intel
diff --git a/‎include/ippcp.h‎
Lines changed: 46 additions & 1 deletion b/‎include/ippcp.h‎
Lines changed: 46 additions & 1 deletion
diff --git a/‎include/ippcp/fips_cert.h‎
Lines changed: 6 additions & 1 deletion b/‎include/ippcp/fips_cert.h‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎include/ippcpdefs.h‎
Lines changed: 9 additions & 4 deletions b/‎include/ippcpdefs.h‎
Lines changed: 9 additions & 4 deletions
diff --git a/‎sources/include/drbg/pcphashdrbg.h‎
Lines changed: 110 additions & 0 deletions b/‎sources/include/drbg/pcphashdrbg.h‎
Lines changed: 110 additions & 0 deletions
diff --git a/‎sources/include/drbg/pcphashdrbg_entropy_input.h‎
Lines changed: 38 additions & 0 deletions b/‎sources/include/drbg/pcphashdrbg_entropy_input.h‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎sources/include/owndefs.h‎
Lines changed: 3 additions & 1 deletion b/‎sources/include/owndefs.h‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎sources/ippcp/CMakeLists.txt‎
Lines changed: 3 additions & 1 deletion b/‎sources/ippcp/CMakeLists.txt‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎sources/ippcp/cpinit.c‎
Lines changed: 1 addition & 0 deletions b/‎sources/ippcp/cpinit.c‎
Lines changed: 1 addition & 0 deletions
@@ -714,7 +714,6 @@ A more secure alternative is available: ippsPRNGenRDRAND and ippsTRNGenRDSEED."
 
 IPPAPI(IppStatus, ippsPRNGGetSize,(int* pSize))
 IPPAPI(IppStatus, ippsPRNGInit,   (int seedBits, IppsPRNGState* pCtx))
-
 IPPAPI(IppStatus, ippsPRNGSetModulus,(const IppsBigNumState* pMod, IppsPRNGState* pCtx))
 IPPAPI(IppStatus, ippsPRNGSetH0,     (const IppsBigNumState* pH0,  IppsPRNGState* pCtx))
 IPPAPI(IppStatus, ippsPRNGSetAugment,(const IppsBigNumState* pAug, IppsPRNGState* pCtx))
@@ -730,6 +729,52 @@ IPPAPI(IppStatus, ippsPRNGenRDRAND_BN,(IppsBigNumState* pRand, int nBits, void*
 IPPAPI(IppStatus, ippsTRNGenRDSEED,   (Ipp32u* pRand, int nBits, void* pCtx))
 IPPAPI(IppStatus, ippsTRNGenRDSEED_BN,(IppsBigNumState* pRand, int nBits, void* pCtx))
 
+IPPAPI(IppStatus, ippsHashDRBG_EntropyInputCtxGetSize, (int* pEntrInputSize,
+                                                        const int entrInputBufBitsLen,
+                                                        const IppsHashMethod* pHashMethod))
+IPPAPI(IppStatus, ippsHashDRBG_EntropyInputCtxInit, (IppsHashDRBG_EntropyInputCtx* pEntrInputCtx,
+                                                     const int entrInputBitsLen,
+                                                     IppEntropyInputSupplier getEntropyInput))
+IPPAPI(IppStatus, ippsHashDRBG_GetSize, (int* pSize, const IppsHashMethod* pHashMethod))
+IPPAPI(IppStatus, ippsHashDRBG_Init, (const IppsHashMethod* pHashMethod,
+                                      IppsHashDRBGState* pDrbgCtx))
+IPPAPI(IppStatus, ippsHashDRBG_Instantiate, (const int requestedInstSecurityStrength,
+                                             const int predictionResistanceFlag,
+                                             const Ipp8u* persStr,
+                                             const int persStrBitsLen,
+                                             IppsHashDRBG_EntropyInputCtx* pEntrInputCtx,
+                                             IppsHashDRBGState* pDrbgCtx))
+IPPAPI(IppStatus, ippsHashDRBG_Uninstantiate, (IppsHashDRBGState* pDrbgCtx))
+IPPAPI(IppStatus, ippsHashDRBG_Reseed, (const int predictionResistanceRequest,
+                                        const Ipp8u* addlInput,
+                                        const int addlInputBitsLen,
+                                        IppsHashDRBG_EntropyInputCtx* pEntrInputCtx,
+                                        IppsHashDRBGState* pDrbgCtx))
+IPPAPI(IppStatus, ippsHashDRBG_Gen, (Ipp32u* pRand,
+                                     int nBits,
+                                     const int requestedSecurityStrength,
+                                     const int predictionResistanceRequest,
+                                     const Ipp8u* addlInput,
+                                     const int addlInputBitsLen,
+                                     IppsHashDRBG_EntropyInputCtx* pEntrInputCtx,
+                                     IppsHashDRBGState* pDrbgCtx))
+IPPAPI(IppStatus, ippsHashDRBG_GenBN, (IppsBigNumState* pRand,
+                                       int nBits,
+                                       const int requestedSecurityStrength,
+                                       const int predictionResistanceRequest,
+                                       const Ipp8u* addlInput,
+                                       const int addlInputBitsLen,
+                                       IppsHashDRBG_EntropyInputCtx* pEntrInputCtx,
+                                       IppsHashDRBGState* pDrbgCtx))
+IPPAPI(IppStatus, ippsHashDRBG_InstantiateTest, (IppsHashDRBG_EntropyInputCtx* pEntrInputCtxTempBuf,
+                                                 IppsHashDRBGState* pDrbgCtxTempBuf))
+IPPAPI(IppStatus, ippsHashDRBG_ReseedTest, (IppsHashDRBG_EntropyInputCtx* pEntrInputCtxTempBuf,
+                                            IppsHashDRBGState* pDrbgCtxTempBuf))
+IPPAPI(IppStatus, ippsHashDRBG_GenTest, (Ipp32u* pRand,
+                                         int nBits,
+                                         IppsHashDRBG_EntropyInputCtx* pEntrInputCtxTempBuf,
+                                         IppsHashDRBGState* pDrbgCtxTempBuf))
+
 /* Probable Prime Number Generation */
 IPPAPI(IppStatus, ippsPrimeGetSize,(int nMaxBits, int* pSize))
 IPPAPI(IppStatus, ippsPrimeInit,   (int nMaxBits, IppsPrimeState* pCtx))
 
