If the option MBEDTLS_TEST_NULL_ENTROPY is enabled, the cmake generated
makefile will generate an error unless a UNSAFE_BUILD switch is also enabled.
Equally, a similar warning will always be generated if the Makefile is built,
and another warning is generated on every compilation of entropy.c.
This is to ensure the user is aware of what they're doing when they enable the
null entropy option.
target_config.h is no longer needed for target/platform configurations so
this change removes it from the default and platform configurations for mbed
builds.
A standard 'test' that writes a seed file is added so that regular tests
still can succeed. This is in lieu of a 'SUITE_PRE_CODE' kind of
arrangement where a suite can run code before (and after) all other code
runs.
A test is added that checks if we can read and write the standard NV
seed file
A test is added that actually checks if the entropy and seed file values
that are the result of just using the NV seed are the same as the manual
calculation.
Update the NV entropy seed before generating any entropy for outside
use. The reason this is triggered here and not in mbedtls_entropy_init(),
is that not all entropy sources mights have been added at that time.
Introduces mbedtls_nv_seed_read() and mbedtls_nv_seed_write().
The platform-layer functions are only available when
MBEDTLS_ENTROPY_NV_SEED is enabled.
target_config.h is no longer needed for target/platform configurations so
this change removes it from the default and platform configurations for mbed
builds.
Add a switch that turns entropy collecting off entirely, but enables
mbed TLS to run in an entirely unsafe mode. Enables to test mbed TLS
on platforms that don't have their entropy sources integrated yet.
target_config.h is no longer needed for target/platform configurations so
this change removes it from the default and platform configurations for mbed
builds.
