From b9cfe58180e462c4e3b41f499e1fb93470c37bbd Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 2 Oct 2019 19:00:57 +0200
Subject: [PATCH] DRBG documentation: Relate f_entropy arguments to the entropy
 module

---
 include/mbedtls/ctr_drbg.h  | 10 ++++++++++
 include/mbedtls/hmac_drbg.h |  7 +++++++
 2 files changed, 17 insertions(+)

diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index 6626024aa..59550797c 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -179,6 +179,16 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
  * \brief               This function seeds and sets up the CTR_DRBG
  *                      entropy source for future reseeds.
  *
+ * A typical choice for the \p f_entropy and \p p_entropy parameters is
+ * to use the entropy module:
+ * - \p f_entropy is mbedtls_entropy_func();
+ * - \p p_entropy is an instance of ::mbedtls_entropy_context initialized
+ *   with mbedtls_entropy_init() (which registers the platform's default
+ *   entropy sources).
+ *
+ * \p f_entropy is always called with a buffer size equal to the entropy
+ * length described in the documentation of mbedtls_ctr_drbg_set_entropy_len().
+ *
  * You can provide a personalization string in addition to the
  * entropy source, to make this instantiation as unique as possible.
  *
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index f253b9afa..bcecba93d 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -122,6 +122,13 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
  *
  * Set the initial seed and set up the entropy source for future reseeds.
  *
+ * A typical choice for the \p f_entropy and \p p_entropy parameters is
+ * to use the entropy module:
+ * - \p f_entropy is mbedtls_entropy_func();
+ * - \p p_entropy is an instance of ::mbedtls_entropy_context initialized
+ *   with mbedtls_entropy_init() (which registers the platform's default
+ *   entropy sources).
+ *
  * You can provide a personalization string in addition to the
  * entropy source, to make this instantiation as unique as possible.
  *