wolfssl/wolfcrypt/wc_port.h, wolfssl/wolfcrypt/types.h: move macros and prototypes for wc_init_state_t facility to types.h, to allow the width of the .count bitfield to pivot on UINT_MAX, for 16 bit (e.g. Arduino) compatibility.

douzzer · douzzer · commit 2339d635d66b · 2026-05-14T20:02:22.000-05:00
diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c
@@ -252,7 +252,7 @@ int wc_local_InitUp(wc_init_state_t *s, int doWait)
 
     /* mitigate races on init/shutdown by looping. */
     for (;;) {
-        if (exp_wc_init_state.c.count == 0x1fffffff)
+        if (exp_wc_init_state.c.count == WC_INIT_STATE_MAX_COUNT)
             return SEQ_OVERFLOW_E;
         new_wc_init_state = exp_wc_init_state;
         if (exp_wc_init_state.c.state == WC_INIT_STATE_UNINITED) {
diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h
@@ -629,6 +629,55 @@ enum {
               ((out) = (in1) - (in2),                                \
                /* coverity[INTEGER_OVERFLOW] */ 1))))
 
+
+/* Internal APIs for counting initialization depth, with initialization/cleanup
+ * races fully mitigated
+ */
+#ifdef WOLFSSL_ATOMIC_OPS
+    typedef wolfSSL_Atomic_Uint wc_init_state_t;
+    #define WC_INIT_STATE_INITIALIZER WOLFSSL_ATOMIC_INITIALIZER(0)
+#else
+    typedef unsigned int wc_init_state_t;
+    #define WC_INIT_STATE_INITIALIZER 0
+#endif
+#define WC_DECLARE_INIT_STATE(x) wc_init_state_t x = WC_INIT_STATE_INITIALIZER
+#define WC_INIT_STATE_UNINITED 0U
+#define WC_INIT_STATE_INITING 1U
+#define WC_INIT_STATE_INITED 2U
+#define WC_INIT_STATE_CLEANING_UP 3U
+#define WC_INIT_STATE_BAD_STATE 4U
+union wc_init_state_bitfields {
+    unsigned int u;
+    struct {
+        unsigned int state:3;
+#if UINT_MAX == 0xffff
+        unsigned int count:13;
+        #define WC_INIT_STATE_MAX_COUNT 0x1fff
+#else
+        unsigned int count:29;
+        #define WC_INIT_STATE_MAX_COUNT 0x1fffffff
+#endif
+    } c;
+};
+/* Modules with no provisions for cleanup after a partially successful init need
+ * to enter a degraded state, returning BAD_STATE_E to the caller, signaling
+ * that restart is needed.  This macro should only be called while
+ * _STATE_INITING (after wc_local_InitUp() returns _STATE_INITING and before
+ * wc_local_InitUpDone()), to assure the store is uncontended.
+ */
+#define WC_INIT_STATE_RAISE_BAD_STATE(x) do {                     \
+        union wc_init_state_bitfields _x;                         \
+        _x.u = WOLFSSL_ATOMIC_LOAD(x);                            \
+        _x.c.state = WC_INIT_STATE_BAD_STATE;                     \
+        WOLFSSL_ATOMIC_STORE(x, _x.u);                            \
+    } while (0)
+WOLFSSL_LOCAL int wc_local_InitUp(wc_init_state_t *s, int doWait);
+WOLFSSL_LOCAL int wc_local_InitUpDone(wc_init_state_t *s);
+WOLFSSL_LOCAL int wc_local_InitDown(wc_init_state_t *s, int doWait);
+WOLFSSL_LOCAL int wc_local_InitDownDone(wc_init_state_t *s);
+
+
+/* Bindings for heap operations */
 #if defined(HAVE_IO_POOL)
     WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
     WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h
@@ -941,46 +941,6 @@ WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb);
 WOLFSSL_API mutex_cb* wc_GetMutexCb(void);
 #endif
 
-/* Internal APIs for counting initialization depth, with initialization/cleanup
- * races fully mitigated
- */
-#ifdef WOLFSSL_ATOMIC_OPS
-    typedef wolfSSL_Atomic_Uint wc_init_state_t;
-    #define WC_INIT_STATE_INITIALIZER WOLFSSL_ATOMIC_INITIALIZER(0)
-#else
-    typedef unsigned int wc_init_state_t;
-    #define WC_INIT_STATE_INITIALIZER 0
-#endif
-#define WC_DECLARE_INIT_STATE(x) wc_init_state_t x = WC_INIT_STATE_INITIALIZER
-#define WC_INIT_STATE_UNINITED 0U
-#define WC_INIT_STATE_INITING 1U
-#define WC_INIT_STATE_INITED 2U
-#define WC_INIT_STATE_CLEANING_UP 3U
-#define WC_INIT_STATE_BAD_STATE 4U
-union wc_init_state_bitfields {
-    unsigned int u;
-    struct {
-        unsigned int state:3;
-        unsigned int count:29;
-    } c;
-};
-/* Modules with no provisions for cleanup after a partially successful init need
- * to enter a degraded state, returning BAD_STATE_E to the caller, signaling
- * that restart is needed.  This macro should only be called while
- * _STATE_INITING (after wc_local_InitUp() returns _STATE_INITING and before
- * wc_local_InitUpDone()), to assure the store is uncontended.
- */
-#define WC_INIT_STATE_RAISE_BAD_STATE(x) do {                     \
-        union wc_init_state_bitfields _x;                         \
-        _x.u = WOLFSSL_ATOMIC_LOAD(x);                            \
-        _x.c.state = WC_INIT_STATE_BAD_STATE;                     \
-        WOLFSSL_ATOMIC_STORE(x, _x.u);                            \
-    } while (0)
-WOLFSSL_LOCAL int wc_local_InitUp(wc_init_state_t *s, int doWait);
-WOLFSSL_LOCAL int wc_local_InitUpDone(wc_init_state_t *s);
-WOLFSSL_LOCAL int wc_local_InitDown(wc_init_state_t *s, int doWait);
-WOLFSSL_LOCAL int wc_local_InitDownDone(wc_init_state_t *s);
-
 /* main crypto initialization function */
 WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Init(void);
 WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
