tests: random: Move and rename rng test

Random number generator is a subsystem and although it is mostly used
in crypto, this is not its only utility.

Move the current random number generator test to it is own space
(tests/subsys/random) and rename it to rng.

We need more and better tests for rng, this is an initial commit
to organize it and get ready for further tests.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>

tests/subsys/random/rng/CMakeLists.txt

@@ -0,0 +1,15 @@
+# SPDX-License-Identifier: Apache-2.0
+
+cmake_minimum_required(VERSION 3.20.0)
+find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
+project(rand32)
+
+zephyr_library_include_directories(${ZEPHYR_BASE}/kernel/include/)
+
+FILE(GLOB app_sources src/*.c)
+target_sources(app PRIVATE ${app_sources})
+
+target_include_directories(app PRIVATE
+  ${ZEPHYR_BASE}/kernel/include
+  ${ZEPHYR_BASE}/arch/${ARCH}/include
+  )

tests/subsys/random/rng/entropy_psa_crypto.overlay

@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2022 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/ {
+	chosen {
+		zephyr,entropy = &psa_rng;
+	};
+
+	psa_rng: psa-rng {
+		compatible = "zephyr,psa-crypto-rng";
+		status = "okay";
+	};
+};

tests/subsys/random/rng/prj.conf

@@ -0,0 +1,4 @@
+CONFIG_ZTEST=y
+CONFIG_LOG=y
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_TEST_RANDOM_GENERATOR=y

tests/subsys/random/rng/prj_ctr_drbg.conf

@@ -0,0 +1,3 @@
+CONFIG_ZTEST=y
+CONFIG_LOG=y
+CONFIG_ENTROPY_GENERATOR=y

tests/subsys/random/rng/prj_hw_random_psa_crypto.conf

@@ -0,0 +1,7 @@
+CONFIG_ZTEST=y
+CONFIG_LOG=y
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_HARDWARE_DEVICE_CS_GENERATOR=y
+CONFIG_TFM_PARTITION_CRYPTO=y
+CONFIG_TFM_CRYPTO_RNG_MODULE_ENABLED=y
+CONFIG_ENTROPY_PSA_CRYPTO_RNG=y

tests/subsys/random/rng/prj_hw_random_xoshiro.conf

@@ -0,0 +1,4 @@
+CONFIG_ZTEST=y
+CONFIG_LOG=y
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_XOSHIRO_RANDOM_GENERATOR=y

tests/subsys/random/rng/prj_sw_random_systimer.conf

@@ -0,0 +1,5 @@
+CONFIG_ZTEST=y
+CONFIG_LOG=y
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_TEST_RANDOM_GENERATOR=y
+CONFIG_TIMER_RANDOM_GENERATOR=y

