Retain existing HAVE_HASHDRBG functionality and only disable if ./configure --disable-hashdrbg or WC_NO_HASHDRBG defined. Fix use of warning with VS. Fix to only use rng seed as source if no DRBG.

2025-08-01 03:34:39 +02:00 · 2017-03-17 13:44:53 -07:00
parent 5e3d8e705e
commit 1251607b04
3 changed files with 19 additions and 8 deletions
--- a/configure.ac
+++ b/configure.ac
@@ -1690,11 +1690,13 @@ if test "x$ENABLED_HASHDRBG" = "xyes"
 then
    AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
 else
-    # turn on Hash DRBG if FIPS is on or ARC4 is off
+    # turn on Hash DRBG if FIPS is on
    if test "x$ENABLED_FIPS" = "xyes"
    then
        AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
        ENABLED_HASHDRBG=yes
+    else
+        AM_CFLAGS="$AM_CFLAGS -DWC_NO_HASHDRBG"
    fi
 fi

--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -634,8 +634,7 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
        ret = RNG_FAILURE_E;
        rng->status = DRBG_FAILED;
    }
-    return ret;
-#endif /* HAVE_HASHDRBG */
+#else

    /* try using the generate seed direectly */
    ret = wc_GenerateSeed(&rng->seed, output, sz);
@@ -643,9 +642,10 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
        return 0;

    /* if we get here then there is an RNG configuration error */
-    (void)ret;
-    (void)sz;
-    return RNG_FAILURE_E;
+    ret = RNG_FAILURE_E;
+#endif /* HAVE_HASHDRBG */
+
+    return ret;
 }


--- a/wolfssl/wolfcrypt/random.h
+++ b/wolfssl/wolfcrypt/random.h
@@ -45,10 +45,15 @@
    #define CUSTOM_RAND_TYPE    byte
 #endif

+/* make sure Hash DRBG is enabled, unless WC_NO_HASHDRBG is defined */
+#ifndef WC_NO_HASHDRBG
+    #undef  HAVE_HASHDRBG
+    #define HAVE_HASHDRBG
+#endif
+

 #ifndef HAVE_FIPS /* avoid redefining structs and macros */

-
 /* RNG supports the following sources (in order):
 * 1. CUSTOM_RAND_GENERATE_BLOCK: Defines name of function as RNG source and
 *     bypasses the options below.
@@ -77,7 +82,11 @@
 #elif defined(HAVE_INTEL_RDRAND)
 #elif defined(HAVE_WNR)
 #else
-     #warning No RNG source defined. Using wc_GenerateSeed directly
+    #ifndef _MSC_VER
+        #warning "No RNG source defined. Using wc_GenerateSeed directly"
+    #else
+        #pragma message("Warning: No RNG source defined. Using wc_GenerateSeed directly")
+    #endif
 #endif

 #ifdef HAVE_WNR