Replace all random functions with isc_random, isc_random_buf and isc_random_uniform API.

The three functions has been modeled after the arc4random family of
functions, and they will always return random bytes.

The isc_random family of functions internally use these CSPRNG (if available):

1. getrandom() libc call (might be available on Linux and Solaris)
2. SYS_getrandom syscall (might be available on Linux, detected at runtime)
3. arc4random(), arc4random_buf() and arc4random_uniform() (available on BSDs and Mac OS X)
4. crypto library function:
4a. RAND_bytes in case OpenSSL
4b. pkcs_C_GenerateRandom() in case PKCS#11 library

lib/isc/tests/isctest.c

@@ -18,7 +18,6 @@
 
 #include <isc/app.h>
 #include <isc/buffer.h>
-#include <isc/entropy.h>
 #include <isc/hash.h>
 #include <isc/mem.h>
 #include <isc/os.h>
@@ -31,7 +30,6 @@
 #include "isctest.h"
 
 isc_mem_t *mctx = NULL;
-isc_entropy_t *ectx = NULL;
 isc_log_t *lctx = NULL;
 isc_taskmgr_t *taskmgr = NULL;
 isc_timermgr_t *timermgr = NULL;
@@ -105,7 +103,6 @@ isc_test_begin(FILE *logfile, isc_boolean_t start_managers,
 
 	isc_mem_debugging |= ISC_MEM_DEBUGRECORD;
 	CHECK(isc_mem_create(0, 0, &mctx));
-	CHECK(isc_entropy_create(mctx, &ectx));
 
 	if (logfile != NULL) {
 		isc_logdestination_t destination;
@@ -149,8 +146,6 @@ isc_test_end(void) {
 		isc_task_detach(&maintask);
 	if (taskmgr != NULL)
 		isc_taskmgr_destroy(&taskmgr);
-	if (ectx != NULL)
-		isc_entropy_detach(&ectx);
 
 	cleanup_managers();
 

lib/isc/tests/isctest.h

@@ -14,7 +14,6 @@
 #include <config.h>
 
 #include <isc/buffer.h>
-#include <isc/entropy.h>
 #include <isc/hash.h>
 #include <isc/log.h>
 #include <isc/mem.h>
@@ -33,7 +32,6 @@
 	} while (0)
 
 extern isc_mem_t *mctx;
-extern isc_entropy_t *ectx;
 extern isc_log_t *lctx;
 extern isc_taskmgr_t *taskmgr;
 extern isc_timermgr_t *timermgr;

lib/isc/tests/random_test.c

@@ -253,7 +253,6 @@ static void
 random_test(pvalue_func_t *func, isc_boolean_t word_sized) {
 	isc_mem_t *mctx = NULL;
 	isc_result_t result;
-	isc_rng_t *rng;
 	isc_uint32_t m;
 	isc_uint32_t j;
 	isc_uint32_t histogram[11] = { 0 };
@@ -270,10 +269,6 @@ random_test(pvalue_func_t *func, isc_boolean_t word_sized) {
 	result = isc_mem_create(0, 0, &mctx);
 	ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
 
-	rng = NULL;
-	result = isc_rng_create(mctx, NULL, &rng);
-	ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
-
 	m = 1000;
 	passed = 0;
 
@@ -284,11 +279,10 @@ random_test(pvalue_func_t *func, isc_boolean_t word_sized) {
 
 		if (word_sized) {
 			for (i = 0; i < REPS; i++) {
-				isc_rng_randombytes(rng, &values[i],
-						    sizeof(values[i]));
+				isc_random_buf(&values[i], sizeof(values[i]));
 			}
 		} else {
-			isc_rng_randombytes(rng, values, sizeof(values));
+			isc_random_buf(values, sizeof(values));
 		}
 
 		p_value = (*func)(mctx, values, REPS);
@@ -303,8 +297,6 @@ random_test(pvalue_func_t *func, isc_boolean_t word_sized) {
 		histogram[i]++;
 	}
 
-	isc_rng_detach(&rng);
-
 	/*
 	 * Check proportion of sequences passing a test (see section
 	 * 4.2.1 in NIST SP 800-22).
@@ -360,7 +352,7 @@ random_test(pvalue_func_t *func, isc_boolean_t word_sized) {
 
