From c2668b61ea5ac01279929be6be86cc04fd342ab5 Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Mon, 20 Feb 2012 21:24:30 +0000
Subject: [rng] Record validity within DRBG state

Treat an empty (zeroed) DRBG as invalid.  This ensures that a DRBG
that has not yet been instantiated (or that has been uninstantiated)
will refuse to attempt to generate random bits.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/include/ipxe/drbg.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/include')

diff --git a/src/include/ipxe/drbg.h b/src/include/ipxe/drbg.h
index a09d136dd..3cf4584ac 100644
--- a/src/include/ipxe/drbg.h
+++ b/src/include/ipxe/drbg.h
@@ -39,6 +39,8 @@ struct drbg_state {
 	struct hmac_drbg_state internal;
 	/** Reseed required flag */
 	int reseed_required;
+	/** State is valid */
+	int valid;
 };
 
 /**
-- 
cgit v1.2.3-55-g7522