Added TRNG support for the Vorago VA416XX

dgarske · dgarske · commit b068f4663552 · 2026-06-11T16:38:47.000-07:00
diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras
@@ -955,6 +955,7 @@ WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW
 WOLFSSL_USE_FLASHMEM
 WOLFSSL_USE_FORCE_ZERO
 WOLFSSL_USE_OPTIONS_H
+WOLFSSL_VA416X0_TRNG
 WOLFSSL_VALIDATE_DH_KEYGEN
 WOLFSSL_WC_SLHDSA_RECURSIVE
 WOLFSSL_WC_XMSS_NO_SHA256
@@ -969,8 +970,6 @@ WOLFSSL_XIL_MSG_NO_SLEEP
 WOLFSSL_ZEPHYR
 WOLF_ALLOW_BUILTIN
 WOLF_CRYPTO_CB_CMD
-WOLF_CRYPTO_CB_NO_SHA512_FALLBACK
-WOLF_CRYPTO_CB_ONLY_SHA512
 WOLF_CRYPTO_DEV
 WOLF_NO_TRAILING_ENUM_COMMAS
 WindowsCE
diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
@@ -88,18 +88,24 @@ This library contains implementation for the random number generator.
  * FREESCALE_RNGA:           Freescale RNGA                       default: off
  * FREESCALE_K70_RNGA:       Freescale K70 RNGA                   default: off
  * FREESCALE_RNGB:           Freescale RNGB                       default: off
- * FREESCALE_KSDK_2_0_RNGA:  Freescale KSDK 2.0 RNGA             default: off
- * FREESCALE_KSDK_2_0_TRNG:  Freescale KSDK 2.0 TRNG             default: off
- * MAX3266X_RNG:             MAX3266X hardware RNG                 default: off
+ * FREESCALE_KSDK_2_0_RNGA:  Freescale KSDK 2.0 RNGA              default: off
+ * FREESCALE_KSDK_2_0_TRNG:  Freescale KSDK 2.0 TRNG              default: off
+ * MAX3266X_RNG:             MAX3266X hardware RNG                default: off
  * QAT_ENABLE_RNG:           Intel QAT hardware RNG               default: off
- * WOLFSSL_ATECC_RNG:        ATECC508/608 hardware RNG             default: off
+ * WOLFSSL_ATECC_RNG:        ATECC508/608 hardware RNG            default: off
  * WOLFSSL_SILABS_TRNG:      Silicon Labs TRNG                    default: off
  * WOLFSSL_SCE_NO_TRNG:      Disable Renesas SCE TRNG             default: off
  * WOLFSSL_SCE_TRNG_HANDLE:  Renesas SCE TRNG handle              default: off
  * WOLFSSL_SE050_NO_TRNG:    Disable SE050 TRNG                   default: off
  * WOLFSSL_PSA_NO_RNG:       Disable PSA RNG                      default: off
  * HAVE_IOTSAFE_HWRNG:       IoT-Safe hardware RNG                default: off
  * WOLFSSL_XILINX_CRYPT_VERSAL: Xilinx Versal crypto RNG          default: off
+ * WOLFSSL_VA416X0_TRNG:     Vorago VA416x0 hardware TRNG         default: off
+ *                           (seeds Hash-DRBG; needs the VA416xx
+ *                           SDK header va416xx.h on the include
+ *                           path). See the wc_GenerateSeed()
+ *                           implementation below for SDK API and
+ *                           tuning details.
  */
 
 #include <wolfssl/wolfcrypt/libwolfssl_sources.h>
@@ -5171,6 +5177,161 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
         return 0;
     }
 
+#elif defined(WOLFSSL_VA416X0_TRNG)
+    /* Vorago VA416x0 hardware TRNG (CryptoCell-style entropy source).
+     *
+     * Provides entropy to seed the SP800-90A Hash-DRBG (keep HAVE_HASHDRBG
+     * enabled). The TRNG produces ~1.25 kb/s of entropy, so it is used as a
+     * seed source only; the DRBG expands it for bulk generation.
+     *
+     * Build requirements:
+     *   - Define WOLFSSL_VA416X0_TRNG (e.g. in user_settings.h).
