backport 6f95a9c58e and a944575e4b, and fix in 20251226-fixes, to wolfcrypt/src/random.c:

* in _InitRng(), remove "drbg_instantiated" conditional cleanup logic (Coverity true-benign-positive: DEADCODE because drbg_instantiated is always false when ret != DRBG_SUCCESS); * fix clang-diagnostic-unreachable-code in wc_GenerateSeed(); * in wc_GenerateSeed(), move the gate closures for !FORCE_FAILURE_RDSEED and !ENTROPY_MEMUSE_FORCE_FAILURE to follow the /dev/urandom fallback method.
2026-01-28 03:32:19 +01:00 · 2025-12-26 14:17:32 -06:00
parent 57d2391b6c
commit f21da9ddc1
1 changed files with 27 additions and 12 deletions
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -741,7 +741,6 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
 #ifdef HAVE_HASHDRBG
    word32 seedSz = SEED_SZ + SEED_BLOCK_SZ;
    WC_DECLARE_VAR(seed, byte, MAX_SEED_SZ, rng->heap);
-    int drbg_instantiated = 0;
 #ifdef WOLFSSL_SMALL_STACK_CACHE
    int drbg_scratch_instantiated = 0;
 #endif
@@ -948,8 +947,6 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
                ret = Hash_DRBG_Instantiate((DRBG_internal *)rng->drbg,
                            seed + SEED_BLOCK_SZ, seedSz - SEED_BLOCK_SZ,
                            nonce, nonceSz, rng->heap, devId);
-            if (ret == 0)
-                drbg_instantiated = 1;
    } /* ret == 0 */

    #ifdef WOLFSSL_SMALL_STACK
@@ -961,8 +958,6 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
    WC_FREE_VAR_EX(seed, rng->heap, DYNAMIC_TYPE_SEED);

    if (ret != DRBG_SUCCESS) {
-        if (drbg_instantiated)
-            (void)Hash_DRBG_Uninstantiate((DRBG_internal *)rng->drbg);
    #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
        XFREE(rng->drbg, rng->heap, DYNAMIC_TYPE_RNG);
    #endif
@@ -3417,14 +3412,20 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
    #ifdef HAVE_ENTROPY_MEMUSE
        ret = wc_Entropy_Get(MAX_ENTROPY_BITS, output, sz);
        if (ret == 0) {
-            return 0;
+            /* success, we're done */
+            return ret;
        }
-     #ifdef ENTROPY_MEMUSE_FORCE_FAILURE
-        /* Don't fallback to /dev/urandom. */
+    #ifdef ENTROPY_MEMUSE_FORCE_FAILURE
+        /* Don't fall back to /dev/urandom. */
        return ret;
+    #else
+        /* Reset error and fall back to using /dev/urandom. */
+        ret = 0;
    #endif
    #endif

+    #if !defined(HAVE_ENTROPY_MEMUSE) || !defined(ENTROPY_MEMUSE_FORCE_FAILURE)
+
    #if defined(HAVE_INTEL_RDSEED) || defined(HAVE_AMD_RDSEED)
        if (IS_INTEL_RDSEED(intel_flags)) {
             ret = wc_GenerateSeed_IntelRD(NULL, output, sz);
@@ -3433,15 +3434,24 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
                 return ret;
             }
        #ifdef FORCE_FAILURE_RDSEED
-             /* don't fallback to /dev/urandom */
+             /* Don't fall back to /dev/urandom. */
             return ret;
        #else
-             /* reset error and fallback to using /dev/urandom */
+             /* Reset error and fall back to using /dev/urandom. */
             ret = 0;
        #endif
        }
+    #ifdef FORCE_FAILURE_RDSEED
+        else {
+            /* Don't fall back to /dev/urandom */
+            return MISSING_RNG_E;
+        }
+    #endif
    #endif /* HAVE_INTEL_RDSEED || HAVE_AMD_RDSEED */

+    #if (!defined(HAVE_INTEL_RDSEED) && !defined(HAVE_AMD_RDSEED)) || \
+        !defined(FORCE_FAILURE_RDSEED)
+
    #if defined(WOLFSSL_GETRANDOM) || defined(HAVE_GETRANDOM)
        {
            word32 grSz = sz;
@@ -3469,10 +3479,10 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
            if (ret == 0)
                return ret;
        #ifdef FORCE_FAILURE_GETRANDOM
-            /* don't fallback to /dev/urandom */
+            /* don't fall back to /dev/urandom */
            return ret;
        #elif !defined(NO_FILESYSTEM)
-            /* reset error and fallback to using /dev/urandom if filesystem
+            /* reset error and fall back to using /dev/urandom if filesystem
             * support is compiled in */
            ret = 0;
        #endif
@@ -3526,6 +3536,11 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 #endif /* NO_FILESYSTEM */

        return ret;
+
+    #endif /* (!HAVE_INTEL_RDSEED && !HAVE_AMD_RDSEED) || !FORCE_FAILURE_RDSEED */
+
+    #endif /*!HAVE_ENTROPY_MEMUSE || !ENTROPY_MEMUSE_FORCE_FAILURE */
+
    }

 #endif