 /*
  * This is a frequency (monobits) test taken from the NIST SP 800-22
- * RNG test suite.
+ * RANDOM test suite.
  */
 static double
 monobit(isc_mem_t *mctx, isc_uint16_t *values, size_t length) {
@@ -613,97 +605,97 @@ binarymatrixrank(isc_mem_t *mctx, isc_uint16_t *values, size_t length) {
 	return (p_value);
 }
 
-ATF_TC(isc_rng_monobit_16);
-ATF_TC_HEAD(isc_rng_monobit_16, tc) {
-	atf_tc_set_md_var(tc, "descr", "Monobit test for the RNG");
+ATF_TC(isc_random_monobit_16);
+ATF_TC_HEAD(isc_random_monobit_16, tc) {
+	atf_tc_set_md_var(tc, "descr", "Monobit test for the RANDOM");
 }
 
-ATF_TC_BODY(isc_rng_monobit_16, tc) {
+ATF_TC_BODY(isc_random_monobit_16, tc) {
 	UNUSED(tc);
 
 	random_test(monobit, ISC_TRUE);
 }
 
-ATF_TC(isc_rng_runs_16);
-ATF_TC_HEAD(isc_rng_runs_16, tc) {
-	atf_tc_set_md_var(tc, "descr", "Runs test for the RNG");
+ATF_TC(isc_random_runs_16);
+ATF_TC_HEAD(isc_random_runs_16, tc) {
+	atf_tc_set_md_var(tc, "descr", "Runs test for the RANDOM");
 }
 
-ATF_TC_BODY(isc_rng_runs_16, tc) {
+ATF_TC_BODY(isc_random_runs_16, tc) {
 	UNUSED(tc);
 
 	random_test(runs, ISC_TRUE);
 }
 
-ATF_TC(isc_rng_blockfrequency_16);
-ATF_TC_HEAD(isc_rng_blockfrequency_16, tc) {
-	atf_tc_set_md_var(tc, "descr", "Block frequency test for the RNG");
+ATF_TC(isc_random_blockfrequency_16);
+ATF_TC_HEAD(isc_random_blockfrequency_16, tc) {
+	atf_tc_set_md_var(tc, "descr", "Block frequency test for the RANDOM");
 }
 
-ATF_TC_BODY(isc_rng_blockfrequency_16, tc) {
+ATF_TC_BODY(isc_random_blockfrequency_16, tc) {
 	UNUSED(tc);
 
 	random_test(blockfrequency, ISC_TRUE);
 }
 
-ATF_TC(isc_rng_binarymatrixrank_16);
-ATF_TC_HEAD(isc_rng_binarymatrixrank_16, tc) {
-	atf_tc_set_md_var(tc, "descr", "Binary matrix rank test for the RNG");
+ATF_TC(isc_random_binarymatrixrank_16);
+ATF_TC_HEAD(isc_random_binarymatrixrank_16, tc) {
+	atf_tc_set_md_var(tc, "descr", "Binary matrix rank test for the RANDOM");
 }
 
 /*
  * This is the binary matrix rank test taken from the NIST SP 800-22 RNG
  * test suite.
  */
-ATF_TC_BODY(isc_rng_binarymatrixrank_16, tc) {
+ATF_TC_BODY(isc_random_binarymatrixrank_16, tc) {
 	UNUSED(tc);
 
 	random_test(binarymatrixrank, ISC_TRUE);
 }
 
-ATF_TC(isc_rng_monobit_bytes);
-ATF_TC_HEAD(isc_rng_monobit_bytes, tc) {
-	atf_tc_set_md_var(tc, "descr", "Monobit test for the RNG");
+ATF_TC(isc_random_monobit_bytes);
+ATF_TC_HEAD(isc_random_monobit_bytes, tc) {
+	atf_tc_set_md_var(tc, "descr", "Monobit test for the RANDOM");
 }
 
