Disable the insecure PSA test RNG by default To reduce the risk of people accidentally using the test implementation of mbedtls_psa_external_get_random(), which is insecure, require the user to explicitly call mbedtls_test_enable_insecure_external_rng() first. Disabling the test implementation of mbedtls_psa_external_get_random() will also allow negative testing for MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG, which will be added in a subsequent commit. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: 76175ba785322b0beb4d0cc2a0c1fe406f032dd4 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Tue Nov 24 18:39:12 2020 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Wed Jan 06 18:21:18 2021 +0100
tree: 55b09b81117621d616f0491499671bb8b7db1407
parent: f6be590bf6dae361a0a16f71227fc2e9c809ce6a [diff] [blame]
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index 256224e..98dab3e 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function

@@ -164,6 +164,10 @@
  */
 void execute_function_ptr(TestWrapper_t fp, void **params)
 {
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    mbedtls_test_enable_insecure_external_rng( );
+#endif
+
 #if defined(MBEDTLS_CHECK_PARAMS)
     mbedtls_test_param_failed_location_record_t location_record;
commit	76175ba785322b0beb4d0cc2a0c1fe406f032dd4	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Nov 24 18:39:12 2020 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Jan 06 18:21:18 2021 +0100
tree	55b09b81117621d616f0491499671bb8b7db1407
parent	f6be590bf6dae361a0a16f71227fc2e9c809ce6a [diff] [blame]