Skip to content

Random: add DRBG reseed support#130

Open
mjdemilliano wants to merge 3 commits into
wolfSSL:masterfrom
mjdemilliano:add-hashdrbg-reseed
Open

Random: add DRBG reseed support#130
mjdemilliano wants to merge 3 commits into
wolfSSL:masterfrom
mjdemilliano:add-hashdrbg-reseed

Conversation

@mjdemilliano

Copy link
Copy Markdown
Contributor

Only available when Hash-DRBG is enabled, which is the default.

@dgarske dgarske self-requested a review June 29, 2026 19:37

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 4 total — 4 posted, 0 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] test_reseed_empty asserts nothing and silently passes on either outcometests/test_random.py:61-66
  • [Low] Non-ASCII em-dash in test comment violates ASCII-only conventiontests/test_random.py:66
  • [Low] test_reseed only checks output length, not that reseed had any effecttests/test_random.py:55-58
  • [Low] Per-method feature gate inside class body differs from repo's module-level gating patternwolfcrypt/random.py:81-89

Review generated by Skoll

Comment thread tests/test_random.py
Comment thread tests/test_random.py Outdated
Comment thread tests/test_random.py
Comment thread wolfcrypt/random.py
@dgarske dgarske assigned mjdemilliano and unassigned dgarske Jun 29, 2026
@dgarske dgarske self-requested a review June 30, 2026 16:05
@dgarske dgarske assigned dgarske and unassigned mjdemilliano Jun 30, 2026

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Multi-Scan Review

Modes: review + review-securityOverall recommendation: COMMENT
Findings: 3 total — 3 posted, 0 skipped
3 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] [review] reseed error branch missing # pragma: no cover used by every other error pathwolfcrypt/random.py:88
  • [Low] [review] Trailing whitespace on blank line inside test_reseed_multipletests/test_random.py:79
  • [Low] [review] Seed bytes use % 255, likely intended % 256tests/test_random.py:61,77

Review generated by Skoll

Comment thread wolfcrypt/random.py Outdated
Comment thread tests/test_random.py Outdated
Comment thread tests/test_random.py Outdated
@dgarske dgarske assigned mjdemilliano and unassigned dgarske Jun 30, 2026
- add pragma no cover
- format using ruff
- fix module factor in test_random

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 3 total — 3 posted, 0 skipped
3 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] HASHDRBG feature not detected on Windows non-FIPS build; reseed() silently unavailablescripts/build_ffi.py:381
  • [Low] test_reseed_multiple is non-deterministictests/test_random.py:72-85
  • [Low] reseed() accepts bytes only with no input normalizationwolfcrypt/random.py:82-89

Review generated by Skoll

Comment thread scripts/build_ffi.py
features["ML_DSA"] = 1 if '#define HAVE_DILITHIUM' in defines else 0
features["ML_KEM"] = 1 if '#define WOLFSSL_HAVE_MLKEM' in defines else 0
features["HKDF"] = 1 if "#define HAVE_HKDF" in defines else 0
features["HASHDRBG"] = 1 if "#define HAVE_HASHDRBG" in defines else 0

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 [Medium] HASHDRBG feature not detected on Windows non-FIPS build; reseed() silently unavailable

The new detection features["HASHDRBG"] = 1 if "#define HAVE_HASHDRBG" in defines else 0 does a literal, exact-line match against the defines pulled from options.h/user_settings.h. On Linux/macOS the autotools build emits #define HAVE_HASHDRBG into the generated options.h (verified in lib/wolfssl/.../include/wolfssl/options.h), so detection works. On Windows non-FIPS the build copies windows/non_fips/user_settings.h as the sole defines source, and that file does NOT contain #define HAVE_HASHDRBG — Hash-DRBG is left enabled implicitly via wolfSSL's default settings.h (no WC_NO_HASHDRBG). As a result, features["HASHDRBG"] evaluates to 0 on Windows non-FIPS even though wc_RNG_DRBG_Reseed is actually compiled into the library. Consequently HASHDRBG_ENABLED is 0, wc_RNG_DRBG_Reseed is omitted from the cdef, and Random.reseed() is never defined on the default Windows build — the very feature this PR adds ships as unavailable there. Note windows/fips_ready/user_settings.h:17 already defines HAVE_HASHDRBG, and windows/non_fips/user_settings.h:23 already lists HAVE_HKDF for exactly this reason, so the omission looks accidental.

Fix: Add #define HAVE_HASHDRBG to windows/non_fips/user_settings.h (mirroring the existing HAVE_HKDF define and the fips_ready variant) so the new detection fires and reseed() is exposed on the default Windows build. Alternatively, document that reseed is Linux/macOS-only for now.

Comment thread tests/test_random.py


@pytest.mark.skipif(not _lib.HASHDRBG_ENABLED, reason="Reseeding only available with hash-DRBG")
def test_reseed_multiple(rng):

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔵 [Low] test_reseed_multiple is non-deterministic

The test derives both the per-iteration seed size and the final byte count from live RNG output (seed_size = ord(rng.byte()), num_bytes = ord(rng.byte())). This makes the test path non-deterministic: a failure would not reproduce with a fixed input, and coverage varies run to run. Values are bounded to 0-255 so there is no resource risk, but reproducibility suffers. The success-path coverage itself is otherwise good (test_reseed_sizes already exercises 0/1/32/1000).

Fix: Use fixed, explicit seed sizes and byte counts so the test is deterministic and reproducible; keep the loop to prove consecutive reseeds work.

Comment thread wolfcrypt/random.py
return _ffi.buffer(result, length)[:]

if _lib.HASHDRBG_ENABLED:
def reseed(self, seed: __builtins__.bytes) -> None:

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔵 [Low] reseed() accepts bytes only with no input normalization

reseed passes seed straight to the CFFI call. If a caller passes a str instead of bytes, CFFI raises an opaque type error rather than a clear message. Other modules (e.g. hkdf.py) normalize inputs via t2b(). This is consistent with Random.__init__ (which also takes nonce as raw bytes without t2b), so within random.py the convention is followed; flagging only for awareness since the type hint (__builtins__.bytes) is not enforced at runtime.

Fix: Optional: either leave as-is to match Random.init's bytes-only convention, or run seed through t2b() for consistency with the rest of the bindings and friendlier errors on str input.

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants