diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data index 68a7f984e3..6a9f239b6b 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.data +++ b/tests/suites/test_suite_psa_crypto_entropy.data @@ -1,3 +1,49 @@ +Create NV seed file +create_nv_seed: + +Custom entropy sources: all standard +custom_entropy_sources:0x0000ffff:PSA_SUCCESS + +# MBEDTLS_PSA_INJECT_ENTROPY means that a source of entropy (the seed file) +# is effectively always available. +Custom entropy sources: none +depends_on:!MBEDTLS_PSA_INJECT_ENTROPY +custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY + +Fake entropy: never returns anything +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:0:PSA_ERROR_INSUFFICIENT_ENTROPY + +Fake entropy: less than the block size +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY + +Fake entropy: not enough for a nonce +depends_on:ENTROPY_NONCE_LEN != 0 +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:ENTROPY_NONCE_LEN - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY + +Fake entropy: one block eventually +depends_on:ENTROPY_NONCE_LEN == 0 +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS + +Fake entropy: one block in two steps +depends_on:ENTROPY_NONCE_LEN == 0 +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:1:-1:-1:PSA_SUCCESS + +Fake entropy: more than one block in two steps +depends_on:ENTROPY_NONCE_LEN == 0 +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:PSA_SUCCESS + +Fake entropy: two blocks eventually +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:MBEDTLS_ENTROPY_BLOCK_SIZE:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS + +NV seed only: less than minimum +entropy_from_nv_seed:MBEDTLS_ENTROPY_MIN_PLATFORM - 1:PSA_ERROR_INSUFFICIENT_ENTROPY + +NV seed only: less than one block +entropy_from_nv_seed:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:PSA_ERROR_INSUFFICIENT_ENTROPY + +NV seed only: just enough +entropy_from_nv_seed:ENTROPY_MIN_NV_SEED_SIZE:PSA_SUCCESS + PSA external RNG failure: generate random and key external_rng_failure_generate: @@ -43,3 +89,5 @@ validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_A PSA validate entropy injection: before and after crypto_init run_entropy_inject_with_crypto_init: +Recreate NV seed file +create_nv_seed: diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 4d5eda2baf..ce10affa67 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -4,9 +4,117 @@ #include +/* Some tests in this module configure entropy sources. */ +#include "psa_crypto_invasive.h" + #include "mbedtls/entropy.h" #include "entropy_poll.h" +#define ENTROPY_MIN_NV_SEED_SIZE \ + MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) + +#include "psa_crypto_random_impl.h" +#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) +/* PSA crypto uses the HMAC_DRBG module. It reads from the entropy source twice: + * once for the initial entropy and once for a nonce. The nonce length is + * half the entropy length. For SHA-256, SHA-384 or SHA-512, the + * entropy length is 256 per the documentation of mbedtls_hmac_drbg_seed(), + * and PSA crypto doesn't support other hashes for HMAC_DRBG. */ +#define ENTROPY_NONCE_LEN (256 / 2) +#else +/* PSA crypto uses the CTR_DRBG module. In some configurations, it needs + * to read from the entropy source twice: once for the initial entropy + * and once for a nonce. */ +#include "mbedtls/ctr_drbg.h" +#define ENTROPY_NONCE_LEN MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN +#endif + +#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) + +typedef struct { + size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */ + size_t max_steps; + size_t *length_sequence; + size_t step; +} fake_entropy_state_t; +static int fake_entropy_source(void *state_arg, + unsigned char *output, size_t len, + size_t *olen) +{ + fake_entropy_state_t *state = state_arg; + size_t i; + + if (state->step >= state->max_steps) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } + + *olen = MIN(len, state->length_sequence[state->step]); + for (i = 0; i < *olen; i++) { + output[i] = i; + } + ++state->step; + return 0; +} + +#define ENTROPY_SOURCE_PLATFORM 0x00000001 +#define ENTROPY_SOURCE_TIMING 0x00000002 +#define ENTROPY_SOURCE_HARDWARE 0x00000004 +#define ENTROPY_SOURCE_NV_SEED 0x00000008 +#define ENTROPY_SOURCE_FAKE 0x40000000 + +static uint32_t custom_entropy_sources_mask; +static fake_entropy_state_t fake_entropy_state; + +/* This