@@ -254,7 +254,12 @@ enum FIPS_IPPCP_FUNC {
     PBKDF2_PKCS5v2,
     MLDSA_KeyGen,
     MLDSA_Sign,
-    MLDSA_Verify
+    MLDSA_Verify,
+    HashDRBG_Instantiate,
+    HashDRBG_Uninstantiate,
+    HashDRBG_Reseed,
+    HashDRBG_Gen,
+    HashDRBG_GenBN
 };
 
 /**
 
@@ -438,6 +438,7 @@ typedef signed int IppStatus;
 
 #endif /* IPPSTATUS_H__ */
 
+#define ippStsHashOperationErr           -1019 /* Hash DRBG: an internal error that can occur when hashing */
 #define ippStsMLDSAMaxIterations         -1018 /* The ML-DSA iterations reach maximum. Data weren't generated successfully. */
 #define ippStsInvalidPoint               -1017 /* ippStsInvalidPoint ECC: Invalid point (out of EC).*/
 #define ippStsQuadraticNonResidueErr     -1016 /* SQRT operation on quadratic non-residue value. */
@@ -634,13 +635,17 @@ typedef enum {
    ippSlidingWindows = 1, IppsSlidingWindows = 1
 } IppsExpMethod;
 
-typedef struct _cpBigNum      IppsBigNumState;
-typedef struct _cpMontgomery  IppsMontState;
-typedef struct _cpPRNG        IppsPRNGState;
-typedef struct _cpPrime       IppsPrimeState;
+typedef struct _cpBigNum          IppsBigNumState;
+typedef struct _cpMontgomery      IppsMontState;
+typedef struct _cpPRNG            IppsPRNGState;
+typedef struct _cpPrime           IppsPrimeState;
+typedef struct _cpHashDRBG        IppsHashDRBGState;
+typedef struct _cpEntropyInputCtx IppsHashDRBG_EntropyInputCtx;
 
 /*  External Bit Supplier */
 typedef IppStatus (IPP_CALL *IppBitSupplier)(Ipp32u* pRand, int nBits, void* pEbsParams);
+/* External entropyInput Supplier */
+typedef IppStatus (IPP_CALL *IppEntropyInputSupplier)(Ipp8u* entropyInput, int* entropyInputBitsLen, const int minEntropyInBits, const int maxBitsLen, const int predictionResistanceRequest);
 
 #define IPP_IS_EQ (0)
 #define IPP_IS_GT (1)
 
