Remove MBEDTLS_TEST_NULL_ENTROPY config option.
Building the library without entropy sources negates any and all security provided by the library. This option was originally requested a relatively long time ago and it does not provide any tangible benefit for users any more. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This commit is contained in:
parent
b6800788ca
commit
72f60dfcc1
15 changed files with 10 additions and 149 deletions
|
@ -56,17 +56,6 @@ else()
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
# Warning string - created as a list for compatibility with CMake 2.8
|
# Warning string - created as a list for compatibility with CMake 2.8
|
||||||
set(WARNING_BORDER "*******************************************************\n")
|
|
||||||
set(NULL_ENTROPY_WARN_L1 "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined!\n")
|
|
||||||
set(NULL_ENTROPY_WARN_L2 "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES\n")
|
|
||||||
set(NULL_ENTROPY_WARN_L3 "**** AND IS *NOT* SUITABLE FOR PRODUCTION USE\n")
|
|
||||||
|
|
||||||
set(NULL_ENTROPY_WARNING "${WARNING_BORDER}"
|
|
||||||
"${NULL_ENTROPY_WARN_L1}"
|
|
||||||
"${NULL_ENTROPY_WARN_L2}"
|
|
||||||
"${NULL_ENTROPY_WARN_L3}"
|
|
||||||
"${WARNING_BORDER}")
|
|
||||||
|
|
||||||
set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
|
set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
|
||||||
set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n")
|
set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n")
|
||||||
set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n")
|
set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n")
|
||||||
|
@ -99,26 +88,6 @@ if(MBEDTLS_PYTHON_EXECUTABLE)
|
||||||
message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
|
message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
# If NULL Entropy is configured, display an appropriate warning
|
|
||||||
execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY
|
|
||||||
RESULT_VARIABLE result)
|
|
||||||
if(${result} EQUAL 0)
|
|
||||||
message(WARNING ${NULL_ENTROPY_WARNING})
|
|
||||||
|
|
||||||
if(NOT UNSAFE_BUILD)
|
|
||||||
message(FATAL_ERROR "\
|
|
||||||
\n\
|
|
||||||
Warning! You have enabled MBEDTLS_TEST_NULL_ENTROPY. \
|
|
||||||
This option is not safe for production use and negates all security \
|
|
||||||
It is intended for development use only. \
|
|
||||||
\n\
|
|
||||||
To confirm you want to build with this option, re-run cmake with the \
|
|
||||||
option: \n\
|
|
||||||
cmake -DUNSAFE_BUILD=ON ")
|
|
||||||
|
|
||||||
return()
|
|
||||||
endif()
|
|
||||||
endif()
|
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
|
# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
|
||||||
|
|
2
ChangeLog.d/remove_null_entropy.txt
Normal file
2
ChangeLog.d/remove_null_entropy.txt
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
API changes
|
||||||
|
* Remove the MBEDTLS_TEST_NULL_ENTROPY config option. Fixes #4388.
|
9
Makefile
9
Makefile
|
@ -59,12 +59,6 @@ uninstall:
|
||||||
done
|
done
|
||||||
endif
|
endif
|
||||||
|
|
||||||
WARNING_BORDER =*******************************************************\n
|
|
||||||
NULL_ENTROPY_WARN_L1=**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! ****\n
|
|
||||||
NULL_ENTROPY_WARN_L2=**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES ****\n
|
|
||||||
NULL_ENTROPY_WARN_L3=**** AND IS *NOT* SUITABLE FOR PRODUCTION USE ****\n
|
|
||||||
|
|
||||||
NULL_ENTROPY_WARNING=\n$(WARNING_BORDER)$(NULL_ENTROPY_WARN_L1)$(NULL_ENTROPY_WARN_L2)$(NULL_ENTROPY_WARN_L3)$(WARNING_BORDER)
|
|
||||||
|
|
||||||
WARNING_BORDER_LONG =**********************************************************************************\n
|
WARNING_BORDER_LONG =**********************************************************************************\n
|
||||||
CTR_DRBG_128_BIT_KEY_WARN_L1=**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined! ****\n
|
CTR_DRBG_128_BIT_KEY_WARN_L1=**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined! ****\n
|
||||||
|
@ -81,9 +75,6 @@ ifndef WINDOWS
|
||||||
-scripts/config.py get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \
|
-scripts/config.py get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \
|
||||||
echo '$(CTR_DRBG_128_BIT_KEY_WARNING)'
|
echo '$(CTR_DRBG_128_BIT_KEY_WARNING)'
|
||||||
|
|
||||||
# If NULL Entropy is configured, display an appropriate warning
|
|
||||||
-scripts/config.py get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \
|
|
||||||
echo '$(NULL_ENTROPY_WARNING)'
|
|
||||||
endif
|
endif
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
|
|
|
@ -201,15 +201,6 @@
|
||||||
#endif
|
#endif
|
||||||
#undef MBEDTLS_HAS_MEMSAN
|
#undef MBEDTLS_HAS_MEMSAN
|
||||||
|
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \
|
|
||||||
( !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) )
