From bfe68e4d7340d550a5a48e05e72a5576090724b3 Mon Sep 17 00:00:00 2001 From: Andreas Hatziiliou Date: Wed, 12 Nov 2025 10:07:25 -0500 Subject: [PATCH 1/2] API: add failure mode support for randombytes() Change randombytes() to return int (0 on success, non-zero on failure) instead of void, allowing callers to detect and handle RNG failures. Updated function signature, all call sites to check return values and test files to use CHECK macro. Signed-off-by: Andreas Hatziiliou --- examples/basic/test_only_rng/notrandombytes.c | 3 +- examples/basic/test_only_rng/notrandombytes.h | 2 +- .../test_only_rng/notrandombytes.c | 3 +- .../test_only_rng/notrandombytes.h | 2 +- .../test_only_rng/notrandombytes.c | 3 +- .../test_only_rng/notrandombytes.h | 2 +- integration/liboqs/config_aarch64.h | 3 +- integration/liboqs/config_c.h | 3 +- integration/liboqs/config_x86_64.h | 3 +- mldsa/src/randombytes.h | 6 +- mldsa/src/sign.c | 17 +++++- test/bench_components_mldsa.c | 55 ++++++++++++------- test/bench_mldsa.c | 8 +-- test/configs.yml | 8 +-- test/notrandombytes/notrandombytes.c | 3 +- test/notrandombytes/notrandombytes.h | 2 +- test/test_mldsa.c | 30 +++++----- 17 files changed, 92 insertions(+), 61 deletions(-) diff --git a/examples/basic/test_only_rng/notrandombytes.c b/examples/basic/test_only_rng/notrandombytes.c index c069a6a26..63d74baab 100644 --- a/examples/basic/test_only_rng/notrandombytes.c +++ b/examples/basic/test_only_rng/notrandombytes.c @@ -87,7 +87,7 @@ static void surf(void) } } -void randombytes(uint8_t *buf, size_t n) +int randombytes(uint8_t *buf, size_t n) { while (n > 0) { @@ -110,4 +110,5 @@ void randombytes(uint8_t *buf, size_t n) ++buf; --n; } + return 0; } diff --git a/examples/basic/test_only_rng/notrandombytes.h b/examples/basic/test_only_rng/notrandombytes.h index b2a464372..6cd07572f 100644 --- a/examples/basic/test_only_rng/notrandombytes.h +++ b/examples/basic/test_only_rng/notrandombytes.h @@ -30,6 +30,6 @@ */ void randombytes_reset(void); -void randombytes(uint8_t *buf, size_t n); +int randombytes(uint8_t *buf, size_t n); #endif /* !NOTRANDOMBYTES_H */ diff --git a/examples/bring_your_own_fips202/test_only_rng/notrandombytes.c b/examples/bring_your_own_fips202/test_only_rng/notrandombytes.c index c069a6a26..63d74baab 100644 --- a/examples/bring_your_own_fips202/test_only_rng/notrandombytes.c +++ b/examples/bring_your_own_fips202/test_only_rng/notrandombytes.c @@ -87,7 +87,7 @@ static void surf(void) } } -void randombytes(uint8_t *buf, size_t n) +int randombytes(uint8_t *buf, size_t n) { while (n > 0) { @@ -110,4 +110,5 @@ void randombytes(uint8_t *buf, size_t n) ++buf; --n; } + return 0; } diff --git a/examples/bring_your_own_fips202/test_only_rng/notrandombytes.h b/examples/bring_your_own_fips202/test_only_rng/notrandombytes.h index b2a464372..6cd07572f 100644 --- a/examples/bring_your_own_fips202/test_only_rng/notrandombytes.h +++ b/examples/bring_your_own_fips202/test_only_rng/notrandombytes.h @@ -30,6 +30,6 @@ */ void randombytes_reset(void); -void randombytes(uint8_t *buf, size_t n); +int randombytes(uint8_t *buf, size_t n); #endif /* !NOTRANDOMBYTES_H */ diff --git a/examples/bring_your_own_fips202_static/test_only_rng/notrandombytes.c b/examples/bring_your_own_fips202_static/test_only_rng/notrandombytes.c index c069a6a26..63d74baab 100644 --- a/examples/bring_your_own_fips202_static/test_only_rng/notrandombytes.c +++ b/examples/bring_your_own_fips202_static/test_only_rng/notrandombytes.c @@ -87,7 +87,7 @@ static void surf(void) } } -void randombytes(uint8_t *buf, size_t n) +int randombytes(uint8_t *buf, size_t n) { while (n > 0) { @@ -110,4 +110,5 @@ void randombytes(uint8_t *buf, size_t n) ++buf; --n; } + return 0; } diff --git a/examples/bring_your_own_fips202_static/test_only_rng/notrandombytes.h b/examples/bring_your_own_fips202_static/test_only_rng/notrandombytes.h index b2a464372..6cd07572f 100644 --- a/examples/bring_your_own_fips202_static/test_only_rng/notrandombytes.h +++ b/examples/bring_your_own_fips202_static/test_only_rng/notrandombytes.h @@ -30,6 +30,6 @@ */ void randombytes_reset(void); -void randombytes(uint8_t *buf, size_t n); +int randombytes(uint8_t *buf, size_t n); #endif /* !NOTRANDOMBYTES_H */ diff --git a/integration/liboqs/config_aarch64.h b/integration/liboqs/config_aarch64.h index 4092bd0ab..37c980e74 100644 --- a/integration/liboqs/config_aarch64.h +++ b/integration/liboqs/config_aarch64.h @@ -174,9 +174,10 @@ #include #include #include "../../mldsa/src/sys.h" -static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) +static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { OQS_randombytes(ptr, len); + return 0; } #endif /* !__ASSEMBLER__ */ diff --git a/integration/liboqs/config_c.h b/integration/liboqs/config_c.h index e68375c0a..8cd7c598b 100644 --- a/integration/liboqs/config_c.h +++ b/integration/liboqs/config_c.h @@ -178,9 +178,10 @@ #include #include #include "../../mldsa/src/sys.h" -static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) +static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { OQS_randombytes(ptr, len); + return 0; } #endif /* !__ASSEMBLER__ */ diff --git a/integration/liboqs/config_x86_64.h b/integration/liboqs/config_x86_64.h index 40b3f2f5f..a5d959de0 100644 --- a/integration/liboqs/config_x86_64.h +++ b/integration/liboqs/config_x86_64.h @@ -176,9 +176,10 @@ #include #include #include "../../mldsa/src/sys.h" -static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) +static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { OQS_randombytes(ptr, len); + return 0; } #endif /* !__ASSEMBLER__ */ diff --git a/mldsa/src/randombytes.h b/mldsa/src/randombytes.h index 801bcbaa9..889c15bff 100644 --- a/mldsa/src/randombytes.h +++ b/mldsa/src/randombytes.h @@ -13,12 +13,12 @@ #if !defined(MLD_CONFIG_NO_RANDOMIZED_API) #if !defined(MLD_CONFIG_CUSTOM_RANDOMBYTES) -void randombytes(uint8_t *out, size_t outlen); -static MLD_INLINE void mld_randombytes(uint8_t *out, size_t outlen) +int randombytes(uint8_t *out, size_t outlen); +static MLD_INLINE int mld_randombytes(uint8_t *out, size_t outlen) __contract__( requires(memory_no_alias(out, outlen)) assigns(memory_slice(out, outlen)) -) { randombytes(out, outlen); } +) { return randombytes(out, outlen); } #endif /* !MLD_CONFIG_CUSTOM_RANDOMBYTES */ #endif /* !MLD_CONFIG_NO_RANDOMIZED_API */ #endif /* !MLD_RANDOMBYTES_H */ diff --git a/mldsa/src/sign.c b/mldsa/src/sign.c index d3d4d2bb3..dd778dca5 100644 --- a/mldsa/src/sign.c +++ b/mldsa/src/sign.c @@ -320,7 +320,10 @@ int crypto_sign_keypair(uint8_t pk[CRYPTO_PUBLICKEYBYTES], { MLD_ALIGN uint8_t seed[MLDSA_SEEDBYTES]; int result; - mld_randombytes(seed, MLDSA_SEEDBYTES); + if (mld_randombytes(seed, MLDSA_SEEDBYTES) != 0) + { + return -1; + } MLD_CT_TESTING_SECRET(seed, sizeof(seed)); result = crypto_sign_keypair_internal(pk, sk, seed); @@ -707,7 +710,11 @@ int crypto_sign_signature(uint8_t sig[CRYPTO_BYTES], size_t *siglen, /* Randomized variant of ML-DSA. If you need the deterministic variant, * call crypto_sign_signature_internal directly with all-zero rnd. */ - mld_randombytes(rnd, MLDSA_RNDBYTES); + if (mld_randombytes(rnd, MLDSA_RNDBYTES) != 0) + { + *siglen = 0; + return -1; + } MLD_CT_TESTING_SECRET(rnd, sizeof(rnd)); result = crypto_sign_signature_internal(sig, siglen, m, mlen, pre, pre_len, @@ -734,7 +741,11 @@ int crypto_sign_signature_extmu(uint8_t sig[CRYPTO_BYTES], size_t *siglen, /* Randomized variant of ML-DSA. If you need the deterministic variant, * call crypto_sign_signature_internal directly with all-zero rnd. */ - mld_randombytes(rnd, MLDSA_RNDBYTES); + if (mld_randombytes(rnd, MLDSA_RNDBYTES) != 0) + { + *siglen = 0; + return -1; + } MLD_CT_TESTING_SECRET(rnd, sizeof(rnd)); result = crypto_sign_signature_internal(sig, siglen, mu, MLDSA_CRHBYTES, NULL, diff --git a/test/bench_components_mldsa.c b/test/bench_components_mldsa.c index ff219e6ef..70d11cb50 100644 --- a/test/bench_components_mldsa.c +++ b/test/bench_components_mldsa.c @@ -18,32 +18,45 @@ #define NITERATIONS 300 #define NTESTS 20 +#define CHECK(x) \ + do \ + { \ + int rc; \ + rc = (x); \ + if (!rc) \ + { \ + fprintf(stderr, "ERROR (%s,%d)\n", __FILE__, __LINE__); \ + return 1; \ + } \ + } while (0) + static int cmp_uint64_t(const void *a, const void *b) { return (int)((*((const uint64_t *)a)) - (*((const uint64_t *)b))); } -#define BENCH(txt, code) \ - for (i = 0; i < NTESTS; i++) \ - { \ - mld_randombytes((uint8_t *)data0, sizeof(data0)); \ - mld_randombytes((uint8_t *)&polyvecl_a, sizeof(polyvecl_a)); \ - mld_randombytes((uint8_t *)&polyvecl_b, sizeof(polyvecl_b)); \ - mld_randombytes((uint8_t *)polyvecl_mat, sizeof(polyvecl_mat)); \ - for (j = 0; j < NWARMUP; j++) \ - { \ - code; \ - } \ - \ - t0 = get_cyclecounter(); \ - for (j = 0; j < NITERATIONS; j++) \ - { \ - code; \ - } \ - t1 = get_cyclecounter(); \ - (cyc)[i] = t1 - t0; \ - } \ - qsort((cyc), NTESTS, sizeof(uint64_t), cmp_uint64_t); \ +#define BENCH(txt, code) \ + for (i = 0; i < NTESTS; i++) \ + { \ + CHECK(mld_randombytes((uint8_t *)data0, sizeof(data0)) == 0); \ + CHECK(mld_randombytes((uint8_t *)&polyvecl_a, sizeof(polyvecl_a)) == 0); \ + CHECK(mld_randombytes((uint8_t *)&polyvecl_b, sizeof(polyvecl_b)) == 0); \ + CHECK(mld_randombytes((uint8_t *)polyvecl_mat, sizeof(polyvecl_mat)) == \ + 0); \ + for (j = 0; j < NWARMUP; j++) \ + { \ + code; \ + } \ + \ + t0 = get_cyclecounter(); \ + for (j = 0; j < NITERATIONS; j++) \ + { \ + code; \ + } \ + t1 = get_cyclecounter(); \ + (cyc)[i] = t1 - t0; \ + } \ + qsort((cyc), NTESTS, sizeof(uint64_t), cmp_uint64_t); \ printf(txt " cycles=%" PRIu64 "\n", (cyc)[NTESTS >> 1] / NITERATIONS); static int bench(void) diff --git a/test/bench_mldsa.c b/test/bench_mldsa.c index e97e343ba..31cdb16c6 100644 --- a/test/bench_mldsa.c +++ b/test/bench_mldsa.c @@ -91,8 +91,8 @@ static int bench(void) for (i = 0; i < NTESTS; i++) { int ret = 0; - mld_randombytes(kg_rand, sizeof(kg_rand)); - mld_randombytes(sig_rand, sizeof(sig_rand)); + CHECK(mld_randombytes(kg_rand, sizeof(kg_rand)) == 0); + CHECK(mld_randombytes(sig_rand, sizeof(sig_rand)) == 0); /* Key-pair generation */ @@ -111,8 +111,8 @@ static int bench(void) /* Signing */ - mld_randombytes(ctx, CTXLEN); - mld_randombytes(m, MLEN); + CHECK(mld_randombytes(ctx, CTXLEN) == 0); + CHECK(mld_randombytes(m, MLEN) == 0); pre[0] = 0; pre[1] = CTXLEN; diff --git a/test/configs.yml b/test/configs.yml index 45b5660e9..51ffe1a79 100644 --- a/test/configs.yml +++ b/test/configs.yml @@ -38,9 +38,9 @@ configs: #include #include "../mldsa/src/sys.h" #include "notrandombytes/notrandombytes.