+     *   - The Vorago VA416xx SDK header "va416xx.h" must be on the include
+     *     path; it provides VOR_SYSCONFIG, VOR_TRNG and the TRNG_* /
+     *     SYSCONFIG_PERIPHERAL_* register field macros used below. No SDK
+     *     HAL driver exists for the TRNG, so this accesses it directly.
+     *
+     * SDK / hardware API used (register block VOR_TRNG @ 0x40027000):
+     *   - SYSCONFIG.PERIPHERAL_CLK_ENABLE bit TRNG: gate the TRNG clock on.
+     *   - SYSCONFIG.PERIPHERAL_RESET bit TRNG: active-low reset; it MUST be
+     *     set (released) or every TRNG register write is silently ignored.
+     *   - CONFIG.RND_SRC_SEL: entropy source select (0 = ring oscillator).
+     *   - SAMPLE_CNT1: ring-oscillator sample count (non-zero).
+     *   - DEBUG_CONTROL: bypass bits for the health tests; left 0 to keep
+     *     the Von-Neumann conditioner, CRNGT and autocorrelation tests on.
+     *   - RND_SOURCE_ENABLE.RND_SRC_EN: start/stop entropy collection.
+     *   - VALID.EHR_VALID: set when a 192-bit block is ready.
+     *   - ISR / ICR: health-test error status and write-1-to-clear.
+     *   - EHR_DATA0..EHR_DATA5: the 192-bit (24-byte) entropy block; reading
+     *     it clears VALID and the source re-collects.
+     *
+     * On a health-test failure (ISR error bit) the block is re-collected up
+     * to WOLFSSL_VA416X0_TRNG_MAX_RETRY times; a per-block iteration cap of
+     * WOLFSSL_VA416X0_TRNG_TIMEOUT guards against a non-responsive TRNG.
+     * Both, plus WOLFSSL_VA416X0_TRNG_SAMPLE_CNT, are overridable defines.
+     *
+     * Customization Macros:
+     *   WOLFSSL_VA416X0_TRNG_SAMPLE_CNT: VA416x0 ring-oscillator sample count,
+     *                                    must be non-zero       default: 1000
+     *   WOLFSSL_VA416X0_TRNG_MAX_RETRY:  VA416x0 TRNG health-test retry count
+     *                                    before failing          default: 10
+     *   WOLFSSL_VA416X0_TRNG_TIMEOUT:    VA416x0 TRNG poll-iteration cap per
+     *                                    entropy block before failing
+     *                                    default: 1000000
+     */
+    #include "va416xx.h"
+
+    /* Ring-oscillator sample count (must be non-zero). May need tuning on
+     * hardware: too low results in repeated autocorrelation/CRNGT errors. */
+    #ifndef WOLFSSL_VA416X0_TRNG_SAMPLE_CNT
+        #define WOLFSSL_VA416X0_TRNG_SAMPLE_CNT 1000
+    #endif
+    #ifndef WOLFSSL_VA416X0_TRNG_MAX_RETRY
+        #define WOLFSSL_VA416X0_TRNG_MAX_RETRY 10
+    #endif
+    /* Max poll iterations waiting for one 192-bit entropy block before
+     * giving up (guards against a non-responsive TRNG). */
+    #ifndef WOLFSSL_VA416X0_TRNG_TIMEOUT
+        #define WOLFSSL_VA416X0_TRNG_TIMEOUT 1000000
+    #endif
+
+    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+    {
+        word32 i;
+        word32 reg;
+        word32 chunk;
+        word32 timeout;
+        word32 ehr[6]; /* 192-bit entropy holding register */
+        int retry;
+
+        (void)os;
+
+        if (output == NULL) {
+            return BUFFER_E;
+        }
+
+        /* enable the TRNG peripheral clock and release it from reset (the
+         * reset bit is active low: 0 = held in reset, 1 = released) */
+        VOR_SYSCONFIG->PERIPHERAL_CLK_ENABLE |=
+            SYSCONFIG_PERIPHERAL_CLK_ENABLE_TRNG_Msk;
