Support NV seed enabled at compile time but not at runtime

When testing with custom entropy sources, if MBEDTLS_ENTROPY_NV_SEED
is enabled at compile time but the NV seed source is not used at
runtime, mbedtls_entropy_func makes a second pass anyway. Cope with
this in the test code by telling the entropy module not to make this
second pass.
This commit is contained in:
Gilles Peskine 2018-11-20 23:09:54 +01:00
parent ebe770c693
commit 0b3b5733fc

View File

@ -95,10 +95,17 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx )
#endif #endif
#if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_ENTROPY_NV_SEED)
if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED ) if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED )
{
mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL, mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
MBEDTLS_ENTROPY_BLOCK_SIZE, MBEDTLS_ENTROPY_BLOCK_SIZE,
MBEDTLS_ENTROPY_SOURCE_STRONG ); MBEDTLS_ENTROPY_SOURCE_STRONG );
ctx->initial_entropy_run = 0; ctx->initial_entropy_run = 0;
}
else
{
/* Skip the NV seed even though it's compiled in. */
ctx->initial_entropy_run = 1;
}
#endif #endif
if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE ) if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE )