 /*
  *  keep caphash fd open since opens of it could be disabled
  */
@@ -608,7 +599,7 @@ mkcap(char *from, char *to)
 	nfrom = strlen(from);
 	cap = emalloc(nfrom+1+nto+1+sizeof(rand)*3+1);
 	sprint(cap, "%s@%s", from, to);
-	memrandom(rand, sizeof(rand));
+	genrandom(rand, sizeof(rand));
 	key = cap+nfrom+1+nto+1;
 	enc64(key, sizeof(rand)*3, rand, sizeof(rand));
 
diff --git a/sys/src/cmd/auth/guard.srv.c b/sys/src/cmd/auth/guard.srv.c
index 013cd7945..999e2cda6 100644
--- a/sys/src/cmd/auth/guard.srv.c
+++ b/sys/src/cmd/auth/guard.srv.c
@@ -6,6 +6,7 @@
 #include <fcall.h>
 #include <bio.h>
 #include <ndb.h>
+#include <libsec.h>
 #include <authsrv.h>
 #include "authcmdlib.h"
 
@@ -57,7 +58,6 @@ main(int argc, char *argv[])
 		getraddr(argv[argc-1]);
 
 	argv0 = "guard";
-	srand((getpid()*1103515245)^time(0));
 	notify(catchalarm);
 
 	/*
@@ -69,7 +69,7 @@ main(int argc, char *argv[])
 	/*
 	 * challenge-response
 	 */
-	chal = lnrand(MAXNETCHAL);
+	chal = nfastrand(MAXNETCHAL);
 	sprint(buf, "challenge: %lud\nresponse: ", chal);
 	n = strlen(buf) + 1;
 	if(write(1, buf, n) != n){
diff --git a/sys/src/cmd/auth/keyfs.c b/sys/src/cmd/auth/keyfs.c
index d23cfb6ba..0265fde46 100644
--- a/sys/src/cmd/auth/keyfs.c
+++ b/sys/src/cmd/auth/keyfs.c
@@ -696,24 +696,6 @@ dostat(User *user, ulong qtype, void *p, int n)
 	return convD2M(&d, p, n);
 }
 
-
-void
-randombytes(uchar *p, int len)
-{
-	int i, fd;
-
-	fd = open("/dev/random", OREAD);
-	if(fd < 0){
-		fprint(2, "keyfs: can't open /dev/random, using rand()\n");
-		srand(time(0));
-		for(i = 0; i < len; i++)
-			p[i] = rand();
-		return;
-	}
-	read(fd, p, len);
-	close(fd);
-}
-
 void
 writeusers(void)
 {
@@ -740,7 +722,7 @@ writeusers(void)
 	/* pack into buffer */
 	buf = emalloc(keydboff + nu*keydblen);
 	p = buf;
-	randombytes(p, keydboff);
+	genrandom(p, keydboff);
 	p += keydboff;
 	for(i = 0; i < Nuser; i++)
 		for(u = users[i]; u != nil; u = u->link){
diff --git a/sys/src/cmd/auth/secstore/secstore.c b/sys/src/cmd/auth/secstore/secstore.c
index f3d5a1571..78aa039ab 100644
--- a/sys/src/cmd/auth/secstore/secstore.c
+++ b/sys/src/cmd/auth/secstore/secstore.c
@@ -148,16 +148,14 @@ getfile(SConn *conn, char *gf, uchar **buf, ulong *buflen, uchar *key, int nkey)
 static int
 putfile(SConn *conn, char *pf, uchar *buf, ulong len, uchar *key, int nkey)
 {
-	int i, n, fd, ivo, bufi, done;
+	int n, fd, ivo, bufi, done;
 	char s[Maxmsg];
 	uchar skey[SHA1dlen], b[CHK+Maxmsg], IV[AESbsize];
 	AESstate aes;
 	DigestState *sha;
 
 	/* create initialization vector */
-	srand(time(0));			/* doesn't need to be unpredictable */
-	for(i=0; i<AESbsize; i++)
-		IV[i] = 0xff & rand();
+	genrandom(IV, AESbsize);
 	sha = sha1((uchar*)"aescbc file", 11, nil, nil);
 	sha1(key, nkey, skey, sha);
 	setupAESstate(&aes, skey, AESbsize, IV);