diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 96c705077..31b2e7bea 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -434,6 +434,7 @@ void bench_rng(void) { int ret, i; double start, total, persec; + int pos, len, remain; #ifndef HAVE_LOCAL_RNG WC_RNG rng; #endif @@ -450,10 +451,20 @@ void bench_rng(void) BEGIN_INTEL_CYCLES for(i = 0; i < numBlocks; i++) { - ret = wc_RNG_GenerateBlock(&rng, plain, sizeof(plain)); - if (ret < 0) { - printf("wc_RNG_GenerateBlock failed %d\n", ret); - break; + /* Split request to handle large RNG request */ + pos = 0; + remain = (int)sizeof(plain); + while (remain > 0) { + len = remain; + if (len > RNG_MAX_BLOCK_LEN) + len = RNG_MAX_BLOCK_LEN; + ret = wc_RNG_GenerateBlock(&rng, &plain[pos], len); + if (ret < 0) { + printf("wc_RNG_GenerateBlock failed %d\n", ret); + break; + } + remain -= len; + pos += len; } } diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 2b5f40bfc..124e18281 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -194,6 +194,11 @@ int wc_FreeRng(WC_RNG* rng) #define DRBG_FAILED 2 #define DRBG_CONT_FAILED 3 +/* Verify max gen block len */ +#if RNG_MAX_BLOCK_LEN > MAX_REQUEST_LEN + #error RNG_MAX_BLOCK_LEN is larger than NIST DBRG max request length +#endif + enum { drbgInitC = 0, @@ -533,7 +538,7 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz) { int ret; - if (rng == NULL || output == NULL || sz > MAX_REQUEST_LEN) + if (rng == NULL || output == NULL || sz > RNG_MAX_BLOCK_LEN) return BAD_FUNC_ARG; if (rng->status != DRBG_OK) diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index cfcc671a2..2e1e1e072 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -68,6 +68,8 @@ typedef struct OS_Seed { #endif } OS_Seed; +/* Maximum generate block length */ +#define RNG_MAX_BLOCK_LEN (0x10000) #if (defined(HAVE_HASHDRBG) || defined(NO_RC4)) && !defined(CUSTOM_RAND_GENERATE_BLOCK)