20251230-persistent-drbg

.wolfssl_known_macro_extras

@@ -790,6 +790,7 @@ WOLFSSL_MONT_RED_CT
 WOLFSSL_MP_COND_COPY
 WOLFSSL_MP_INVMOD_CONSTANT_TIME
 WOLFSSL_MULTICIRCULATE_ALTNAMELIST
+WOLFSSL_NEW_PRIME_CHECK
 WOLFSSL_NONBLOCK_OCSP
 WOLFSSL_NOSHA3_384
 WOLFSSL_NOT_WINDOWS_API

configure.ac

@@ -1428,6 +1428,7 @@ then
     test "$enable_md5" = "" && enable_md5=yes
     test "$enable_anon" = "" && enable_anon=yes
     test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes
+    test "$enable_rng_bank" = "" && enable_rng_bank=yes
 
     # the compiler optimizer generates a weird out-of-bounds bss reference for
     # find_hole() in the FP_ECC implementation.
@@ -2208,6 +2209,19 @@ then
     AM_CFLAGS="$AM_CFLAGS -DWC_NO_RNG"
 fi
 
+AC_ARG_ENABLE([rng-bank],
+    [AS_HELP_STRING([--enable-rng-bank],[Enable compiling and using RNG banks (default: disabled)])],
+    [ ENABLED_RNG_BANK=$enableval ],
+    [ ENABLED_RNG_BANK=$KERNEL_MODE_DEFAULTS ]
+    )
+
+if test "$ENABLED_RNG_BANK" = "yes"
+then
+    AS_IF([test "$ENABLED_RNG" = "no"],
+    AC_MSG_ERROR([--enable-rng-bank requires --enable-rng]))
+    AM_CFLAGS="$AM_CFLAGS -DWC_RNG_BANK_SUPPORT"
+fi
+
 
 # DTLS-SCTP
 AC_ARG_ENABLE([sctp],
@@ -3984,12 +3998,17 @@ then
 fi
 
 # AMD RDSEED
-AC_ARG_ENABLE([amdrand],
-    [AS_HELP_STRING([--enable-amdrand],[Enable AMD rdseed as preferred RNG seeding source (default: disabled)])],
+AC_ARG_ENABLE([amdrdseed],
+    [AS_HELP_STRING([--enable-amdrdseed],[Enable AMD rdseed as preferred RNG seeding source (default: disabled)])],
     [ ENABLED_AMDRDSEED=$enableval ],
     [ ENABLED_AMDRDSEED=no ]
     )
 
+AC_ARG_ENABLE([amdrand],
+    [AS_HELP_STRING([--enable-amdrand],[Enable AMD rdseed as preferred RNG seeding source (default: disabled)])],
+    [ ENABLED_AMDRDSEED=$enableval ]
+    )
+
 if test "$ENABLED_AMDRDSEED" = "yes"
 then
     AM_CFLAGS="$AM_CFLAGS -DHAVE_AMD_RDSEED"
@@ -11079,6 +11098,7 @@ AM_CONDITIONAL([BUILD_ECCSI],[test "x$ENABLED_ECCSI" = "xyes" || test "x$ENABLED
 AM_CONDITIONAL([BUILD_SAKKE],[test "x$ENABLED_SAKKE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_MEMORY],[test "x$ENABLED_MEMORY" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_MEMUSE],[test "x$ENABLED_ENTROPY_MEMUSE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_RNG_BANK],[test "$ENABLED_RNG_BANK" = "yes" || test "$ENABLED_USERSETTINGS" = "yes"])
 AM_CONDITIONAL([BUILD_RSA],[test "x$ENABLED_RSA" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_DH],[test "x$ENABLED_DH" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_ASN],[test "x$ENABLED_ASN" != "xno" || test "x$ENABLED_RSA" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])

linuxkm/linuxkm_wc_port.h

@@ -937,7 +937,9 @@
         typeof(kfree) *kfree;
         typeof(ksize) *ksize;
 
+#ifndef LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT
         typeof(get_random_bytes) *get_random_bytes;
+#endif
         #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
             typeof(getnstimeofday) *getnstimeofday;
         #elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
@@ -1072,9 +1074,7 @@
 
         #endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
 
-        #ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
         typeof(dump_stack) *dump_stack;
-        #endif
 
         #ifdef CONFIG_ARM64
         #ifndef CONFIG_ARCH_TEGRA
@@ -1269,7 +1269,9 @@
     #endif
     #define ksize WC_PIE_INDIRECT_SYM(ksize)
 
+#ifndef LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT
     #define get_random_bytes WC_PIE_INDIRECT_SYM(get_random_bytes)
+#endif
     #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
         #define getnstimeofday WC_PIE_INDIRECT_SYM(getnstimeofday)
     #elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
@@ -1345,9 +1347,7 @@
 