is a modified version of mbedtls_entropy_init() from entropy.c + * which chooses entropy sources dynamically. */ +static void custom_entropy_init(mbedtls_entropy_context *ctx) +{ + ctx->source_count = 0; + memset(ctx->source, 0, sizeof(ctx->source)); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init(&ctx->mutex); +#endif + + ctx->accumulator_started = 0; + mbedtls_md_init(&ctx->accumulator); + +#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) + if (custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM) { + mbedtls_entropy_add_source(ctx, mbedtls_platform_entropy_poll, NULL, + MBEDTLS_ENTROPY_MIN_PLATFORM, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } +#endif +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) + if (custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE) { + mbedtls_entropy_add_source(ctx, mbedtls_hardware_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDWARE, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } +#endif +#if defined(MBEDTLS_ENTROPY_NV_SEED) + if (custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED) { + mbedtls_entropy_add_source(ctx, mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG); + ctx->initial_entropy_run = 0; + } else { + /* Skip the NV seed even though it's compiled in. */ + ctx->initial_entropy_run = 1; + } +#endif + + if (custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE) { + mbedtls_entropy_add_source(ctx, + fake_entropy_source, &fake_entropy_state, + fake_entropy_state.threshold, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } +} + +#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ + /* Calculating the minimum allowed entropy size in bytes */ #define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, \ MBEDTLS_ENTROPY_BLOCK_SIZE) @@ -68,6 +176,115 @@ psa_status_t remove_seed_file(void) /* END_HEADER */ +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ +void create_nv_seed() +{ + static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE]; + TEST_ASSERT(mbedtls_nv_seed_write(seed, sizeof(seed)) >= 0); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ +void custom_entropy_sources(int sources_arg, int expected_init_status_arg) +{ + psa_status_t expected_init_status = expected_init_status_arg; + uint8_t random[10] = { 0 }; + + custom_entropy_sources_mask = sources_arg; + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); + + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { + goto exit; + } + + PSA_ASSERT(psa_generate_random(random, sizeof(random))); + +exit: + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ +void fake_entropy_source(int threshold, + int amount1, + int amount2, + int amount3, + int amount4, + int expected_init_status_arg) +{ + psa_status_t expected_init_status = expected_init_status_arg; + uint8_t random[10] = { 0 }; + size_t lengths[4]; + + fake_entropy_state.threshold = threshold; + fake_entropy_state.step = 0; + fake_entropy_state.max_steps = 0; + if (amount1 >= 0) { + lengths[fake_entropy_state.max_steps++] = amount1; + } + if (amount2 >= 0) { + lengths[fake_entropy_state.max_steps++] = amount2; + } + if (amount3 >= 0) { + lengths[fake_entropy_state.max_steps++] = amount3; + } + if (amount4 >= 0) { + lengths[fake_entropy_state.max_steps++] = amount4; + } + fake_entropy_state.length_sequence = lengths; + + custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE; + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); + + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { + goto exit; + } + + PSA_ASSERT(psa_generate_random(random, sizeof(random))); + +exit: + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ +void entropy_from_nv_seed(int seed_size_arg, + int expected_init_status_arg) +{ + psa_status_t expected_init_status = expected_init_status_arg; + uint8_t random[10] = { 0 }; + uint8_t *seed = NULL; + size_t seed_size = seed_size_arg; + + TEST_CALLOC(seed, seed_size); + TEST_ASSERT(mbedtls_nv_seed_write(seed, seed_size) >= 0); + + custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED; + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); + + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { + goto exit; + } + + PSA_ASSERT(psa_generate_random(random, sizeof(random))); + +exit: + mbedtls_free(seed); + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ void external_rng_failure_generate() { diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index 147d03fbed..1525ab1e5b 