@@ -0,0 +1,110 @@
+/*************************************************************************
+* Copyright (C) 2026 Intel Corporation
+*
+* Licensed under the Apache License,  Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* 	http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law  or agreed  to  in  writing,  software
+* distributed under  the License  is  distributed  on  an  "AS IS"  BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the  specific  language  governing  permissions  and
+* limitations under the License.
+*************************************************************************/
+
+/*
+//  Purpose:
+//     Hash DRBG state, internal definitions and function declarations
+*/
+
+#if !defined(_CP_HASHDRBG_H)
+#define _CP_HASHDRBG_H
+
+#define HASH_DRBG_MIN_SEED_BITS_LEN 440
+#define HASH_DRBG_MAX_SEED_BITS_LEN 888
+
+#define HASH_DRBG_MIN_SEED_BYTES_LEN (HASH_DRBG_MIN_SEED_BITS_LEN / 8)
+#define HASH_DRBG_MAX_SEED_BYTES_LEN (HASH_DRBG_MAX_SEED_BITS_LEN / 8)
+
+#define HASH_DRBG_MIN_SEC_STRENGTH      128
+#define HASH_DRBG_SEC_STRENGTH_192      192
+#define HASH_DRBG_MAX_BITS_SEC_STRENGTH 256
+
+/* Constants of maximum values according to the NIST.SP.800-90Ar1
+   Table 2: "Definitions for Hash-Based DRBG Mechanisms". */
+/* MAX_INPUT_LEN for personalization_string, additional_input and
+   entropy_input equals to 2^35 bits. To avoid overflowing, use maximum integer
+   value (2^31 - 1) since the lengths of the input arrays are passed as int */
+#define MAX_INPUT_LEN (~(1 << 31)) // (2^31 - 1) bits
+/* MAX_RESEED_INTERVAL equals to 2^48,
+   MAX_BITS_NUMBER_PER_REQUEST equals to 2^19 bits.
+   Lower these two values to the minimum allowed values since
+   the limits set in 90A are unreasonably big */
+#define MAX_RESEED_INTERVAL         (Ipp64u)(1ul << 24) // 2^24
+#define MAX_BITS_NUMBER_PER_REQUEST (1 << 16)           // 2^16 bits
+
+struct _cpHashDRBG {
+    Ipp32u idCtx;                                       /* DRBG identifier */
+    int seedBitsLen;                                    /* Secret values length */
+    Ipp32u securityStrength;      /* Security strength of the DRBG instantiation */
+    int predictionResistanceFlag; /* Indicates whether or not prediction resistance may be required by
+                                      the consuming application during requests for pseudorandom bits */
+    int hashStateSize_rmf;        /* The size of hashState */
+    Ipp64u reseedCounter;         /* Indicates the number of requests for pseudorandom bits
+                                      since new entropy_input was obtained during
+                                      instantiation or reseeding */
+    IppsHashMethod* pHashMethod;  /* Hash method used by the DRBG mechanism; ippsHashMethod_SHA256()
+                                      is set by default if no hash method was passed */
+    Ipp8u* V;                     /* Secret values (stores one extra byte at the very beginning) */
+    Ipp8u* C;                     /* Secret values */
+    Ipp8u* tempBuf;               /* Temporary buffer to store the values of V
+                                      (also like V, stores one extra byte) */
+    IppsHashState_rmf* hashState; /* Pointer to IppsHashState_rmf context */
+    Ipp8u* hashOutputBuf;         /* Buffer to store hash output digest */
+};
+
+#define HASH_DRBG_SET_ID(ctx)       ((ctx)->idCtx = (Ipp32u)idCtxHashDRBG ^ (Ipp32u)IPP_UINT_PTR(ctx))
+#define HASH_DRBG_SEEDBITS_LEN(ctx) ((ctx)->seedBitsLen)
+/* Extended size for V and tempBuf */
+#define HASH_DRBG_SEEDBITS_LEN_EXT(ctx)     ((ctx)->seedBitsLen + 8)
+#define HASH_DRBG_RESEED_COUNTER(ctx)       ((ctx)->reseedCounter)
+#define HASH_DRBG_SECURITY_STRENGTH(ctx)    ((ctx)->securityStrength)
+#define HASH_DRBG_PRED_RESISTANCE_FLAG(ctx) ((ctx)->predictionResistanceFlag)
+#define HASH_DRBG_HASH_STATE_SIZE(ctx)      ((ctx)->hashStateSize_rmf)
+
+#define HASH_DRBG_VALID_ID(ctx) \
+    ((((ctx)->idCtx) ^ (Ipp32u)IPP_UINT_PTR((ctx))) == (Ipp32u)idCtxHashDRBG)
+
+#define cpHashDRBG_GetEntropyInput OWNAPI(cpHashDRBG_GetEntropyInput)
+IPP_OWN_DECL(IppStatus,
+             cpHashDRBG_GetEntropyInput,
+             (const int minEntropy,
+              const int predictionResistanceRequest,
+              int* pEntrInputBitsLen,
+              IppsHashDRBG_EntropyInputCtx* pEntrInputCtx))
+#define cpHashDRBG_df OWNAPI(cpHashDRBG_df)
+IPP_OWN_DECL(IppStatus,
+             cpHashDRBG_df,
+             (const Ipp8u* inputParam1,
+              const cpSize inputParam1Len,
+              const Ipp8u* inputParam2,
+              const cpSize inputParam2Len,
+              const Ipp8u* inputParam3,
+              const cpSize inputParam3Len,
+              Ipp8u* requestedBits,
+              const cpSize nBitsToReturn,
+              IppsHashDRBGState* drbgCtx))
+#define cpHashDRBG_Gen OWNAPI(cpHashDRBG_Gen)
+IPP_OWN_DECL(IppStatus,
+             cpHashDRBG_Gen,
+             (Ipp32u * pRand,
+              int randBytesLen,
+              const int predictionResistanceRequest,
+              const Ipp8u* additionalInput,
+              const int additionalInputLen,
+              IppsHashDRBG_EntropyInputCtx* pEntrInputCtx,
+              IppsHashDRBGState* pDrbg))
+
+#endif /* _CP_HASHDRBG_H */
@@ -0,0 +1,38 @@
+/*************************************************************************
+* Copyright (C) 2026 Intel Corporation
+*
+* Licensed under the Apache License,  Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* 	http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law  or agreed  to  in  writing,  software
+* distributed under  the License  is  distributed  on  an  "AS IS"  BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the  specific  language  governing  permissions  and
+* limitations under the License.
+*************************************************************************/
+
+/*
+//  Purpose:
+//     Entropy input context
+*/
+
+#if !defined(_CP_HASHDRBG_ENTROPYINPUT_H)
+#define _CP_HASHDRBG_ENTROPYINPUT_H
+
+struct _cpEntropyInputCtx {
+    Ipp32u idCtx;            /* Entropy input context identifier */
+    Ipp8u* entropyInput;     /* Buffer to store both entropyInput and nonce for Instantiation
+                                 and entropyInput for Reseeding */
+    int entrInputBufBitsLen; /* The length of the Entropy input buffer set by a user */
+    IppEntropyInputSupplier getEntropyInput; /* Callback function */
+};
+
+#define HASH_DRBG_ENTR_INPUT_SET_ID(ctx) \
+    ((ctx)->idCtx = (Ipp32u)idCtxHashDRBGEntrInput ^ (Ipp32u)IPP_UINT_PTR(ctx))
+#define HASH_DRBG_ENTR_INPUT_VALID_ID(ctx) \
+    ((((ctx)->idCtx) ^ (Ipp32u)IPP_UINT_PTR((ctx))) == (Ipp32u)idCtxHashDRBGEntrInput)
+
+#endif /* _CP_HASHDRBG_ENTROPYINPUT_H */
@@ -393,7 +393,9 @@ typedef enum {
     idCtxPubKeyLMS,
     idCtxSignLMS,
     idCtxMLKEM,
-    idCtxMLDSA
+    idCtxMLDSA,
+    idCtxHashDRBGEntrInput,
+    idCtxHashDRBG
 } IppCtxId;
 