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { - randombytes(ptr, len); + return randombytes(ptr, len); } #endif /* !__ASSEMBLER__ */ @@ -373,9 +373,9 @@ configs: #include #include "sys.h" #include "test_only_rng/notrandombytes.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { - randombytes(ptr, len); + return randombytes(ptr, len); } #endif /* !__ASSEMBLER__ */ diff --git a/test/notrandombytes/notrandombytes.c b/test/notrandombytes/notrandombytes.c index e8bfc8037..ef5a423a9 100644 --- a/test/notrandombytes/notrandombytes.c +++ b/test/notrandombytes/notrandombytes.c @@ -90,7 +90,7 @@ static void surf(void) } } -void randombytes(uint8_t *buf, size_t n) +int randombytes(uint8_t *buf, size_t n) { #ifdef ENABLE_CT_TESTING uint8_t *buf_orig = buf; @@ -126,4 +126,5 @@ void randombytes(uint8_t *buf, size_t n) */ VALGRIND_MAKE_MEM_UNDEFINED(buf_orig, n_orig); #endif /* ENABLE_CT_TESTING */ + return 0; } diff --git a/test/notrandombytes/notrandombytes.h b/test/notrandombytes/notrandombytes.h index e330b36c5..bdf978792 100644 --- a/test/notrandombytes/notrandombytes.h +++ b/test/notrandombytes/notrandombytes.h @@ -29,6 +29,6 @@ */ void randombytes_reset(void); -void randombytes(uint8_t *buf, size_t n); +int randombytes(uint8_t *buf, size_t n); #endif /* !NOTRANDOMBYTES_H */ diff --git a/test/test_mldsa.c b/test/test_mldsa.c index 25ccdba3c..7848f275a 100644 --- a/test/test_mldsa.c +++ b/test/test_mldsa.c @@ -40,9 +40,9 @@ static int test_sign_core(uint8_t pk[CRYPTO_PUBLICKEYBYTES], CHECK(crypto_sign_keypair(pk, sk) == 0); - randombytes(ctx, CTXLEN); + CHECK(randombytes(ctx, CTXLEN) == 0); MLD_CT_TESTING_SECRET(ctx, CTXLEN); - randombytes(m, MLEN); + CHECK(randombytes(m, MLEN) == 0); MLD_CT_TESTING_SECRET(m, MLEN); CHECK(crypto_sign(sm, &smlen, m, MLEN, ctx, CTXLEN, sk) == 0); @@ -114,7 +114,7 @@ static int test_sign_extmu(void) size_t siglen; CHECK(crypto_sign_keypair(pk, sk) == 0); - randombytes(mu, MLDSA_CRHBYTES); + CHECK(randombytes(mu, MLDSA_CRHBYTES) == 0); MLD_CT_TESTING_SECRET(mu, sizeof(mu)); CHECK(crypto_sign_signature_extmu(sig, &siglen, mu, sk) == 0); @@ -136,11 +136,11 @@ static int test_sign_pre_hash(void) CHECK(crypto_sign_keypair(pk, sk) == 0); - randombytes(ctx, CTXLEN); + CHECK(randombytes(ctx, CTXLEN) == 0); MLD_CT_TESTING_SECRET(ctx, sizeof(ctx)); - randombytes(m, MLEN); + CHECK(randombytes(m, MLEN) == 0); MLD_CT_TESTING_SECRET(m, sizeof(m)); - randombytes(rnd, MLDSA_RNDBYTES); + CHECK(randombytes(rnd, MLDSA_RNDBYTES) == 0); MLD_CT_TESTING_SECRET(rnd, sizeof(rnd)); CHECK(crypto_sign_signature_pre_hash_shake256(sig, &siglen, m, MLEN, ctx, @@ -225,15 +225,15 @@ static int test_wrong_pk(void) size_t i; CHECK(crypto_sign_keypair(pk, sk) == 0); - randombytes(ctx, CTXLEN); + CHECK(randombytes(ctx, CTXLEN) == 0); MLD_CT_TESTING_SECRET(ctx, sizeof(ctx)); - randombytes(m, MLEN); + CHECK(randombytes(m, MLEN) == 