-ATF_TC_BODY(isc_rng_monobit_bytes, tc) {
+ATF_TC_BODY(isc_random_monobit_bytes, tc) {
 	UNUSED(tc);
 
 	random_test(monobit, ISC_FALSE);
 }
 
-ATF_TC(isc_rng_runs_bytes);
-ATF_TC_HEAD(isc_rng_runs_bytes, tc) {
-	atf_tc_set_md_var(tc, "descr", "Runs test for the RNG");
+ATF_TC(isc_random_runs_bytes);
+ATF_TC_HEAD(isc_random_runs_bytes, tc) {
+	atf_tc_set_md_var(tc, "descr", "Runs test for the RANDOM");
 }
 
-ATF_TC_BODY(isc_rng_runs_bytes, tc) {
+ATF_TC_BODY(isc_random_runs_bytes, tc) {
 	UNUSED(tc);
 
 	random_test(runs, ISC_FALSE);
 }
 
-ATF_TC(isc_rng_blockfrequency_bytes);
-ATF_TC_HEAD(isc_rng_blockfrequency_bytes, tc) {
-	atf_tc_set_md_var(tc, "descr", "Block frequency test for the RNG");
+ATF_TC(isc_random_blockfrequency_bytes);
+ATF_TC_HEAD(isc_random_blockfrequency_bytes, tc) {
+	atf_tc_set_md_var(tc, "descr", "Block frequency test for the RANDOM");
 }
 
-ATF_TC_BODY(isc_rng_blockfrequency_bytes, tc) {
+ATF_TC_BODY(isc_random_blockfrequency_bytes, tc) {
 	UNUSED(tc);
 
 	random_test(blockfrequency, ISC_FALSE);
 }
 
-ATF_TC(isc_rng_binarymatrixrank_bytes);
-ATF_TC_HEAD(isc_rng_binarymatrixrank_bytes, tc) {
-	atf_tc_set_md_var(tc, "descr", "Binary matrix rank test for the RNG");
+ATF_TC(isc_random_binarymatrixrank_bytes);
+ATF_TC_HEAD(isc_random_binarymatrixrank_bytes, tc) {
+	atf_tc_set_md_var(tc, "descr", "Binary matrix rank test for the RANDOM");
 }
 
 /*
  * This is the binary matrix rank test taken from the NIST SP 800-22 RNG
  * test suite.
  */
-ATF_TC_BODY(isc_rng_binarymatrixrank_bytes, tc) {
+ATF_TC_BODY(isc_random_binarymatrixrank_bytes, tc) {
 	UNUSED(tc);
 
 	random_test(binarymatrixrank, ISC_FALSE);
@@ -713,14 +705,14 @@ ATF_TC_BODY(isc_rng_binarymatrixrank_bytes, tc) {
  * Main
  */
 ATF_TP_ADD_TCS(tp) {
-	ATF_TP_ADD_TC(tp, isc_rng_monobit_16);
-	ATF_TP_ADD_TC(tp, isc_rng_runs_16);
-	ATF_TP_ADD_TC(tp, isc_rng_blockfrequency_16);
-	ATF_TP_ADD_TC(tp, isc_rng_binarymatrixrank_16);
-	ATF_TP_ADD_TC(tp, isc_rng_monobit_bytes);
-	ATF_TP_ADD_TC(tp, isc_rng_runs_bytes);
-	ATF_TP_ADD_TC(tp, isc_rng_blockfrequency_bytes);
-	ATF_TP_ADD_TC(tp, isc_rng_binarymatrixrank_bytes);
+	ATF_TP_ADD_TC(tp, isc_random_monobit_16);
+	ATF_TP_ADD_TC(tp, isc_random_runs_16);
+	ATF_TP_ADD_TC(tp, isc_random_blockfrequency_16);
+	ATF_TP_ADD_TC(tp, isc_random_binarymatrixrank_16);
+	ATF_TP_ADD_TC(tp, isc_random_monobit_bytes);
+	ATF_TP_ADD_TC(tp, isc_random_runs_bytes);
+	ATF_TP_ADD_TC(tp, isc_random_blockfrequency_bytes);
+	ATF_TP_ADD_TC(tp, isc_random_binarymatrixrank_bytes);
 
 	return (atf_no_error());
 }