rework RNG initialization/free in crypto tests to prevent uninitialized use

bigbrett · bigbrett · commit eb85f189ee94 · 2025-10-17T11:44:52.000-06:00
diff --git a/test/wh_test_crypto.c b/test/wh_test_crypto.c
@@ -134,7 +134,6 @@ static int whTest_CryptoRng(whClientContext* ctx, int devId, WC_RNG* rng)
     uint8_t med[WH_TEST_RNG_MED];
     uint8_t big[WH_TEST_RNG_BIG];
 
-    /* test rng.  Note this rng is used for many tests so is left inited */
     ret = wc_InitRng_ex(rng, NULL, devId);
     if (ret != 0) {
         WH_ERROR_PRINT("Failed to wc_InitRng_ex %d\n", ret);
@@ -152,6 +151,10 @@ static int whTest_CryptoRng(whClientContext* ctx, int devId, WC_RNG* rng)
                     WH_ERROR_PRINT("Failed to wc_RNG_GenerateBlock %d\n", ret);
                 }
             }
+            ret = wc_FreeRng(rng);
+            if (ret != 0) {
+                WH_ERROR_PRINT("Failed to wc_FreeRng %d\n", ret);
+            }
         }
     }
     if (ret == 0) {
@@ -3561,6 +3564,8 @@ int whTest_CryptoClientConfig(whClientConfig* config)
     }
 #endif /* WOLFHSM_CFG_TEST_VERBOSE */
 
+    /* First crypto test should be of RNG so we can iterate over and test all
+     * devIds before choosing one to run the rest of the tests on */
     i = 0;
     while ((ret == WH_ERROR_OK) && (i < WH_NUM_DEVIDS)) {
         ret = whTest_CryptoRng(client, WH_DEV_IDS_ARRAY[i], rng);
@@ -3570,6 +3575,16 @@ int whTest_CryptoClientConfig(whClientConfig* config)
         }
     }
 
+    /* Now that we have tested all RNG devIds, reinitialize the default RNG
+     * devId (non-DMA) that will be used by the remainder of the tests for
+     * random input generation */
+    if (ret == 0) {
+        ret = wc_InitRng_ex(rng, NULL, WH_DEV_ID);
+        if (ret != 0) {
+            WH_ERROR_PRINT("Failed to reinitialize RNG %d\n", ret);
+        }
+    }
+
     if (ret == 0) {
         /* Test Key Cache functions */
         ret = whTest_KeyCache(client, WH_DEV_ID, rng);

Original file line number	Diff line number	Diff line change
`@@ -134,7 +134,6 @@ static int whTest_CryptoRng(whClientContext* ctx, int devId, WC_RNG* rng)`
`134`	`134`	`uint8_t med[WH_TEST_RNG_MED];`
`135`	`135`	`uint8_t big[WH_TEST_RNG_BIG];`
`136`	`136`
`137`		`- /* test rng. Note this rng is used for many tests so is left inited */`
`138`	`137`	`ret = wc_InitRng_ex(rng, NULL, devId);`
`139`	`138`	`if (ret != 0) {`
`140`	`139`	`WH_ERROR_PRINT("Failed to wc_InitRng_ex %d\n", ret);`
`@@ -152,6 +151,10 @@ static int whTest_CryptoRng(whClientContext* ctx, int devId, WC_RNG* rng)`
`152`	`151`	`WH_ERROR_PRINT("Failed to wc_RNG_GenerateBlock %d\n", ret);`
`153`	`152`	`}`
`154`	`153`	`}`
	`154`	`+ ret = wc_FreeRng(rng);`
	`155`	`+ if (ret != 0) {`
	`156`	`+ WH_ERROR_PRINT("Failed to wc_FreeRng %d\n", ret);`
	`157`	`+ }`
`155`	`158`	`}`
`156`	`159`	`}`
`157`	`160`	`if (ret == 0) {`
`@@ -3561,6 +3564,8 @@ int whTest_CryptoClientConfig(whClientConfig* config)`
`3561`	`3564`	`}`
`3562`	`3565`	`#endif /* WOLFHSM_CFG_TEST_VERBOSE */`
`3563`	`3566`
	`3567`	`+ /* First crypto test should be of RNG so we can iterate over and test all`
	`3568`	`+ * devIds before choosing one to run the rest of the tests on */`
`3564`	`3569`	`i = 0;`
`3565`	`3570`	`while ((ret == WH_ERROR_OK) && (i < WH_NUM_DEVIDS)) {`
`3566`	`3571`	`ret = whTest_CryptoRng(client, WH_DEV_IDS_ARRAY[i], rng);`
`@@ -3570,6 +3575,16 @@ int whTest_CryptoClientConfig(whClientConfig* config)`
`3570`	`3575`	`}`
`3571`	`3576`	`}`
`3572`	`3577`
	`3578`	`+ /* Now that we have tested all RNG devIds, reinitialize the default RNG`
	`3579`	`+ * devId (non-DMA) that will be used by the remainder of the tests for`
	`3580`	`+ * random input generation */`
	`3581`	`+ if (ret == 0) {`
	`3582`	`+ ret = wc_InitRng_ex(rng, NULL, WH_DEV_ID);`
	`3583`	`+ if (ret != 0) {`
	`3584`	`+ WH_ERROR_PRINT("Failed to reinitialize RNG %d\n", ret);`
	`3585`	`+ }`
	`3586`	`+ }`
	`3587`	`+`
`3573`	`3588`	`if (ret == 0) {`
`3574`	`3589`	`/* Test Key Cache functions */`
`3575`	`3590`	`ret = whTest_KeyCache(client, WH_DEV_ID, rng);`