From c0963010c06a1c3b3ce7affa58b7d655432e6d31 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 18 Nov 2020 15:33:33 +0100
Subject: [PATCH] Document mbedtls_psa_external_random_context_t

Note that the implementation here is just a sample, and integrators
are expected to replace it with whatever they need.

But do try to supply a definition that can be somewhat useful (give
room for pointer+size).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 include/psa/crypto_platform.h | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index a147a3eea8..17ebd70e7b 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -82,8 +82,17 @@ static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1,
 #endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
 
 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** The type of contexts passed to mbedtls_psa_external_get_random().
+ *
+ * Mbed TLS initializes the context to all-bits-zero before calling
+ * mbedtls_psa_external_get_random() for the first time.
+ *
+ * The definition of this type in the Mbed TLS source code is for
+ * demonstration purposes. Implementers of mbedtls_psa_external_get_random()
+ * are expected to replace it with a custom definition.
+ */
 typedef struct {
-    uint8_t opaque[32];
+    uintptr_t opaque[2];
 } mbedtls_psa_external_random_context_t;
 #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */