wp_drbg: gate wc_RNG_DRBG_Reseed on FIPS version

[ColtonWilley]

wp_drbg_reseed references wc_RNG_DRBG_Reseed, but that is not always an exported symbol. It is WOLFSSL_API in non-FIPS >= 5.7.2 and in FIPS v6+, while FIPS v5.x commercial bundles are inconsistent -- the same v5.2.4 cert is WOLFSSL_LOCAL on a 5.8.4 wrapper but WOLFSSL_API on a 5.9.1 wrapper. Linking it fails (undefined reference to wc_RNG_DRBG_Reseed) on the bundles that keep it LOCAL, which the previous version-only gate did not account for.

• settings.h: gate WP_HAVE_DRBG_RESEED conservatively. Use the native in-place reseed only where the symbol is reliably exported (non-FIPS >= 5.7.2, FIPS v6+) and fall back to DRBG re-instantiation for all FIPS v5.x (the fallback links on every build). WP_NO_DRBG_RESEED forces the fallback for any other bundle that keeps the symbol WOLFSSL_LOCAL despite its version.
• wp_drbg.c: native in-place reseed when available, else re-instantiate the DRBG in place via wc_FreeRng()+wc_InitRngNonce() (with error-state reporting). Handle reseed with no caller entropy on both paths, and keep reseed seccomp-safe (native draws from the cached /dev/urandom fd via wp_urandom_read; fallback self-seeds via wc_InitRngNonce).
• utils-wolfssl.sh: map --fips-check=v5.2.4 to --enable-fips=v5.2.4 (was collapsing to v5, which mismatched the SP-math FIPS module).

Validated: build + full unit suite pass (136/0) against the 5.8.4 and 5.9.1 wolfSSL wrappers x v5.2.1 and v5.2.4 commercial FIPS bundles, plus non-FIPS.

Note on the FIPS v5.x fallback path: caller-supplied entropy/addIn is folded into wc_InitRngNonce as the nonce, not mixed as DRBG entropy_input, and predResist is not honored -- wolfCrypt re-seeds internally via its seed source. This is the available behavior where the module does not export wc_RNG_DRBG_Reseed, and differs from the native path where caller entropy is reseed input.

[aidangarske]

Skoll Multi-Scan Review

Modes: review + review-security + bugsOverall recommendation: COMMENT
Findings: 5 total — 4 posted, 1 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

• [Medium] [review+review-security] FIPS fallback reseed re-instantiates from OS entropy, bypassing the parent-seed/seccomp design and treating caller entropy as nonce — src/wp_drbg.c:440-485
• [Medium] [review] New error-state and explicit-entropy reseed paths have no test coverage — src/wp_drbg.c:328-333,440-485,612-644
• [Low] [review-security+bugs] wp_drbg_get_seed does not check the new rngError state, operating on a de-instantiated RNG after a failed fallback reseed — src/wp_drbg.c:734-756
• [Low] [review] wc_FreeRng() return code ignored in fallback reseed — src/wp_drbg.c:468

Skipped findings

• [Low] utils-wolfssl.sh adds untested v5.2.3 - --enable-fips=v5.2.3 mapping that changes prior behavior

Review generated by Skoll

[aidangarske]

Skoll Multi-Scan Review

Modes: review + review-securityOverall recommendation: COMMENT
Findings: 6 total — 4 posted, 2 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

• [Medium] [review] Untested v5.2.3 FIPS tag mapping added without validation — scripts/utils-wolfssl.sh:186-188
• [Medium] [review] Bare scope block introduced in wp_drbg_reseed native path — src/wp_drbg.c:400-455
• [Low] [review] Non-ASCII em-dash in shell comment — scripts/utils-wolfssl.sh:183
• [Low] [review-security] Bare scope block introduced in wp_drbg_reseed native reseed path — src/wp_drbg.c:400-455

Skipped findings

• [Info] FIPS v5.x fallback reseed deviates from SP 800-90A reseed semantics
• [Low] Missing unit coverage for fallback reseed error-state path

Review generated by Skoll