|
|
||||||
#error "MBEDTLS_TEST_NULL_ENTROPY defined, but not all prerequisites"
|
|
||||||
#endif
|
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \
|
|
||||||
( defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT) )
|
|
||||||
#error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_GCM_C) && ( \
|
#if defined(MBEDTLS_GCM_C) && ( \
|
||||||
!defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
|
!defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
|
||||||
#error "MBEDTLS_GCM_C defined, but not all prerequisites"
|
#error "MBEDTLS_GCM_C defined, but not all prerequisites"
|
||||||
|
|
|
@ -527,23 +527,6 @@
|
||||||
//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
|
//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
|
||||||
//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
|
//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
|
||||||
|
|
||||||
/**
|
|
||||||
* \def MBEDTLS_TEST_NULL_ENTROPY
|
|
||||||
*
|
|
||||||
* Enables testing and use of mbed TLS without any configured entropy sources.
|
|
||||||
* This permits use of the library on platforms before an entropy source has
|
|
||||||
* been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
|
|
||||||
* MBEDTLS_ENTROPY_NV_SEED switches).
|
|
||||||
*
|
|
||||||
* WARNING! This switch MUST be disabled in production builds, and is suitable
|
|
||||||
* only for development.
|
|
||||||
* Enabling the switch negates any security provided by the library.
|
|
||||||
*
|
|
||||||
* Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
//#define MBEDTLS_TEST_NULL_ENTROPY
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def MBEDTLS_ENTROPY_HARDWARE_ALT
|
* \def MBEDTLS_ENTROPY_HARDWARE_ALT
|
||||||
*
|
*
|
||||||
|
|
|
@ -21,12 +21,6 @@
|
||||||
|
|
||||||
#if defined(MBEDTLS_ENTROPY_C)
|
#if defined(MBEDTLS_ENTROPY_C)
|
||||||
|
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
#warning "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! "
|
|
||||||
#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES "
|
|
||||||
#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE "
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#include "mbedtls/entropy.h"
|
#include "mbedtls/entropy.h"
|
||||||
#include "entropy_poll.h"
|
#include "entropy_poll.h"
|
||||||
#include "mbedtls/platform_util.h"
|
#include "mbedtls/platform_util.h"
|
||||||
|
@ -73,11 +67,6 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
|
||||||
/* Reminder: Update ENTROPY_HAVE_STRONG in the test files
|
/* Reminder: Update ENTROPY_HAVE_STRONG in the test files
|
||||||
* when adding more strong entropy sources here. */
|
* when adding more strong entropy sources here. */
|
||||||
|
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
|
|
||||||
1, MBEDTLS_ENTROPY_SOURCE_STRONG );
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
|
#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
|
||||||
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
|
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
|
||||||
mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
|
mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
|
||||||
|
@ -524,7 +513,6 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
|
||||||
#endif /* MBEDTLS_FS_IO */
|
#endif /* MBEDTLS_FS_IO */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SELF_TEST)
|
#if defined(MBEDTLS_SELF_TEST)
|
||||||
#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
/*
|
/*
|
||||||
* Dummy source function
|
* Dummy source function
|
||||||
*/
|
*/
|
||||||
|
@ -538,7 +526,6 @@ static int entropy_dummy_source( void *data, unsigned char *output,
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
||||||
|
|
||||||
|
@ -646,17 +633,14 @@ cleanup:
|
||||||
int mbedtls_entropy_self_test( int verbose )
|
int mbedtls_entropy_self_test( int verbose )
|
||||||
{
|
{
|
||||||
int ret = 1;
|
int ret = 1;
|
||||||
#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
mbedtls_entropy_context ctx;
|
mbedtls_entropy_context ctx;
|
||||||
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
||||||
unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
||||||
size_t i, j;
|
size_t i, j;
|
||||||
#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
|
|
||||||
|
|
||||||
if( verbose != 0 )
|
if( verbose != 0 )
|
||||||
mbedtls_printf( " ENTROPY test: " );
|
mbedtls_printf( " ENTROPY test: " );
|
||||||
|
|
||||||
#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
mbedtls_entropy_init( &ctx );
|
mbedtls_entropy_init( &ctx );
|
||||||
|
|
||||||
/* First do a gather to make sure we have default sources */
|
/* First do a gather to make sure we have default sources */
|
||||||
|
@ -704,7 +688,6 @@ int mbedtls_entropy_self_test( int verbose )
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
mbedtls_entropy_free( &ctx );