+        VOR_SYSCONFIG->PERIPHERAL_RESET |=
+            SYSCONFIG_PERIPHERAL_RESET_TRNG_Msk;
+
+        /* mask all interrupts (poll instead) and clear any stale status */
+        VOR_TRNG->IMR = TRNG_IMR_EHR_VALID_INT_MASK_Msk |
+                        TRNG_IMR_AUTOCORR_ERR_INT_MASK_Msk |
+                        TRNG_IMR_CRNGT_ERR_INT_MASK_Msk |
+                        TRNG_IMR_VN_ERR_INT_MASK_Msk;
+        VOR_TRNG->ICR = TRNG_ICR_EHR_VALID_Msk | TRNG_ICR_AUTOCORR_ERR_Msk |
+                        TRNG_ICR_CRNGT_ERR_Msk | TRNG_ICR_VN_ERR_Msk;
+
+        /* select ring-oscillator source, set sample rate, keep health
+         * tests enabled (no DEBUG_CONTROL bypass) */
+        VOR_TRNG->CONFIG = 0;
+        VOR_TRNG->SAMPLE_CNT1 = WOLFSSL_VA416X0_TRNG_SAMPLE_CNT;
+        VOR_TRNG->DEBUG_CONTROL = 0;
+
+        for (i = 0; i < sz; ) {
+            retry = 0;
+            timeout = WOLFSSL_VA416X0_TRNG_TIMEOUT;
+
+            /* start entropy collection */
+            VOR_TRNG->RND_SOURCE_ENABLE =
+                TRNG_RND_SOURCE_ENABLE_RND_SRC_EN_Msk;
+
+            for (;;) {
+                reg = VOR_TRNG->ISR;
+                if ((reg & (TRNG_ISR_AUTOCORR_ERR_Msk |
+                            TRNG_ISR_CRNGT_ERR_Msk |
+                            TRNG_ISR_VN_ERR_Msk)) != 0) {
+                    /* health-test failure: stop, clear, re-collect */
+                    VOR_TRNG->RND_SOURCE_ENABLE = 0;
+                    VOR_TRNG->ICR = TRNG_ICR_AUTOCORR_ERR_Msk |
+                                    TRNG_ICR_CRNGT_ERR_Msk |
+                                    TRNG_ICR_VN_ERR_Msk;
+                    if (++retry > WOLFSSL_VA416X0_TRNG_MAX_RETRY) {
+                        ForceZero(ehr, sizeof(ehr));
+                        return RNG_FAILURE_E;
+                    }
+                    timeout = WOLFSSL_VA416X0_TRNG_TIMEOUT;
+                    VOR_TRNG->RND_SOURCE_ENABLE =
+                        TRNG_RND_SOURCE_ENABLE_RND_SRC_EN_Msk;
+                    continue;
+                }
+                if ((VOR_TRNG->VALID & TRNG_VALID_EHR_VALID_Msk) != 0) {
+                    break;
+                }
+                if (--timeout == 0) {
+                    VOR_TRNG->RND_SOURCE_ENABLE = 0;
+                    ForceZero(ehr, sizeof(ehr));
+                    return RNG_FAILURE_E;
+                }
+            }
+
+            /* read 192 bits of entropy (6 x 32-bit words) */
+            ehr[0] = VOR_TRNG->EHR_DATA0;
+            ehr[1] = VOR_TRNG->EHR_DATA1;
+            ehr[2] = VOR_TRNG->EHR_DATA2;
+            ehr[3] = VOR_TRNG->EHR_DATA3;
+            ehr[4] = VOR_TRNG->EHR_DATA4;
+            ehr[5] = VOR_TRNG->EHR_DATA5;
+
+            /* reading the EHR clears EHR_VALID; stop the source and ack */
+            VOR_TRNG->RND_SOURCE_ENABLE = 0;
+            VOR_TRNG->ICR = TRNG_ICR_EHR_VALID_Msk;
+
+            chunk = sz - i;
+            if (chunk > sizeof(ehr)) {
+                chunk = sizeof(ehr);
+            }
+            XMEMCPY(&output[i], (byte*)ehr, chunk);
+            i += chunk;
+        }
+
+        ForceZero(ehr, sizeof(ehr)); /* scrub seed material from stack */
+        return 0;
+    }
+
 #elif defined(DOLPHIN_EMULATOR) || defined (WOLFSSL_NDS)
 
         int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