 
 
@@ -229,6 +229,8 @@ file(GLOB LIBRARY_C_SOURCES_ORIGINAL
     ${IPP_CRYPTO_SOURCES_DIR}/stateful_sig/*.c
     ${IPP_CRYPTO_SOURCES_DIR}/ml_dsa/*.c
     ${IPP_CRYPTO_SOURCES_DIR}/ml_dsa/*/*.c
+    ${IPP_CRYPTO_SOURCES_DIR}/drbg/*.c
+    ${IPP_CRYPTO_SOURCES_DIR}/drbg/*/*.c
 )
 
 file(GLOB LIBRARY_ASM_SOURCES_ORIGINAL
@@ -398,7 +400,7 @@ foreach(opt ${PLATFORM_LIST})
                                            ${LIBRARY_C_SOURCES_${opt}}
                                            ${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES}
                                            $<TARGET_OBJECTS:${IPPCP_DYN_ITER_ASMOBJS}>)
-      
+
       ## gres: copy LINK_FLAG_DYNAMIC_LINUX
       set(LINK_FLAGS ${LINK_FLAG_DYNAMIC_LINUX})
       ## add export file
 
@@ -478,6 +478,7 @@ static struct {
 /* -9702 */ {MSG_NO_SHARED, "No shared libraries were found in the Waterfall procedure"},
 /* -9701 */ {MSG_NO_DLL, "No DLLs were found in the Waterfall procedure"},
 /* -9700 */ {MSG_LOAD_DLL_ERR, "Error at loading of %s library"},
+/* -1019 */ {ippStsHashOperationErr, "Hash DRBG: an internal error occurred when hashing"},
 /* -1018 */ {ippStsMLDSAMaxIterations, "ippStsMLDSAMaxIterations: The ML-DSA iterations reach maximum. Data weren't generated successfully"},
 /* -1017 */ {ippStsInvalidPoint, "ippStsInvalidPoint ECC: Invalid point (out of EC)"},
 /* -1016 */ {ippStsQuadraticNonResidueErr, "ippStsQuadraticNonResidueErr: SQRT operation on quadratic non-residue value"},