Update HASH_DRBG Reseed mechanism and add test case

tests/api.c

@@ -10533,6 +10533,30 @@ static int test_tls13_apis(void)
 
 #endif
 
+#ifdef HAVE_HASHDRBG
+
+static int test_wc_RNG_GenerateBlock()
+{
+    int i, ret;
+    WC_RNG rng;
+    byte key[32];
+
+    ret = wc_InitRng(&rng);
+
+    if (ret == 0) {
+        for(i = 0; i < WC_RESEED_INTERVAL + 10; i++) {
+            ret = wc_RNG_GenerateBlock(&rng, key, sizeof(key));
+            if (ret != 0) {
+                break;
+            }
+        }
+    }
+
+    wc_FreeRng(&rng);
+
+    return ret;
+}
+#endif
 
 /*----------------------------------------------------------------------------*
  | Main
@@ -10716,6 +10740,11 @@ void ApiTest(void)
     AssertIntEQ(test_wc_DsaPublicPrivateKeyDecode(), 0);
     AssertIntEQ(test_wc_MakeDsaKey(), 0);
     AssertIntEQ(test_wc_DsaKeyToDer(), 0);
+
+#ifdef HAVE_HASHDRBG
+    AssertIntEQ(WC_RESEED_INTERVAL, 1000000);
+    AssertIntEQ(test_wc_RNG_GenerateBlock(), 0);
+#endif
     printf(" End API Tests\n");
 
 }

wolfcrypt/src/random.c

@@ -154,7 +154,7 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
 
 #define OUTPUT_BLOCK_LEN  (SHA256_DIGEST_SIZE)
 #define MAX_REQUEST_LEN   (0x10000)
-#define RESEED_INTERVAL   (1000000)
+#define RESEED_INTERVAL   WC_RESEED_INTERVAL
 #define SECURITY_STRENGTH (256)
 #define ENTROPY_SZ        (SECURITY_STRENGTH/8)
 #define NONCE_SZ          (ENTROPY_SZ/2)
@@ -449,6 +449,9 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
 
     FREE_VAR(digest, drbg->heap);
 
+    if (ret == DRBG_NEED_RESEED)
+        return ret;
+
     return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
 }
 

wolfssl/wolfcrypt/random.h

@@ -60,6 +60,7 @@
 #if !defined(WC_NO_HASHDRBG) || !defined(CUSTOM_RAND_GENERATE_BLOCK)
     #undef  HAVE_HASHDRBG
     #define HAVE_HASHDRBG
+    #define WC_RESEED_INTERVAL (1000000)
 #endif