commit 3f77dfbd520b1360dd05b06e23004dd23846b0ea
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Jun 19 10:06:21 2015 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jun 22 14:40:56 2015 +0200
tree c639e880f166623b884e57fbc849d8ecb724275d
parent bf82ff0209d06546ca968e2c9bbafadb90694e97

Add MBEDTLS_ENTROPY_HARDWARE_ALT

Makes it easier for an external module to plug its hardware entropy collector.

include/mbedtls/config.h

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 3c0fb13..f1cfe75 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -278,6 +278,19 @@
 //#define MBEDTLS_AES_DECRYPT_ALT
 
 /**
+ * \def MBEDTLS_EMTROPY_HARDWARE_ALT
+ *
+ * Uncomment this macro to let mbed TLS use your own implementation of a
+ * hardware entropy collector.
+ *
+ * Your function must be called \c mbedtls_hardware_poll(), have the same
+ * prototype as declared in entropy_poll.h, and accept NULL as first argument.
+ *
+ * Uncomment to use your own hardware entropy collector.
+ */
+//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+/**
  * \def MBEDTLS_AES_ROM_TABLES
  *
  * Store the AES tables in ROM.

include/mbedtls/entropy_poll.h

diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h
index 231042e..8ee1e1a 100644
--- a/include/mbedtls/entropy_poll.h
+++ b/include/mbedtls/entropy_poll.h
@@ -42,6 +42,7 @@
 #define MBEDTLS_ENTROPY_MIN_PLATFORM     32     /**< Minimum for platform source    */
 #define MBEDTLS_ENTROPY_MIN_HAVEGE       32     /**< Minimum for HAVEGE             */
 #define MBEDTLS_ENTROPY_MIN_HARDCLOCK     4     /**< Minimum for mbedtls_timing_hardclock()        */
+#define MBEDTLS_ENTROPY_MIN_HARDWARE     32     /**< Minimum for the hardware source */
 
 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
 /**
@@ -69,6 +70,19 @@
                     unsigned char *output, size_t len, size_t *olen );
 #endif
 
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+/**
+ * \brief           Entropy poll callback for a hardware source
+ *
+ * \warning         This is not provided by mbed TLS!
+ *                  See \c MBEDTLS_ENTROPY_HARDWARE_ALT in config.h.
+ *
+ * \note            This must accept NULL as its first argument.
+ */
+int mbedtls_hardware_poll( void *data,
+                           unsigned char *output, size_t len, size_t *olen );
+#endif
+
 #ifdef __cplusplus
 }
 #endif

library/entropy.c

diff --git a/library/entropy.c b/library/entropy.c
index fa3dcde..4dddb75 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -86,6 +86,10 @@
     mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
                         MBEDTLS_ENTROPY_MIN_HAVEGE );
 #endif
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL
+                                MBEDTLS_ENTROPY_MIN_HARDWARE );
+#endif
 #endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
 }