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -1,6 +1,3 @@ -Create NV seed file -create_nv_seed: - PSA init/deinit init_deinit:2 @@ -24,49 +21,3 @@ validate_module_init_generate_random:1 No key slot access after deinit validate_module_init_key_based:1 - -Custom entropy sources: all standard -custom_entropy_sources:0x0000ffff:PSA_SUCCESS - -# MBEDTLS_PSA_INJECT_ENTROPY means that a source of entropy (the seed file) -# is effectively always available. -Custom entropy sources: none -depends_on:!MBEDTLS_PSA_INJECT_ENTROPY -custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY - -Fake entropy: never returns anything -fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:0:PSA_ERROR_INSUFFICIENT_ENTROPY - -Fake entropy: less than the block size -fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY - -Fake entropy: not enough for a nonce -depends_on:ENTROPY_NONCE_LEN != 0 -fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:ENTROPY_NONCE_LEN - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY - -Fake entropy: one block eventually -depends_on:ENTROPY_NONCE_LEN == 0 -fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS - -Fake entropy: one block in two steps -depends_on:ENTROPY_NONCE_LEN == 0 -fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:1:-1:-1:PSA_SUCCESS - -Fake entropy: more than one block in two steps -depends_on:ENTROPY_NONCE_LEN == 0 -fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:PSA_SUCCESS - -Fake entropy: two blocks eventually -fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:MBEDTLS_ENTROPY_BLOCK_SIZE:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS - -NV seed only: less than minimum -entropy_from_nv_seed:MBEDTLS_ENTROPY_MIN_PLATFORM - 1:PSA_ERROR_INSUFFICIENT_ENTROPY - -NV seed only: less than one block -entropy_from_nv_seed:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:PSA_ERROR_INSUFFICIENT_ENTROPY - -NV seed only: just enough -entropy_from_nv_seed:ENTROPY_MIN_NV_SEED_SIZE:PSA_SUCCESS - -Recreate NV seed file -create_nv_seed: diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 954560a24e..6b4b18577b 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -2,12 +2,9 @@ #include #include "psa_crypto_core.h" -/* Some tests in this module configure entropy sources. */ +/* For mbedtls_psa_crypto_configure_entropy_sources() */ #include "psa_crypto_invasive.h" -#include "mbedtls/entropy.h" -#include "entropy_poll.h" - static int check_stats(void) { mbedtls_psa_stats_t stats; @@ -25,111 +22,6 @@ exit: return 0; } -#define ENTROPY_MIN_NV_SEED_SIZE \ - MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) - -#include "psa_crypto_random_impl.h" -#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) -/* PSA crypto uses the HMAC_DRBG module. It reads from the entropy source twice: - * once for the initial entropy and once for a nonce. The nonce length is - * half the entropy length. For SHA-256, SHA-384 or SHA-512, the - * entropy length is 256 per the documentation of mbedtls_hmac_drbg_seed(), - * and PSA crypto doesn't support other hashes for HMAC_DRBG. */ -#define ENTROPY_NONCE_LEN (256 / 2) -#else -/* PSA crypto uses the CTR_DRBG module. In some configurations, it needs - * to read from the entropy source twice: once for the initial entropy - * and once for a nonce. */ -#include "mbedtls/ctr_drbg.h" -#define ENTROPY_NONCE_LEN MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN -#endif - -#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - -typedef struct { - size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */ - size_t max_steps; - size_t *length_sequence; - size_t step; -} fake_entropy_state_t; -static int fake_entropy_source(void *state_arg, - unsigned char *output, size_t len, - size_t *olen) -{ - fake_entropy_state_t *state = state_arg; - size_t i; - - if (state->step >= state->max_steps) { - return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; - } - - *olen = MIN(len, state->length_sequence[state->step]); - for (i = 0; i < *olen; i++) { - output[i] = i; - } - ++state->step; - return 0; -} - -#define ENTROPY_SOURCE_PLATFORM 0x00000001 -#define ENTROPY_SOURCE_TIMING 0x00000002 -#define ENTROPY_SOURCE_HARDWARE 0x00000004 -#define ENTROPY_SOURCE_NV_SEED 0x00000008 -#define ENTROPY_SOURCE_FAKE 0x40000000 - -static uint32_t custom_entropy_sources_mask; -static fake_entropy_state_t fake_entropy_state; - -/* This is a modified version of mbedtls_entropy_init() from