diff options
-rw-r--r-- | board/cr50/dcrypto/fips_rand.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/board/cr50/dcrypto/fips_rand.c b/board/cr50/dcrypto/fips_rand.c index e3dcf4d298..3c3b4bbfb6 100644 --- a/board/cr50/dcrypto/fips_rand.c +++ b/board/cr50/dcrypto/fips_rand.c @@ -248,6 +248,8 @@ bool fips_drbg_init(void) if (!fips_crypto_allowed()) return false; + if (rand_state.drbg_initialized) + return true; /** * initialize DRBG with 440 bits of entropy as required * by NIST SP 800-90A 10.1. Includes entropy and nonce, @@ -270,7 +272,7 @@ bool fips_drbg_init(void) 0); set_fast_random_seed((uint32_t)fips_trng32(0)); - rand_state.drbg_initialized = 1; + rand_state.drbg_initialized = true; return true; } @@ -278,7 +280,7 @@ bool fips_drbg_init(void) void fips_drbg_clear(void) { drbg_exit(&fips_drbg); - rand_state.drbg_initialized = 0; + rand_state.drbg_initialized = false; } static bool fips_drbg_reseed_with_entropy(struct drbg_ctx *ctx) @@ -310,13 +312,13 @@ enum hmac_result fips_hmac_drbg_generate_reseed(struct drbg_ctx *ctx, void *out, bool fips_rand_bytes(void *buffer, size_t len) { - if (!fips_crypto_allowed()) - return false; /** * make sure cr50 DRBG is initialized after power-on or resume, * but do it on first use to minimize latency of board_init() + * + * fips_drbg_init() also checks for fips_crypto_allowed(). */ - if (!rand_state.drbg_initialized && !fips_drbg_init()) + if (!fips_drbg_init()) return false; /* HMAC_DRBG can only return up to 7500 bits in a single request */ @@ -354,10 +356,9 @@ enum hmac_result fips_p256_hmac_drbg_generate(struct drbg_ctx *drbg, int fips_p256_ecdsa_sign(const p256_int *key, const p256_int *message, p256_int *r, p256_int *s) { - if (!fips_crypto_allowed()) + /* Also check for fips_crypto_allowed(). */ + if (!fips_drbg_init()) return 0; - if (!rand_state.drbg_initialized && !fips_drbg_init()) - return false; return dcrypto_p256_fips_sign_internal(&fips_drbg, key, message, r, s); } |