0); MLD_CT_TESTING_SECRET(m, sizeof(m)); CHECK(crypto_sign(sm, &smlen, m, MLEN, ctx, CTXLEN, sk) == 0); /* flip bit in public key */ - randombytes((uint8_t *)&idx, sizeof(size_t)); + CHECK(randombytes((uint8_t *)&idx, sizeof(size_t)) == 0); idx %= CRYPTO_PUBLICKEYBYTES; pk[idx] ^= 1; @@ -276,15 +276,15 @@ static int test_wrong_sig(void) size_t i; CHECK(crypto_sign_keypair(pk, sk) == 0); - randombytes(ctx, CTXLEN); + CHECK(randombytes(ctx, CTXLEN) == 0); MLD_CT_TESTING_SECRET(ctx, sizeof(ctx)); - randombytes(m, MLEN); + CHECK(randombytes(m, MLEN) == 0); MLD_CT_TESTING_SECRET(m, sizeof(m)); CHECK(crypto_sign(sm, &smlen, m, MLEN, ctx, CTXLEN, sk) == 0); /* flip bit in signed message */ - randombytes((uint8_t *)&idx, sizeof(size_t)); + CHECK(randombytes((uint8_t *)&idx, sizeof(size_t)) == 0); idx %= MLEN + CRYPTO_BYTES; sm[idx] ^= 1; @@ -328,15 +328,15 @@ static int test_wrong_ctx(void) size_t i; CHECK(crypto_sign_keypair(pk, sk) == 0); - randombytes(ctx, CTXLEN); + CHECK(randombytes(ctx, CTXLEN) == 0); MLD_CT_TESTING_SECRET(ctx, sizeof(ctx)); - randombytes(m, MLEN); + CHECK(randombytes(m, MLEN) == 0); MLD_CT_TESTING_SECRET(m, sizeof(m)); CHECK(crypto_sign(sm, &smlen, m, MLEN, ctx, CTXLEN, sk) == 0); /* flip bit in ctx */ - randombytes((uint8_t *)&idx, sizeof(size_t)); + CHECK(randombytes((uint8_t *)&idx, sizeof(size_t)) == 0); idx %= CTXLEN; ctx[idx] ^= 1; From 328cb7a62fcbd94a63ace2230e4395898ebfe7a4 Mon Sep 17 00:00:00 2001 From: Andreas Hatziiliou Date: Wed, 12 Nov 2025 11:08:30 -0500 Subject: [PATCH 2/2] autogen: run to update randombytes() declaration Run the autogen script to reflect the changes made to the randombytes() API. Signed-off-by: Andreas Hatziiliou --- .../mldsa_native/custom_no_randomized_config.h | 6 ++++-- examples/monolithic_build/config_44.h | 6 ++++-- examples/monolithic_build/config_65.h | 6 ++++-- examples/monolithic_build/config_87.h | 6 ++++-- examples/monolithic_build_multilevel/multilevel_config.h | 6 ++++-- .../monolithic_build_multilevel_native/multilevel_config.h | 7 ++++--- examples/monolithic_build_native/config_44.h | 6 ++++-- examples/monolithic_build_native/config_65.h | 6 ++++-- examples/monolithic_build_native/config_87.h | 6 ++++-- integration/liboqs/config_aarch64.h | 2 +- integration/liboqs/config_c.h | 2 +- integration/liboqs/config_x86_64.h | 2 +- mldsa/src/config.h | 6 ++++-- test/break_pct_config.h | 6 ++++-- test/custom_memcpy_config.h | 6 ++++-- test/custom_memset_config.h | 6 ++++-- test/custom_native_capability_config_0.h | 6 ++++-- test/custom_native_capability_config_1.h | 6 ++++-- test/custom_native_capability_config_CPUID_AVX2.h | 6 ++++-- test/custom_native_capability_config_ID_AA64PFR1_EL1.h | 6 ++++-- test/custom_randombytes_config.h | 7 ++++--- test/custom_stdlib_config.h | 6 ++++-- test/custom_zeroize_config.h | 6 ++++-- test/no_asm_config.h | 6 ++++-- test/serial_fips202_config.h | 6 ++++-- 25 files changed, 91 insertions(+), 49 deletions(-) diff --git a/examples/basic_deterministic/mldsa_native/custom_no_randomized_config.h b/examples/basic_deterministic/mldsa_native/custom_no_randomized_config.h index 1622a4526..3ef45b194 100644 --- a/examples/basic_deterministic/mldsa_native/custom_no_randomized_config.h +++ b/examples/basic_deterministic/mldsa_native/custom_no_randomized_config.h @@ -343,7 +343,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -354,9 +355,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/examples/monolithic_build/config_44.h b/examples/monolithic_build/config_44.h index f07b330a6..2af3f043e 100644 --- a/examples/monolithic_build/config_44.h +++ b/examples/monolithic_build/config_44.h @@ -341,7 +341,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -352,9 +353,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/examples/monolithic_build/config_65.h b/examples/monolithic_build/config_65.h index e22a74509..f0a0a608a 100644 --- a/examples/monolithic_build/config_65.h +++ b/examples/monolithic_build/config_65.h @@ -341,7 +341,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -352,9 +353,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/examples/monolithic_build/config_87.h b/examples/monolithic_build/config_87.h index 2fa64c3c5..638ab435a 100644 --- a/examples/monolithic_build/config_87.h +++ b/examples/monolithic_build/config_87.h @@ -341,7 +341,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -352,9 +353,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/examples/monolithic_build_multilevel/multilevel_config.h b/examples/monolithic_build_multilevel/multilevel_config.h index 3d1f94fea..d67d2755c 100644 --- a/examples/monolithic_build_multilevel/multilevel_config.h +++ b/examples/monolithic_build_multilevel/multilevel_config.h @@ -342,7 +342,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -353,9 +354,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/examples/monolithic_build_multilevel_native/multilevel_config.h b/examples/monolithic_build_multilevel_native/multilevel_config.h index 037f026d8..6af036630 100644 --- a/examples/monolithic_build_multilevel_native/multilevel_config.h +++ b/examples/monolithic_build_multilevel_native/multilevel_config.h @@ -342,7 +342,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -360,9 +361,9 @@ #include #include "sys.h" #include "test_only_rng/notrandombytes.h" -static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) +static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { - randombytes(ptr, len); + return randombytes(ptr, len); } #endif /* !__ASSEMBLER__ */ diff --git a/examples/monolithic_build_native/config_44.h b/examples/monolithic_build_native/config_44.h index a5f933a56..7c51b9d60 100644 --- a/examples/monolithic_build_native/config_44.h +++ b/examples/monolithic_build_native/config_44.h @@ -339,7 +339,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -350,9 +351,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/examples/monolithic_build_native/config_65.h b/examples/monolithic_build_native/config_65.h index af93757a2..f8a416bdb 100644 --- a/examples/monolithic_build_native/config_65.h +++ b/examples/monolithic_build_native/config_65.h @@ -339,7 +339,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -350,9 +351,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/examples/monolithic_build_native/config_87.h b/examples/monolithic_build_native/config_87.h index b588c5899..268e25d43 100644 --- a/examples/monolithic_build_native/config_87.h +++ b/examples/monolithic_build_native/config_87.h @@ -339,7 +339,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -350,9 +351,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/integration/liboqs/config_aarch64.h b/integration/liboqs/config_aarch64.h index 37c980e74..101846da9 100644 --- a/integration/liboqs/config_aarch64.h +++ b/integration/liboqs/config_aarch64.h @@ -162,7 +162,7 @@ * consumer. * * If this option is not set, mlkem-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). * * Set this option and define `mlk_randombytes` if you want to * use a custom method to sample randombytes with a different name diff --git a/integration/liboqs/config_c.h b/integration/liboqs/config_c.h index 8cd7c598b..eff850f4a 100644 --- a/integration/liboqs/config_c.h +++ b/integration/liboqs/config_c.h @@ -166,7 +166,7 @@ * consumer. * * If this option is not set, mlkem-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). * * Set this option and define `mlk_randombytes` if you want to * use a custom method to sample randombytes with a different name diff --git a/integration/liboqs/config_x86_64.h b/integration/liboqs/config_x86_64.h index a5d959de0..14737d449 100644 --- a/integration/liboqs/config_x86_64.h +++ b/integration/liboqs/config_x86_64.h @@ -164,7 +164,7 @@ * consumer. * * If this option is not set, mlkem-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). * * Set this option and define `mlk_randombytes` if you want to * use a custom method to sample randombytes with a different name diff --git a/mldsa/src/config.h b/mldsa/src/config.h index 9e48023db..382abf035 100644 --- a/mldsa/src/config.h +++ b/mldsa/src/config.h @@ -327,7 +327,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -338,9 +339,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/break_pct_config.h b/test/break_pct_config.h index 9b60a055f..7ff297645 100644 --- a/test/break_pct_config.h +++ b/test/break_pct_config.h @@ -343,7 +343,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -354,9 +355,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/custom_memcpy_config.h b/test/custom_memcpy_config.h index 54f11a515..8fd4cc33b 100644 --- a/test/custom_memcpy_config.h +++ b/test/custom_memcpy_config.h @@ -350,7 +350,8 @@ static MLD_INLINE void *mld_memcpy(void *dest, const void *src, size_t n) * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -361,9 +362,10 @@ static MLD_INLINE void *mld_memcpy(void *dest, const void *src, size_t n) #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/custom_memset_config.h b/test/custom_memset_config.h index 2b0de7ea4..84d7c0cdd 100644 --- a/test/custom_memset_config.h +++ b/test/custom_memset_config.h @@ -349,7 +349,8 @@ static MLD_INLINE void *mld_memset(void *s, int c, size_t n) * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -360,9 +361,10 @@ static MLD_INLINE void *mld_memset(void *s, int c, size_t n) #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/custom_native_capability_config_0.h b/test/custom_native_capability_config_0.h index 90179dce5..706009d79 100644 --- a/test/custom_native_capability_config_0.h +++ b/test/custom_native_capability_config_0.h @@ -343,7 +343,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -354,9 +355,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/custom_native_capability_config_1.h b/test/custom_native_capability_config_1.h index 233d64f3c..f642e2ad9 100644 --- a/test/custom_native_capability_config_1.h +++ b/test/custom_native_capability_config_1.h @@ -343,7 +343,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -354,9 +355,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/custom_native_capability_config_CPUID_AVX2.h b/test/custom_native_capability_config_CPUID_AVX2.h