seeded rng: support resetting of seeded RNG

When using the API to set a seeded RNG with a NULL parameter,
leancrypto now reverts back to use the internal, fully seeded
RNG again.

This change supports the ACVP testing.

Signed-off-by: Stephan Mueller <smueller@chronox.de>

Author: smuellerDD

drng/api/lc_rng.h

@@ -147,7 +147,9 @@ int lc_rng_seed(struct lc_rng_ctx *ctx, const uint8_t *seed, size_t seedlen,
  * initial seed, and reseed. Also, that RNG is responsible for selecting and
  * managing the entropy source(s).
  *
- * @param [in] new_ctx externally defined RNG cipher handle
+ * @param [in] new_ctx externally defined RNG cipher handle - when using NULL
+ *		       then the leancrypto-internal fully seeded RNG used
+ *		       (again).
  *
  * @return 0 upon success; < 0 on error
  */

drng/src/rng_api_non_fips.c

@@ -19,15 +19,18 @@
 
 #include "atomic.h"
 #include "lc_rng.h"
+#include "seeded_rng.h"
 #include "visibility.h"
 
 LC_INTERFACE_FUNCTION(int, lc_rng_set_seeded, struct lc_rng_ctx *new_ctx)
 {
+	mb();
+
 	if (!new_ctx)
-		return -EINVAL;
+		lc_seeded_rng = lc_seeded_rng_internal;
+	else
+		lc_seeded_rng = new_ctx;
 
-	mb();
-	lc_seeded_rng = new_ctx;
 	mb();
 	return 0;
 }

drng/src/seeded_rng.c

@@ -378,4 +378,6 @@ static const struct lc_rng _lc_seeded_rng = {
 
 static struct lc_rng_ctx _lc_seeded_rng_ctx = { &_lc_seeded_rng, NULL };
 
+struct lc_rng_ctx *lc_seeded_rng_internal = &_lc_seeded_rng_ctx;
+
 LC_INTERFACE_SYMBOL(struct lc_rng_ctx *, lc_seeded_rng) = &_lc_seeded_rng_ctx;

drng/src/seeded_rng.h

@@ -32,6 +32,8 @@ void seeded_rng_noise_fini(void);
 
 void lc_seeded_rng_zero_state(void);
 
+extern struct lc_rng_ctx *lc_seeded_rng_internal;
+
 #ifdef __cplusplus
 }
 #endif