testing: add rng failure test

Tests that crypto_kem_enc and crypto_kem_keypair,
correctly return MLD_ERR_RNG_FAIL when randombytes()
fails. We systematically inject failures at each
invocation point. This test is based off the work from
the test_alloc implementation.

Signed-off-by: Andreas Hatziiliou <[email protected]>

Author: L-series

Makefile

@@ -1,14 +1,14 @@
 # Copyright (c) The mlkem-native project authors
 # SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
 
-.PHONY: func kat acvp stack alloc \
-	func_512 kat_512 acvp_512 stack_512 alloc_512 \
-	func_768 kat_768 acvp_768 stack_768 alloc_768 \
-	func_1024 kat_1024 acvp_1024 stack_1024 alloc_1024 \
-	run_func run_kat run_acvp run_stack run_alloc \
-	run_func_512 run_kat_512 run_stack_512 run_alloc_512 \
-	run_func_768 run_kat_768 run_stack_768 run_alloc_768 \
-	run_func_1024 run_kat_1024 run_stack_1024 run_alloc_1024 \
+.PHONY: func kat acvp stack alloc rng_fail \
+	func_512 kat_512 acvp_512 stack_512 alloc_512 rng_fail_512 \
+	func_768 kat_768 acvp_768 stack_768 alloc_768 rng_fail_768 \
+	func_1024 kat_1024 acvp_1024 stack_1024 alloc_1024 rng_fail_1024 \
+	run_func run_kat run_acvp run_stack run_alloc run_rng_fail \
+	run_func_512 run_kat_512 run_stack_512 run_alloc_512 run_rng_fail_512 \
+	run_func_768 run_kat_768 run_stack_768 run_alloc_768 run_rng_fail_768 \
+	run_func_1024 run_kat_1024 run_stack_1024 run_alloc_1024 run_rng_fail_1024 \
 	bench_512 bench_768 bench_1024 bench \
 	run_bench_512 run_bench_768 run_bench_1024 run_bench \
 	bench_components_512 bench_components_768 bench_components_1024 bench_components \
@@ -46,7 +46,7 @@ quickcheck: test
 build: func kat acvp
 	$(Q)echo "  Everything builds fine!"
 
-test: run_kat run_func run_acvp run_unit run_alloc
+test: run_kat run_func run_acvp run_unit run_alloc run_rng_fail
 	$(Q)echo "  Everything checks fine!"
 
 # Detect available SHA256 command
@@ -155,6 +155,22 @@ run_alloc_1024: alloc_1024
 	$(W) $(MLKEM1024_DIR)/bin/test_alloc1024
 run_alloc: run_alloc_512 run_alloc_768 run_alloc_1024
 
+rng_fail_512: $(MLKEM512_DIR)/bin/test_rng_fail512
+	$(Q)echo "  RNG_FAIL   ML-KEM-512:   $^"
+rng_fail_768: $(MLKEM768_DIR)/bin/test_rng_fail768
+	$(Q)echo "  RNG_FAIL   ML-KEM-768:   $^"
+rng_fail_1024: $(MLKEM1024_DIR)/bin/test_rng_fail1024
+	$(Q)echo "  RNG_FAIL   ML-KEM-1024:  $^"
+rng_fail: rng_fail_512 rng_fail_768 rng_fail_1024
+
+run_rng_fail_512: rng_fail_512
+	$(W) $(MLKEM512_DIR)/bin/test_rng_fail512
+run_rng_fail_768: rng_fail_768
+	$(W) $(MLKEM768_DIR)/bin/test_rng_fail768
+run_rng_fail_1024: rng_fail_1024
+	$(W) $(MLKEM1024_DIR)/bin/test_rng_fail1024
+run_rng_fail: run_rng_fail_512 run_rng_fail_768 run_rng_fail_1024
+
 lib: $(BUILD_DIR)/libmlkem.a $(BUILD_DIR)/libmlkem512.a $(BUILD_DIR)/libmlkem768.a $(BUILD_DIR)/libmlkem1024.a
 