tests/subsys/random/rng/src/main.c

@@ -0,0 +1,118 @@
+/* test random number generator APIs */
+
+/*
+ * Copyright (c) 2016 Intel Corporation
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/*
+ * This tests the following random number routines:
+ * void z_early_rand_get(uint8_t *buf, size_t length)
+ * uint32_t sys_rand32_get(void);
+ */
+
+
+#include <zephyr/ztest.h>
+#include <kernel_internal.h>
+#include <zephyr/random/random.h>
+
+#define N_VALUES 10
+
+
+/**
+ *
+ * @brief Regression test's entry point
+ *
+ */
+
+ZTEST(rng_common, test_rand32)
+{
+	uint32_t gen, last_gen, tmp;
+	int rnd_cnt;
+	int equal_count = 0;
+	uint32_t buf[N_VALUES];
+
+	/* Test early boot random number generation function */
+	/* Cover the case, where argument "length" is < size of "size_t" */
+	z_early_rand_get((uint8_t *)&tmp, (size_t)1);
+	z_early_rand_get((uint8_t *)&last_gen, sizeof(last_gen));
+	z_early_rand_get((uint8_t *)&gen, sizeof(gen));
+	zassert_true(last_gen != gen && last_gen != tmp && tmp != gen,
+			"z_early_rand_get failed");
+
+	/*
+	 * Test subsequently calls sys_rand32_get(), checking
+	 * that two values are not equal.
+	 */
+	printk("Generating random numbers\n");
+	last_gen = sys_rand32_get();
+	/*
+	 * Get several subsequent numbers as fast as possible.
+	 * Based on review comments in
+	 * https://github.com/zephyrproject-rtos/zephyr/pull/5066
+	 * If minimum half of the numbers generated were the same
+	 * as the previously generated one, then test fails, this
+	 * should catch a buggy sys_rand32_get() function.
+	 */
+	for (rnd_cnt = 0; rnd_cnt < (N_VALUES - 1); rnd_cnt++) {
+		gen = sys_rand32_get();
+		if (gen == last_gen) {
+			equal_count++;
+		}
+		last_gen = gen;
+	}
+
+	if (equal_count > N_VALUES / 2) {
+		zassert_false((equal_count > N_VALUES / 2),
+		"random numbers returned same value with high probability");
+	}
+
+	printk("Generating bulk fill random numbers\n");
+	memset(buf, 0, sizeof(buf));
+	sys_rand_get((uint8_t *)(&buf[0]), sizeof(buf));
+
+	for (rnd_cnt = 0; rnd_cnt < (N_VALUES - 1); rnd_cnt++) {
+		gen = buf[rnd_cnt];
+		if (gen == last_gen) {
+			equal_count++;
+		}
+		last_gen = gen;
+	}
+
+	if (equal_count > N_VALUES / 2) {
+		zassert_false((equal_count > N_VALUES / 2),
+		"random numbers returned same value with high probability");
+	}
+
+#if defined(CONFIG_CSPRNG_ENABLED)
+
+	printk("Generating bulk fill cryptographically secure random numbers\n");
+
+	memset(buf, 0, sizeof(buf));
+
+	int err = sys_csrand_get(buf, sizeof(buf));
+
+	zassert_true(err == 0, "sys_csrand_get returned an error");
+
+	for (rnd_cnt = 0; rnd_cnt < (N_VALUES - 1); rnd_cnt++) {
+		gen = buf[rnd_cnt];
+		if (gen == last_gen) {
+			equal_count++;
+		}
+		last_gen = gen;
+	}
+
+	if (equal_count > N_VALUES / 2) {
+		zassert_false((equal_count > N_VALUES / 2),
+		"random numbers returned same value with high probability");
+	}
+
+#else
+
+	printk("Cryptographically secure random number APIs not enabled\n");
+
+#endif /* CONFIG_CSPRNG_ENABLED */
+}
+
+ZTEST_SUITE(rng_common, NULL, NULL, NULL, NULL, NULL);

tests/subsys/random/rng/testcase.yaml

@@ -0,0 +1,36 @@
+common:
+  tags:
+    - crypto
+    - random
+    - security
+tests:
+  crypto.rng:
+    min_ram: 16
+    integration_platforms:
+      - qemu_x86
+  crypto.rng.random_sw_systimer:
+    extra_args: CONF_FILE=prj_sw_random_systimer.conf
+    integration_platforms:
+      - qemu_x86
+  crypto.rng.random_hw_xoshiro:
+    extra_args: CONF_FILE=prj_hw_random_xoshiro.conf
+    filter: CONFIG_ENTROPY_HAS_DRIVER
+    min_ram: 16
+    integration_platforms:
+      - native_sim
+  crypto.rng.random_ctr_drbg:
+    extra_args: CONF_FILE=prj_ctr_drbg.conf
+    filter: CONFIG_ENTROPY_HAS_DRIVER
+    min_ram: 16
+    integration_platforms:
+      - native_sim
+  drivers.rng.random_psa_crypto:
+    filter: CONFIG_BUILD_WITH_TFM
+    arch_exclude: posix
+    extra_args:
+      - DTC_OVERLAY_FILE=./entropy_psa_crypto.overlay
+      - CONF_FILE=prj_hw_random_psa_crypto.conf
+    tags:
+      - psa-crypto
+    integration_platforms:
+      - nrf5340dk/nrf5340/cpuapp/ns