     #endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
 
-    #ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
         #define dump_stack WC_PIE_INDIRECT_SYM(dump_stack)
-    #endif
 
     #undef preempt_count /* just in case -- not a macro on x86. */
     #define preempt_count WC_PIE_INDIRECT_SYM(preempt_count)
@@ -1729,4 +1729,13 @@
         #error unexpected BITS_PER_LONG value.
 #endif
 
+/* WC_DUMP_BACKTRACE_NONDEBUG is intended to dump a backtrace only if it hasn't
+ * already been dumped by the called function.
+ */
+#if defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES) && defined(WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES)
+    #define WC_DUMP_BACKTRACE_NONDEBUG WC_DO_NOTHING
+#else
+    #define WC_DUMP_BACKTRACE_NONDEBUG dump_stack()
+#endif
+
 #endif /* LINUXKM_WC_PORT_H */

linuxkm/lkcapi_dh_glue.c

@@ -749,10 +749,7 @@ static int km_ffdhe_init(struct crypto_kpp *tfm, int name, word32 nbits)
     ctx->name = name;
     ctx->nbits = nbits;
 
-    if (WOLFSSL_ATOMIC_LOAD(linuxkm_lkcapi_registering_now))
-        err = LKCAPI_INITRNG_FOR_SELFTEST(&ctx->rng);
-    else
-        err = wc_InitRng(&ctx->rng);
+    err = LKCAPI_INITRNG(&ctx->rng);
     if (err) {
         #ifdef WOLFKM_DEBUG_DH
         pr_err("%s: init rng returned: %d\n", WOLFKM_DH_DRIVER, err);

linuxkm/lkcapi_ecdh_glue.c

@@ -387,10 +387,7 @@ static int km_ecdh_init(struct crypto_kpp *tfm, int curve_id)
         ctx->curve_len = (word32) ret;
     }
 
-    if (WOLFSSL_ATOMIC_LOAD(linuxkm_lkcapi_registering_now))
-        ret = LKCAPI_INITRNG_FOR_SELFTEST(&ctx->rng);
-    else
-        ret = wc_InitRng(&ctx->rng);
+    ret = LKCAPI_INITRNG(&ctx->rng);
     if (ret) {
         #ifdef WOLFKM_DEBUG_ECDH
         pr_err("%s: init rng returned: %d\n", WOLFKM_ECDH_DRIVER, ret);

linuxkm/lkcapi_rsa_glue.c

@@ -634,14 +634,13 @@ static int km_rsa_ctx_init(struct km_rsa_ctx * ctx, int hash_oid)
 static inline int km_rsa_ctx_init_rng(struct km_rsa_ctx * ctx) {
     switch (ctx->rng.status) {
     case WC_DRBG_OK:
+#ifdef WC_RNG_BANK_SUPPORT
+    case WC_DRBG_BANKREF:
+#endif
         return 0;
     case WC_DRBG_NOT_INIT:
     {
-        int err;
-        if (WOLFSSL_ATOMIC_LOAD(linuxkm_lkcapi_registering_now))
-            err = LKCAPI_INITRNG_FOR_SELFTEST(&ctx->rng);
-        else
-            err = wc_InitRng(&ctx->rng);
+        int err = LKCAPI_INITRNG(&ctx->rng);
         if (err) {
             pr_err("%s: init rng returned: %d\n", WOLFKM_RSA_DRIVER, err);
             if (err == WC_NO_ERR_TRACE(MEMORY_E))
@@ -2105,7 +2104,7 @@ static int linuxkm_test_rsa_driver(const char * driver, int nbits)
     memset(&rng, 0, sizeof(rng));
     memset(key, 0, sizeof(RsaKey));
 
-    ret = LKCAPI_INITRNG_FOR_SELFTEST(&rng);
+    ret = LKCAPI_INITRNG(&rng);
 
     if (ret) {
         pr_err("error: init rng returned: %d\n", ret);
@@ -2483,7 +2482,7 @@ static int linuxkm_test_pkcs1pad_driver(const char * driver, int nbits,
     memset(&rng, 0, sizeof(rng));
     memset(key, 0, sizeof(RsaKey));
 
-    ret = LKCAPI_INITRNG_FOR_SELFTEST(&rng);
+    ret = LKCAPI_INITRNG(&rng);
     if (ret) {
         pr_err("error: init rng returned: %d\n", ret);
         goto test_pkcs1_end;
@@ -3007,7 +3006,7 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits,
     memset(&rng, 0, sizeof(rng));
     memset(key, 0, sizeof(RsaKey));
 
-    ret = LKCAPI_INITRNG_FOR_SELFTEST(&rng);
+    ret = LKCAPI_INITRNG(&rng);
     if (ret) {
         pr_err("error: init rng returned: %d\n", ret);
         goto test_pkcs1_end;