 # Enforce setting CYCLES make variable when

scripts/tests

@@ -212,6 +212,7 @@ class TEST_TYPES(Enum):
     BASIC_DETERMINISTIC = 18
     UNIT = 19
     ALLOC = 20
+    RNG_FAIL = 21
 
     def is_benchmark(self):
         return self in [TEST_TYPES.BENCH, TEST_TYPES.BENCH_COMPONENTS]
@@ -288,6 +289,8 @@ class TEST_TYPES(Enum):
             return "Unit Test"
         if self == TEST_TYPES.ALLOC:
             return "Alloc Test"
+        if self == TEST_TYPES.RNG_FAIL:
+            return "RNG Failure Test"
 
     def make_dir(self):
         if self == TEST_TYPES.BRING_YOUR_OWN_FIPS202:
@@ -355,6 +358,8 @@ class TEST_TYPES(Enum):
             return "unit"
         if self == TEST_TYPES.ALLOC:
             return "alloc"
+        if self == TEST_TYPES.RNG_FAIL:
+            return "rng_fail"
 
     def make_run_target(self, scheme):
         t = self.make_target()
@@ -667,6 +672,19 @@ class Tests:
 
         self.check_fail()
 
+    def rng_fail(self):
+        def _rng_fail(opt):
+            self._compile_schemes(TEST_TYPES.RNG_FAIL, opt)
+            if self.args.run:
+                self._run_schemes(TEST_TYPES.RNG_FAIL, opt)
+
+        if self.do_no_opt():
+            _rng_fail(False)
+        if self.do_opt():
+            _rng_fail(True)
+
+        self.check_fail()
+
     def acvp(self):
         def _acvp(opt):
             self._compile_schemes(TEST_TYPES.ACVP, opt)
@@ -802,6 +820,7 @@ class Tests:
         stack = self.args.stack
         unit = self.args.unit
         alloc = self.args.alloc
+        rng_fail = self.args.rng_fail
 
         def _all(opt):
             if func is True:
@@ -816,6 +835,8 @@ class Tests:
                 self._compile_schemes(TEST_TYPES.UNIT, opt)
             if alloc is True:
                 self._compile_schemes(TEST_TYPES.ALLOC, opt)
+            if rng_fail is True:
+                self._compile_schemes(TEST_TYPES.RNG_FAIL, opt)
 
             if self.args.check_namespace is True:
                 p = subprocess.run(
@@ -841,6 +862,8 @@ class Tests:
                 self._run_schemes(TEST_TYPES.UNIT, opt)
             if alloc is True:
                 self._run_schemes(TEST_TYPES.ALLOC, opt)
+            if rng_fail is True:
+                self._run_schemes(TEST_TYPES.RNG_FAIL, opt)
 
         if self.do_no_opt():
             _all(False)
@@ -1232,6 +1255,21 @@ def cli():
         help="Do not run alloc tests",
     )
 
+    rng_fail_group = all_parser.add_mutually_exclusive_group()
+    rng_fail_group.add_argument(
+        "--rng-fail",
+        action="store_true",
+        dest="rng_fail",
+        help="Run RNG failure tests",
+        default=True,
+    )
+    rng_fail_group.add_argument(
+        "--no-rng-fail",
+        action="store_false",
+        dest="rng_fail",
+        help="Do not run RNG failure tests",
+    )
+
     # acvp arguments
     acvp_parser = cmd_subparsers.add_parser(
         "acvp", help="Run ACVP client", parents=[common_parser]
@@ -1451,6 +1489,13 @@ def cli():
         parents=[common_parser],
     )
 
