From 1d7195f71506d9b54e5abab768c005ff7d5bd0fa Mon Sep 17 00:00:00 2001 From: Netanel Gonen Date: Thu, 22 Nov 2018 16:24:48 +0200 Subject: [PATCH 1/3] always compile mbedtls_psa_inject_entropy In case of dual core this function header must be enable for calling the SPM entropy inject function without any use of NV_SEED --- include/psa/crypto_extra.h | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b6f5adc89..b0ca76e73 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -48,7 +48,6 @@ extern "C" { void mbedtls_psa_crypto_free( void ); -#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) /** * \brief Inject an initial entropy seed for the random generator into * secure storage. @@ -89,6 +88,13 @@ void mbedtls_psa_crypto_free( void ); * * This is an Mbed TLS extension. * + * \note This function is only available on the following platforms: + * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and + * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you + * must provide compatible implementations of mbedtls_nv_seed_read + * and mbedtls_nv_seed_write. + * * In a client-server integration of PSA Cryptography, on the client side, + * if the server supports this feature. * \param seed[in] Buffer containing the seed value to inject. * \param seed_size Size of the \p seed buffer. * The size of the seed in bytes must be greater @@ -114,7 +120,6 @@ void mbedtls_psa_crypto_free( void ); psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, size_t seed_size); -#endif #ifdef __cplusplus } From 0cfaed18582d15103a6b267d65a66f826b0cd15d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Nov 2018 17:11:45 +0200 Subject: [PATCH 2/3] fix doxigen issue Co-Authored-By: netanelgonen --- include/psa/crypto_extra.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b0ca76e73..9e8f97c9d 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -89,14 +89,14 @@ void mbedtls_psa_crypto_free( void ); * This is an Mbed TLS extension. * * \note This function is only available on the following platforms: - * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and - * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you - * must provide compatible implementations of mbedtls_nv_seed_read + * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and + * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you + * must provide compatible implementations of mbedtls_nv_seed_read * and mbedtls_nv_seed_write. - * * In a client-server integration of PSA Cryptography, on the client side, + * * In a client-server integration of PSA Cryptography, on the client side, * if the server supports this feature. - * \param seed[in] Buffer containing the seed value to inject. - * \param seed_size Size of the \p seed buffer. + * \param[in] seed Buffer containing the seed value to inject. + * \param[in] seed_size Size of the \p seed buffer. * The size of the seed in bytes must be greater * or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM * and #MBEDTLS_ENTROPY_BLOCK_SIZE. From 596e65e1a58b1e6b665a98458aea71fb4c5933da Mon Sep 17 00:00:00 2001 From: Netanel Gonen Date: Thu, 22 Nov 2018 18:41:43 +0200 Subject: [PATCH 3/3] Fix indentation --- include/psa/crypto_extra.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 9e8f97c9d..7f0885794 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -95,13 +95,13 @@ void mbedtls_psa_crypto_free( void ); * and mbedtls_nv_seed_write. * * In a client-server integration of PSA Cryptography, on the client side, * if the server supports this feature. - * \param[in] seed Buffer containing the seed value to inject. + * \param[in] seed Buffer containing the seed value to inject. * \param[in] seed_size Size of the \p seed buffer. - * The size of the seed in bytes must be greater - * or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM - * and #MBEDTLS_ENTROPY_BLOCK_SIZE. - * It must be less or equal to - * #MBEDTLS_ENTROPY_MAX_SEED_SIZE. + * The size of the seed in bytes must be greater + * or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM + * and #MBEDTLS_ENTROPY_BLOCK_SIZE. + * It must be less or equal to + * #MBEDTLS_ENTROPY_MAX_SEED_SIZE. * * \retval #PSA_SUCCESS * The seed value was injected successfully. The random generator