From b66f1b78a79b1c7e5fde8671f85b4be950e19b1c Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Tue, 23 Dec 2025 13:05:40 -0600
Subject: [PATCH] peer/Devin review: * in get_crypto_default_rng()
 (linuxkm/lkcapi_sha_glue.c), sanity check that crypto_default_rng isn't null;
 * in wc_InitRsaKey_ex(), remove frivolous NULL/zero assignments (XMEMSET
 clears them implicitly); * in wc_CheckRsaKey(), check ret from wc_InitRng()
 and short circuit return if failed.

---
 linuxkm/lkcapi_sha_glue.c |  5 +++++
 wolfcrypt/src/rsa.c       | 12 +++++++-----
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/linuxkm/lkcapi_sha_glue.c b/linuxkm/lkcapi_sha_glue.c
index 6956f1abf..fb3dc222f 100644
--- a/linuxkm/lkcapi_sha_glue.c
+++ b/linuxkm/lkcapi_sha_glue.c
@@ -1134,6 +1134,11 @@ static inline void put_drbg(struct wc_rng_inst *drbg) {
 static inline struct crypto_rng *get_crypto_default_rng(void) {
     struct crypto_rng *current_crypto_default_rng = crypto_default_rng;
 
+    if (unlikely(! current_crypto_default_rng)) {
+        pr_warn("BUG: get_default_drbg_ctx() called with NULL crypto_default_rng.");
+        return NULL;
+    }
+
     if (unlikely(! wc_linuxkm_drbg_default_instance_registered)) {
         pr_warn("BUG: get_default_drbg_ctx() called without wc_linuxkm_drbg_default_instance_registered.");
         return NULL;
diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index 3e9299f15..392a93f74 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -201,11 +201,6 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
     (!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
     key->dataIsAlloc = 0;
 #endif
-    key->data = NULL;
-    key->dataLen = 0;
-#ifdef WC_RSA_BLINDING
-    key->rng = NULL;
-#endif
 
 #ifdef WOLF_CRYPTO_CB
     key->devId = devId;
@@ -741,6 +736,13 @@ int wc_CheckRsaKey(RsaKey* key)
         }
 #endif
         ret = wc_InitRng(rng);
+        if (ret != 0) {
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+            XFREE(rng, NULL, DYNAMIC_TYPE_RNG);
+            FREE_MP_INT_SIZE(tmp, NULL, DYNAMIC_TYPE_RSA);
+#endif
+            return ret;
+        }
     }
 
     SAVE_VECTOR_REGISTERS(ret = _svr_ret;);