further clarify intentt

Signed-off-by: Leah Rowe <leah@libreboot.org>
author: Leah Rowe <leah@libreboot.org> 2026-03-25 20:50:59 +0000
committer: Leah Rowe <leah@libreboot.org> 2026-03-25 20:50:59 +0000
commit: 0f66f08632f0a4d05a23fcdde60400943d56cf28 (patch)
tree: 9aeaffd866f5d417aa6784be9b68e699e52f4470 /util/libreboot-utils/lib
parent: 7c0f6c160f9e15393fe2786262b3e1fca4d4ce94 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/util/libreboot-utils/lib/rand.c b/util/libreboot-utils/lib/rand.c
index bb142bdc..7b53b6a4 100644
--- a/util/libreboot-utils/lib/rand.c
+++ b/util/libreboot-utils/lib/rand.c
@@ -54,6 +54,17 @@
  * for example must not rely on weak randomness.
  * We must therefore treat broken randomness as
  * though the world is broken, and burn accordingly.
+ *
+ * Similarly, any invalid input (NULL, zero bytes
+ * requested) are treated as fatal errors; again,
+ * cryptographic code must be reliable. If your
+ * code erroneously requested zero bytes, you might
+ * then end up with a non-randomised buffer, where
+ * you likely intended otherwise.
+ *
+ * In other words: call rset() correctly, or your
+ * program dies, and rset will behave correctly,
+ * or your program dies.
  */
 
 void
author	Leah Rowe <leah@libreboot.org>	2026-03-25 20:50:59 +0000
committer	Leah Rowe <leah@libreboot.org>	2026-03-25 20:50:59 +0000
commit	0f66f08632f0a4d05a23fcdde60400943d56cf28 (patch)
tree	9aeaffd866f5d417aa6784be9b68e699e52f4470 /util/libreboot-utils/lib
parent	7c0f6c160f9e15393fe2786262b3e1fca4d4ce94 (diff)