From 0a02f5ef6bc0bfed05f00bc62899b3339e9b0d7a Mon Sep 17 00:00:00 2001 From: Kareem Date: Wed, 24 Dec 2025 17:12:40 -0700 Subject: [PATCH] Code review feedback --- wolfcrypt/src/random.c | 38 ++++++++++++++++++------------------- wolfssl/wolfcrypt/random.h | 4 ++-- wolfssl/wolfcrypt/wc_port.h | 2 ++ 3 files changed, 23 insertions(+), 21 deletions(-) diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 4598a80ad..6b9147bce 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -827,7 +827,7 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz, #if defined(WOLFSSL_KEEP_RNG_SEED_FD_OPEN) && !defined(USE_WINDOWS_API) if (!rng->seed.seedFdOpen) - rng->seed.fd = -1; + rng->seed.fd = XBADFD; #endif #ifdef CUSTOM_RAND_GENERATE_BLOCK @@ -1311,9 +1311,9 @@ int wc_FreeRng(WC_RNG* rng) #if defined(WOLFSSL_KEEP_RNG_SEED_FD_OPEN) && defined(XCLOSE) && \ !defined(USE_WINDOWS_API) - if(rng->seed.seedFdOpen && rng->seed.fd != -1) { + if(rng->seed.seedFdOpen && rng->seed.fd != XBADFD) { XCLOSE(rng->seed.fd); - rng->seed.fd = -1; + rng->seed.fd = XBADFD; rng->seed.seedFdOpen = 0; } #endif @@ -3504,16 +3504,16 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) os->fd = open("/dev/urandom", O_RDONLY); #if defined(DEBUG_WOLFSSL) WOLFSSL_MSG("opened /dev/urandom."); - #endif - if (os->fd == -1) - #endif + #endif /* DEBUG_WOLFSSL */ + if (os->fd == XBADFD) + #endif /* NO_DEV_URANDOM */ { /* may still have /dev/random */ os->fd = open("/dev/random", O_RDONLY); #if defined(DEBUG_WOLFSSL) WOLFSSL_MSG("opened /dev/random."); - #endif - if (os->fd == -1) + #endif /* DEBUG_WOLFSSL */ + if (os->fd == XBADFD) return OPEN_RAN_E; else { os->keepSeedFdOpen = 0; @@ -3525,27 +3525,27 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) os->seedFdOpen = 1; } } - #else + #else /* WOLFSSL_KEEP_RNG_SEED_FD_OPEN */ #ifndef NO_DEV_URANDOM /* way to disable use of /dev/urandom */ os->fd = open("/dev/urandom", O_RDONLY); #if defined(DEBUG_WOLFSSL) WOLFSSL_MSG("opened /dev/urandom."); - #endif - if (os->fd == -1) - #endif + #endif /* DEBUG_WOLFSSL */ + if (os->fd == XBADFD) + #endif /* !NO_DEV_URANDOM */ { /* may still have /dev/random */ os->fd = open("/dev/random", O_RDONLY); #if defined(DEBUG_WOLFSSL) WOLFSSL_MSG("opened /dev/random."); - #endif - if (os->fd == -1) + #endif /* DEBUG_WOLFSSL */ + if (os->fd == XBADFD) return OPEN_RAN_E; } - #endif + #endif /* WOLFSSL_KEEP_RNG_SEED_FD_OPEN */ #if defined(DEBUG_WOLFSSL) WOLFSSL_MSG("rnd read..."); - #endif + #endif /* DEBUG_WOLFSSL */ while (sz) { int len = (int)read(os->fd, output, sz); if (len == -1) { @@ -3562,7 +3562,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) #else ret = RAN_BLOCK_E; break; - #endif + #endif /* BLOCKING || WC_RNG_BLOCKING */ } } #ifdef WOLFSSL_KEEP_RNG_SEED_FD_OPEN @@ -3574,8 +3574,8 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) } #else close(os->fd); - #endif -#else + #endif /* WOLFSSL_KEEP_RNG_SEED_FD_OPEN */ +#else /* NO_FILESYSTEM */ (void)output; (void)sz; ret = NOT_COMPILED_IN; diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index 76a81f5e9..c9f54d924 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -157,8 +157,8 @@ struct OS_Seed { #else int fd; #if defined(WOLFSSL_KEEP_RNG_SEED_FD_OPEN) - byte seedFdOpen:1; - byte keepSeedFdOpen:1; + WC_BITFIELD seedFdOpen:1; + WC_BITFIELD keepSeedFdOpen:1; #endif #endif #if defined(WOLF_CRYPTO_CB) diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index d9d97f308..03564693f 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -1010,6 +1010,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_SET FS_SEEK_SET #define XSEEK_END FS_SEEK_END #define XBADFILE NULL + #define XBADFD -1 #define XFGETS(b,s,f) -2 /* Not ported yet */ #define XSTAT fs_stat @@ -1119,6 +1120,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_SET SEEK_SET #define XSEEK_END SEEK_END #define XBADFILE NULL + #define XBADFD -1 #define XFGETS fgets #define XFPRINTF fprintf #define XFFLUSH fflush