|
mbedtls_entropy_free( &ctx );
|
||||||
#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
|
|
||||||
|
|
||||||
if( verbose != 0 )
|
if( verbose != 0 )
|
||||||
{
|
{
|
||||||
|
|
|
@ -211,23 +211,6 @@ int mbedtls_platform_entropy_poll( void *data,
|
||||||
#endif /* _WIN32 && !EFIX64 && !EFI32 */
|
#endif /* _WIN32 && !EFIX64 && !EFI32 */
|
||||||
#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
|
#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
|
||||||
|
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
int mbedtls_null_entropy_poll( void *data,
|
|
||||||
unsigned char *output, size_t len, size_t *olen )
|
|
||||||
{
|
|
||||||
((void) data);
|
|
||||||
((void) output);
|
|
||||||
|
|
||||||
*olen = 0;
|
|
||||||
if( len < sizeof(unsigned char) )
|
|
||||||
return( 0 );
|
|
||||||
|
|
||||||
output[0] = 0;
|
|
||||||
*olen = sizeof(unsigned char);
|
|
||||||
return( 0 );
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_TIMING_C)
|
#if defined(MBEDTLS_TIMING_C)
|
||||||
int mbedtls_hardclock_poll( void *data,
|
int mbedtls_hardclock_poll( void *data,
|
||||||
unsigned char *output, size_t len, size_t *olen )
|
unsigned char *output, size_t len, size_t *olen )
|
||||||
|
|
|
@ -43,14 +43,6 @@ extern "C" {
|
||||||
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */
|
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
|
||||||
* \brief Entropy poll callback that provides 0 entropy.
|
|
||||||
*/
|
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
int mbedtls_null_entropy_poll( void *data,
|
|
||||||
unsigned char *output, size_t len, size_t *olen );
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
|
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
|
||||||
/**
|
/**
|
||||||
* \brief Platform-specific entropy poll callback
|
* \brief Platform-specific entropy poll callback
|
||||||
|
|
|
@ -252,9 +252,6 @@ static const char * const features[] = {
|
||||||
#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
|
#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
|
||||||
"MBEDTLS_ECP_NORMALIZE_MXZ_ALT",
|
"MBEDTLS_ECP_NORMALIZE_MXZ_ALT",
|
||||||
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
|
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
"MBEDTLS_TEST_NULL_ENTROPY",
|
|
||||||
#endif /* MBEDTLS_TEST_NULL_ENTROPY */
|
|
||||||
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
||||||
"MBEDTLS_ENTROPY_HARDWARE_ALT",
|
"MBEDTLS_ENTROPY_HARDWARE_ALT",
|
||||||
#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
|
#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
|
||||||
|
|
|
@ -723,14 +723,6 @@ int query_config( const char *config )
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
|
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
|
||||||
|
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
if( strcmp( "MBEDTLS_TEST_NULL_ENTROPY", config ) == 0 )
|
|
||||||
{
|
|
||||||
MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_NULL_ENTROPY );
|
|
||||||
return( 0 );
|
|
||||||
}
|
|
||||||
#endif /* MBEDTLS_TEST_NULL_ENTROPY */
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
||||||
if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 )
|
if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 )
|
||||||
{
|
{
|
||||||
|
|
|
@ -194,7 +194,6 @@ EXCLUDE_FROM_FULL = frozenset([
|
||||||
'MBEDTLS_SHA512_NO_SHA384', # removes a feature
|
'MBEDTLS_SHA512_NO_SHA384', # removes a feature
|
||||||
'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan)
|
'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan)
|
||||||
'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers)
|
'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers)
|
||||||
'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature
|
|
||||||
'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS
|
'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS
|
||||||
'MBEDTLS_X509_REMOVE_INFO', # removes a feature
|
'MBEDTLS_X509_REMOVE_INFO', # removes a feature
|
||||||
])
|
])
|
||||||
|
|
|
@ -2072,21 +2072,6 @@ component_test_when_no_ciphersuites_have_mac () {
|
||||||
if_build_succeeded tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM'
|
if_build_succeeded tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM'
|
||||||
}
|
}
|
||||||
|
|
||||||
component_test_null_entropy () {
|
|
||||||
msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
|
|
||||||
scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY
|
|
||||||
scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
|
|
||||||
scripts/config.py set MBEDTLS_ENTROPY_C
|
|
||||||
scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
|
|
||||||
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
|
|
||||||
scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT
|
|
||||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON .
|
|
||||||
make
|
|
||||||
|
|
||||||
msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)"
|
|
||||||
make test
|
|
||||||
}
|
|
||||||
|
|
||||||
component_test_no_date_time () {
|
component_test_no_date_time () {
|
||||||
msg "build: default config without MBEDTLS_HAVE_TIME_DATE"
|
msg "build: default config without MBEDTLS_HAVE_TIME_DATE"
|
||||||
scripts/config.py unset MBEDTLS_HAVE_TIME_DATE
|
scripts/config.py unset MBEDTLS_HAVE_TIME_DATE
|
||||||
|
|
|
@ -87,11 +87,10 @@ jmp_buf jmp_tmp;
|
||||||
|
|
||||||
/* Indicates whether we expect mbedtls_entropy_init
|
/* Indicates whether we expect mbedtls_entropy_init
|
||||||
* to initialize some strong entropy source. */
|
* to initialize some strong entropy source. */
|
||||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY) || \
|
#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
|
||||||
( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
|
( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \
|
||||||
( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \
|
defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
|
||||||
defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
|
defined(ENTROPY_NV_SEED) )
|
||||||
defined(ENTROPY_NV_SEED) ) )
|
|
||||||
#define ENTROPY_HAVE_STRONG
|
#define ENTROPY_HAVE_STRONG
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
@ -83,9 +83,4 @@ Check NV seed manually #3
|
||||||
entropy_nv_seed:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
|
entropy_nv_seed:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
|
||||||
|
|
||||||
Entropy self test
|
Entropy self test
|
||||||
depends_on:!MBEDTLS_TEST_NULL_ENTROPY
|
|
||||||
entropy_selftest:0
|
entropy_selftest:0
|
||||||
|
|
||||||
Entropy self test (MBEDTLS_TEST_NULL_ENTROPY)
|
|
||||||
depends_on:MBEDTLS_TEST_NULL_ENTROPY
|
|
||||||
entropy_selftest:1
|
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
|
|
||||||
/* END_HEADER */
|
/* END_HEADER */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_CTR_DRBG_C */
|
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
|
||||||
void random_twice_with_ctr_drbg( )
|
void random_twice_with_ctr_drbg( )
|
||||||
{
|
{
|
||||||
mbedtls_entropy_context entropy;
|
mbedtls_entropy_context entropy;
|
||||||
|
@ -57,7 +57,7 @@ exit:
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_HMAC_DRBG_C */
|
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */
|
||||||
void random_twice_with_hmac_drbg( int md_type )
|
void random_twice_with_hmac_drbg( int md_type )
|
||||||
{
|
{
|
||||||
mbedtls_entropy_context entropy;
|
mbedtls_entropy_context entropy;
|
||||||
|
@ -97,7 +97,7 @@ exit:
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
||||||
void random_twice_with_psa_from_classic( )
|
void random_twice_with_psa_from_classic( )
|
||||||
{
|
{
|
||||||
unsigned char output1[OUTPUT_SIZE];
|
unsigned char output1[OUTPUT_SIZE];
|
||||||
|
@ -123,7 +123,7 @@ exit:
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
||||||
void random_twice_with_psa_from_psa( )
|
void random_twice_with_psa_from_psa( )
|
||||||
{
|
{
|
||||||
unsigned char output1[OUTPUT_SIZE];
|
unsigned char output1[OUTPUT_SIZE];
|
||||||
|
|
Loading…
Reference in a new issue