Add a build with NV seed as the only entropy source Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: bd6fb46ff67c3d993ef3a9241cf681091465fb88 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Fri Jun 06 10:18:36 2025 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Fri Jun 06 10:18:36 2025 +0200
tree: 1f5dc1ca00d22dc0ba1d2941d187db951ab1185e
parent: 582b6fbad37b3f0ffde55bc1356f31ea3a1791f2 [diff] [blame]
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index e3096f3..c0c39be 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh

@@ -426,6 +426,23 @@
     tests/ssl-opt.sh -f 'Default\|opaque'
 }
 
+component_test_entropy_nv_seed_only () {
+    msg: "build: full minus platform entropy (NV seed only)"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_NO_PLATFORM_ENTROPY
+    make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+
+    msg: "build: full minus platform entropy (NV seed only)"
+    make test
+
+    # Check that the library seems to refer to the seedfile, but not to
+    # platform entropy sources.
+    grep seedfile library/platform.o
+    not grep getrandom library/entropy*.o
+    not grep /dev/random library/entropy*.o
+    not grep /dev/.random library/entropy*.o
+}
+
 component_test_psa_inject_entropy () {
     msg "build: full + MBEDTLS_PSA_INJECT_ENTROPY"
     scripts/config.py full
commit	bd6fb46ff67c3d993ef3a9241cf681091465fb88	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Jun 06 10:18:36 2025 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Jun 06 10:18:36 2025 +0200
tree	1f5dc1ca00d22dc0ba1d2941d187db951ab1185e
parent	582b6fbad37b3f0ffde55bc1356f31ea3a1791f2 [diff] [blame]