From 907a29ab9eb8c89ca890fd9cbead9ebae63d08d6 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Fri, 10 Mar 2023 11:08:35 -0800
Subject: [PATCH] RNG Tweak

1. Remove a redundant test. The duplicate data test is not required and
   is checking for something that potentially can happen normally,
   albeit rarely.
---
 wolfcrypt/src/random.c     | 22 ----------------------
 wolfssl/wolfcrypt/random.h |  2 --
 2 files changed, 24 deletions(-)

diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index 5ca568eb9..b59a191af 100644
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -489,8 +489,6 @@ static int Hash_DRBG_Reseed(DRBG_internal* drbg, const byte* seed, word32 seedSz
     }
     if (ret == DRBG_SUCCESS) {
         drbg->reseedCtr = 1;
-        drbg->lastBlock = 0;
-        drbg->matchCount = 0;
     }
 
 #ifdef WOLFSSL_SMALL_STACK
@@ -541,7 +539,6 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V)
 #endif
     int i;
     int len;
-    word32 checkBlock;
 #ifdef WOLFSSL_SMALL_STACK_CACHE
     wc_Sha256* sha = &drbg->sha256;
 #else
@@ -590,23 +587,6 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V)
 #endif
 
         if (ret == 0) {
-            XMEMCPY(&checkBlock, digest, sizeof(word32));
-            if (drbg->reseedCtr > 1 && checkBlock == drbg->lastBlock) {
-                if (drbg->matchCount == 1) {
-                    return DRBG_CONT_FAILURE;
-                }
-                else {
-                    if (i == (len-1)) {
-                        len++;
-                    }
-                    drbg->matchCount = 1;
-                }
-            }
-            else {
-                drbg->matchCount = 0;
-                drbg->lastBlock = checkBlock;
-            }
-
             if (out != NULL && outSz != 0) {
                 if (outSz >= OUTPUT_BLOCK_LEN) {
                     XMEMCPY(out, digest, OUTPUT_BLOCK_LEN);
@@ -762,8 +742,6 @@ static int Hash_DRBG_Instantiate(DRBG_internal* drbg, const byte* seed, word32 s
                                     sizeof(drbg->V), NULL, 0) == DRBG_SUCCESS) {
 
         drbg->reseedCtr = 1;
-        drbg->lastBlock = 0;
-        drbg->matchCount = 0;
         ret = DRBG_SUCCESS;
     }
 
diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h
index 94a710544..07707edc2 100644
--- a/wolfssl/wolfcrypt/random.h
+++ b/wolfssl/wolfcrypt/random.h
@@ -159,14 +159,12 @@ struct OS_Seed {
 #ifdef HAVE_HASHDRBG
 struct DRBG_internal {
     word32 reseedCtr;
-    word32 lastBlock;
     byte V[DRBG_SEED_LEN];
     byte C[DRBG_SEED_LEN];
     void* heap;
 #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
     int devId;
 #endif
-    byte   matchCount;
 #ifdef WOLFSSL_SMALL_STACK_CACHE
     wc_Sha256 sha256;
 #endif