index 41cd8a823..6139a2e1a 100644 --- a/test/custom_native_capability_config_CPUID_AVX2.h +++ b/test/custom_native_capability_config_CPUID_AVX2.h @@ -343,7 +343,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -354,9 +355,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/custom_native_capability_config_ID_AA64PFR1_EL1.h b/test/custom_native_capability_config_ID_AA64PFR1_EL1.h index a1393e090..190f2bf1b 100644 --- a/test/custom_native_capability_config_ID_AA64PFR1_EL1.h +++ b/test/custom_native_capability_config_ID_AA64PFR1_EL1.h @@ -343,7 +343,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -354,9 +355,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/custom_randombytes_config.h b/test/custom_randombytes_config.h index 061263549..ca6740d9d 100644 --- a/test/custom_randombytes_config.h +++ b/test/custom_randombytes_config.h @@ -342,7 +342,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -354,9 +355,9 @@ #include #include "../mldsa/src/sys.h" #include "notrandombytes/notrandombytes.h" -static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) +static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { - randombytes(ptr, len); + return randombytes(ptr, len); } #endif /* !__ASSEMBLER__ */ diff --git a/test/custom_stdlib_config.h b/test/custom_stdlib_config.h index c1d0e90ab..9c0f96220 100644 --- a/test/custom_stdlib_config.h +++ b/test/custom_stdlib_config.h @@ -358,7 +358,8 @@ static MLD_INLINE void *mld_memset(void *s, int c, size_t n) * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -369,9 +370,10 @@ static MLD_INLINE void *mld_memset(void *s, int c, size_t n) #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/custom_zeroize_config.h b/test/custom_zeroize_config.h index 850e2afd2..504e7f295 100644 --- a/test/custom_zeroize_config.h +++ b/test/custom_zeroize_config.h @@ -343,7 +343,8 @@ static MLD_INLINE void mld_zeroize_native(void *ptr, size_t len) * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -354,9 +355,10 @@ static MLD_INLINE void mld_zeroize_native(void *ptr, size_t len) #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/no_asm_config.h b/test/no_asm_config.h index 5f28a4a25..24f4be14f 100644 --- a/test/no_asm_config.h +++ b/test/no_asm_config.h @@ -344,7 +344,8 @@ static MLD_INLINE void mld_zeroize_native(void *ptr, size_t len) * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -355,9 +356,10 @@ static MLD_INLINE void mld_zeroize_native(void *ptr, size_t len) #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */ diff --git a/test/serial_fips202_config.h b/test/serial_fips202_config.h index 7df4b0e64..3093d00f0 100644 --- a/test/serial_fips202_config.h +++ b/test/serial_fips202_config.h @@ -342,7 +342,8 @@ * consumer. * * If this option is not set, mldsa-native expects a function - * void randombytes(uint8_t *out, size_t outlen). + * int randombytes(uint8_t *out, size_t outlen). + * This function should return 0 on success, non-zero on failure. * * Set this option and define `mld_randombytes` if you want to * use a custom method to sample randombytes with a different name @@ -353,9 +354,10 @@ #if !defined(__ASSEMBLER__) #include #include "sys.h" - static MLD_INLINE void mld_randombytes(uint8_t *ptr, size_t len) + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) { ... your implementation ... + return 0; // 0 on success, non-zero on failure } #endif */