From 1c064dd957256a0c83701bed302397b5f8ca0114 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Wed, 17 Mar 2021 12:18:21 -0700
Subject: [PATCH] If the RNG seeding callback is missing or returns an error,
 the RNG instantiate fails.

---
 wolfcrypt/src/random.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index 60536fa6d..1b2e8caa5 100644
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -813,18 +813,19 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
         rng->drbg = (struct DRBG*)&rng->drbg_data;
 #endif
         if (ret == 0) {
-            ret = -1;
-
 #ifdef WC_RNG_SEED_CB
-            if (seedCb != NULL) {
+            if (seedCb == NULL) {
+                ret = DRBG_FAILURE;
+            }
+            else {
                 ret = seedCb(seed, seedSz);
+                if (ret != 0) {
+                    ret = DRBG_FAILURE;
+                }
             }
+#else
+            ret = wc_GenerateSeed(&rng->seed, seed, seedSz);
 #endif
-
-            if (ret < 0) {
-                ret = wc_GenerateSeed(&rng->seed, seed, seedSz);
-            }
-
             if (ret == 0)
                 ret = wc_RNG_TestSeed(seed, seedSz);
             else {