Skip to content

API: add failure mode support for randombytes() #1331

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
L-series wants to merge 4 commits into
base: main
Choose a base branch
from
Open

API: add failure mode support for randombytes() #1331

L-series wants to merge 4 commits into from

Conversation

@L-series
Copy link
Contributor

@L-series L-series commented Dec 1, 2025

  • API: add failure mode support for randombytes()
  • autogen: run to update randombytes declaration
  • randombytes: add example to test failure

@L-series L-series requested a review from a team as a code owner December 1, 2025 22:01
@L-series L-series marked this pull request as draft December 1, 2025 23:04
@L-series L-series force-pushed the randombytes branch 3 times, most recently from 7733e4f to 6bbabfa Compare January 5, 2026 02:02
@L-series L-series marked this pull request as ready for review January 5, 2026 02:07
@L-series
API: add failure mode support for randombytes()
ebd92ff 
Change randombytes() to return int (0 on success, non-zero on failure)
instead of void, allowing callers to detect and handle RNG failures.

This commit:

* Updates function signatures.
* All call sites to check return values.
* Changes test files to use CHECK macro.
* Adds documentation of the new failure mode to sign.h and
  mlkem_native.h
* Adds a new error code MLK_ERR_RNG_FAIL.
* Declares src/randombytes with MLK_MUST_CHECK_RETURN_VALUE.

Signed-off-by: Andreas Hatziiliou <andreas.hatziiliou@savoirfairelinux.com>
@L-series
autogen: run to update randombytes declaration
02f55e1 
Run the autogen script to reflect the changes made to the randombytes()
API.

Signed-off-by: Andreas Hatziiliou <andreas.hatziiliou@savoirfairelinux.com>
@L-series
testing: add rng failure test
70013da 
Tests that crypto_kem_enc and crypto_kem_keypair,
correctly return MLD_ERR_RNG_FAIL when randombytes()
fails. We systematically inject failures at each
invocation point. This test is based off the work from
the test_alloc implementation.

Signed-off-by: Andreas Hatziiliou <andreas.hatziiliou@savoirfairelinux.com>
@L-series
testing: add rng failure test to CI
8f93080 
Add the rng failure test to the CI.

Signed-off-by: Andreas Hatziiliou <andreas.hatziiliou@savoirfairelinux.com>
@hanno-becker
Copy link
Contributor

hanno-becker commented Jan 5, 2026

@L-series Do you need help debugging the CBMC and AWS-LC failures in CI, or are you fine investigating this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@L-series @hanno-becker