46b8536a27
Strong entropy/random sources are a must to get secure crypto algorithms, but sometimes its useful to allow non-CS sources as well for sake of test purposes. MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG was designed exactly for this scope, but recently also TEST_CSPRNG_GENERATOR was added and it acts similarly: - MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG operates in "zephyr/modules/mbedtls/zephyr_entropy.c" allowing mbedtls_psa_external_get_random() to try both sys_csrand_get() first and then sys_rand_get() as fallback. - TEST_CSPRNG_GENERATOR instead operates in "zephyr/subsys/random/random_test_csprng.c" and it basically wraps the call to sys_csrand_get() with a call to sys_rand_get(). Albeit they operate at different level, the result is identical, so Mbed TLS should support both of them when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is set and there is no CSPRNG_ENABLED. Signed-off-by: Valerio Setti <vsetti@baylibre.com> |
||
|---|---|---|
| .. | ||
| configs | ||
| include | ||
| CMakeLists.txt | ||
| create_psa_files.py | ||
| debug.c | ||
| Kconfig | ||
| Kconfig.psa.auto | ||
| Kconfig.psa.logic | ||
| Kconfig.tls-generic | ||
| shell.c | ||
| zephyr_entropy.c | ||
| zephyr_init.c | ||