mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-27 06:41:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

psa: Add NV seed as an entropy source when needed

Browse Source 
When MBEDTLS_PSA_INJECT_ENTROPY is used, we now require also defining
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES. When
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES is defined, we do not add entropy
sources by default. This includes the NV seed entropy source, which the
PSA entropy injection API is built upon.

The PSA entropy injection feature depends on using NV seed as an entropy
source. Add NV seed as an entropy source for PSA entropy injection.

Fixes e3dbdd8d9082 ("Gate entropy injection through a dedicated configuration option")
This commit is contained in:
Jaeden Amero 2019-06-04 17:14:43 +01:00
parent d5072d1f13
commit 7654161dbf
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
library/psa_crypto.c
View File

@ -4639,6 +4639,15 @@ psa_status_t psa_crypto_init( void )
/* Initialize the random generator. */
global_data.entropy_init( &global_data.entropy );
#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
/* The PSA entropy injection feature depends on using NV seed as an entropy
* source. Add NV seed as an entropy source for PSA entropy injection. */
mbedtls_entropy_add_source( &global_data.entropy,
mbedtls_nv_seed_poll, NULL,
MBEDTLS_ENTROPY_BLOCK_SIZE,
MBEDTLS_ENTROPY_SOURCE_STRONG );
#endif
mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
global_data.rng_state = RNG_INITIALIZED;
status = mbedtls_to_psa_error(