entropy.c - * which chooses entropy sources dynamically. */ -static void custom_entropy_init(mbedtls_entropy_context *ctx) -{ - ctx->source_count = 0; - memset(ctx->source, 0, sizeof(ctx->source)); - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init(&ctx->mutex); -#endif - - ctx->accumulator_started = 0; - mbedtls_md_init(&ctx->accumulator); - -#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - if (custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM) { - mbedtls_entropy_add_source(ctx, mbedtls_platform_entropy_poll, NULL, - MBEDTLS_ENTROPY_MIN_PLATFORM, - MBEDTLS_ENTROPY_SOURCE_STRONG); - } -#endif -#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - if (custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE) { - mbedtls_entropy_add_source(ctx, mbedtls_hardware_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDWARE, - MBEDTLS_ENTROPY_SOURCE_STRONG); - } -#endif -#if defined(MBEDTLS_ENTROPY_NV_SEED) - if (custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED) { - mbedtls_entropy_add_source(ctx, mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG); - ctx->initial_entropy_run = 0; - } else { - /* Skip the NV seed even though it's compiled in. */ - ctx->initial_entropy_run = 1; - } -#endif - - if (custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE) { - mbedtls_entropy_add_source(ctx, - fake_entropy_source, &fake_entropy_state, - fake_entropy_state.threshold, - MBEDTLS_ENTROPY_SOURCE_STRONG); - } -} - -#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ - #if defined MBEDTLS_THREADING_PTHREAD typedef struct { @@ -190,14 +82,6 @@ exit: * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void create_nv_seed() -{ - static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE]; - TEST_ASSERT(mbedtls_nv_seed_write(seed, sizeof(seed)) >= 0); -} -/* END_CASE */ - /* BEGIN_CASE */ void init_deinit(int count) { @@ -333,99 +217,3 @@ void validate_module_init_key_based(int count) TEST_ASSERT(mbedtls_svc_key_id_is_null(key)); } /* END_CASE */ - -/* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void custom_entropy_sources(int sources_arg, int expected_init_status_arg) -{ - psa_status_t expected_init_status = expected_init_status_arg; - uint8_t random[10] = { 0 }; - - custom_entropy_sources_mask = sources_arg; - PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free)); - - TEST_EQUAL(psa_crypto_init(), expected_init_status); - if (expected_init_status != PSA_SUCCESS) { - goto exit; - } - - PSA_ASSERT(psa_generate_random(random, sizeof(random))); - -exit: - PSA_DONE(); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void fake_entropy_source(int threshold, - int amount1, - int amount2, - int amount3, - int amount4, - int expected_init_status_arg) -{ - psa_status_t expected_init_status = expected_init_status_arg; - uint8_t random[10] = { 0 }; - size_t lengths[4]; - - fake_entropy_state.threshold = threshold; - fake_entropy_state.step = 0; - fake_entropy_state.max_steps = 0; - if (amount1 >= 0) { - lengths[fake_entropy_state.max_steps++] = amount1; - } - if (amount2 >= 0) { - lengths[fake_entropy_state.max_steps++] = amount2; - } - if (amount3 >= 0) { - lengths[fake_entropy_state.max_steps++] = amount3; - } - if (amount4 >= 0) { - lengths[fake_entropy_state.max_steps++] = amount4; - } - fake_entropy_state.length_sequence = lengths; - - custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE; - PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free)); - - TEST_EQUAL(psa_crypto_init(), expected_init_status); - if (expected_init_status != PSA_SUCCESS) { - goto exit; - } - - PSA_ASSERT(psa_generate_random(random, sizeof(random))); - -exit: - PSA_DONE(); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void entropy_from_nv_seed(int seed_size_arg, - int expected_init_status_arg) -{ - psa_status_t expected_init_status = expected_init_status_arg; - uint8_t random[10] = { 0 }; - uint8_t *seed = NULL; - size_t seed_size = seed_size_arg; - - TEST_CALLOC(seed, seed_size); - TEST_ASSERT(mbedtls_nv_seed_write(seed, seed_size) >= 0); - - custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED; - PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free)); - - TEST_EQUAL(psa_crypto_init(), expected_init_status); - if (expected_init_status != PSA_SUCCESS) { - goto exit; - } - - PSA_ASSERT(psa_generate_random(random, sizeof(random))); - -exit: - mbedtls_free(seed); - PSA_DONE(); -} -/* END_CASE */