From 3891cd65d8ac90b4850f5800f9e98001136b6df8 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Mon, 5 Dec 2022 16:08:31 -0800
Subject: [PATCH] DRBG OK

When initializing the RNG and are using RDRAND, or one of the other
replacement random number generators that could fall back to the
Hash_DRBG if unavailable, set the status to DRBG_OK. This would fix a
problem if someone assumes the DRBG status is meaningful.
---
 wolfcrypt/src/random.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index 0d01ff409..e4f29e5c0 100644
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -848,20 +848,32 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfAsync_DevCtxInit(&rng->asyncDev, WOLFSSL_ASYNC_MARKER_RNG,
                                                         rng->heap, rng->devId);
-    if (ret != 0)
+    if (ret != 0) {
+    #ifdef HAVE_HASHDRBG
+        rng->status = DRBG_OK;
+    #endif
         return ret;
+    }
 #endif
 
 #ifdef HAVE_INTEL_RDRAND
     /* if CPU supports RDRAND, use it directly and by-pass DRBG init */
-    if (IS_INTEL_RDRAND(intel_flags))
+    if (IS_INTEL_RDRAND(intel_flags)) {
+    #ifdef HAVE_HASHDRBG
+        rng->status = DRBG_OK;
+    #endif
         return 0;
+    }
 #endif
 
 #ifdef WOLFSSL_XILINX_CRYPT_VERSAL
     ret = wc_VersalTrngInit(nonce, nonceSz);
-    if (ret)
+    if (ret) {
+    #ifdef HAVE_HASHDRBG
+        rng->status = DRBG_OK;
+    #endif
         return ret;
+    }
 #endif
 
 #ifdef CUSTOM_RAND_GENERATE_BLOCK