+    # rng_fail arguments
+    rng_fail_parser = cmd_subparsers.add_parser(
+        "rng_fail",
+        help="Run the RNG failure tests for all parameter sets",
+        parents=[common_parser],
+    )
+
     args = main_parser.parse_args()
 
     if not hasattr(args, "mac_taskpolicy"):
@@ -1484,6 +1529,8 @@ def cli():
         Tests(args).size()
     elif args.cmd == "alloc":
         Tests(args).alloc()
+    elif args.cmd == "rng_fail":
+        Tests(args).rng_fail()
 
 
 if __name__ == "__main__":

test/configs/configs.yml

@@ -449,3 +449,4 @@ configs:
           #endif /* !__ASSEMBLER__ */
       MLK_CONFIG_FILE:
         comment: "/* No need to set this -- we _are_ already in a custom config */"
+

test/mk/components.mk

@@ -17,6 +17,7 @@ ACVP_TESTS = acvp_mlkem
 BENCH_TESTS = bench_mlkem bench_components_mlkem
 UNIT_TESTS = test_unit
 ALLOC_TESTS = test_alloc
+RNG_FAIL_TESTS = test_rng_fail
 ALL_TESTS = $(BASIC_TESTS) $(ACVP_TESTS) $(BENCH_TESTS) $(UNIT_TESTS) $(ALLOC_TESTS)
 
 MLKEM512_DIR = $(BUILD_DIR)/mlkem512
@@ -46,7 +47,6 @@ $(MLKEM768_ALLOC_OBJS): CFLAGS += -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FI
 MLKEM1024_ALLOC_OBJS = $(call MAKE_OBJS,$(MLKEM1024_DIR)/alloc,$(SOURCES) $(FIPS202_SRCS))
 $(MLKEM1024_ALLOC_OBJS): CFLAGS += -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE=\"../test/configs/test_alloc_config.h\"
 
-
 CFLAGS += -Imlkem
 
 $(BUILD_DIR)/libmlkem512.a: $(MLKEM512_OBJS)
@@ -118,6 +118,12 @@ $(BUILD_DIR)/$(1)/bin/test_alloc$(subst mlkem,,$(1)): LDLIBS += -L$(BUILD_DIR) -
 $(BUILD_DIR)/$(1)/bin/test_alloc$(subst mlkem,,$(1)): $(BUILD_DIR)/$(1)/test/src/test_alloc.c.o $(BUILD_DIR)/lib$(1)_alloc.a $(call MAKE_OBJS, $(BUILD_DIR)/$(1), $(wildcard test/notrandombytes/*.c))
 endef
 
+# Special rule for test_rng_fail - link against rng_fail libraries with custom randombytes config
+define ADD_SOURCE_RNG_FAIL
+$(BUILD_DIR)/$(1)/bin/test_rng_fail$(subst mlkem,,$(1)): LDLIBS += -L$(BUILD_DIR) -l$(1)
+$(BUILD_DIR)/$(1)/bin/test_rng_fail$(subst mlkem,,$(1)): $(BUILD_DIR)/$(1)/test/src/test_rng_fail.c.o $(BUILD_DIR)/lib$(1).a
+endef
+
 $(foreach scheme,mlkem512 mlkem768 mlkem1024, \
 	$(foreach test,$(ACVP_TESTS), \
 		$(eval $(call ADD_SOURCE,$(scheme),$(test),acvp)) \
@@ -130,6 +136,7 @@ $(foreach scheme,mlkem512 mlkem768 mlkem1024, \
 	) \
 	$(eval $(call ADD_SOURCE_UNIT,$(scheme))) \
 	$(eval $(call ADD_SOURCE_ALLOC,$(scheme))) \
+	$(eval $(call ADD_SOURCE_RNG_FAIL,$(scheme))) \
 )
 
 $(ALL_TESTS:%=$(MLKEM512_DIR)/bin/%512): $(call MAKE_OBJS, $(MLKEM512_DIR), $(wildcard test/notrandombytes/*.c) $(EXTRA_SOURCES))

test/mk/rules.mk

@@ -111,3 +111,4 @@ $(BUILD_DIR)/mlkem1024/alloc/%.S.o: %.S $(CONFIG)
 	$(Q)echo "  AS      $@"
 	$(Q)[ -d $(@D) ] || mkdir -p $(@D)
 	$(Q)$(CC) -c -o $@ $(CFLAGS) $<
+