TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c6deafc0d495b3e80cd42cf8de451960f6e2190d^! / .
commitc6deafc0d495b3e80cd42cf8de451960f6e2190d[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Sun Jul 23 14:06:42 2017 +0100
committerHanno Becker <hanno.becker@arm.com>Mon Jul 24 09:09:01 2017 +0100
tree1906d161d9187e76bfb308648b0354b2039ea41d
parentf058f34b5a892e73c0fe465e3180feab4659080a [diff]
Omit RSA key generation test if no strong entropy is present

The RSA key generation test needs strong entropy to succeed. This commit captures the presence of a strong entropy
source in a preprocessor flag and only runs the key generation test if that flag is set.

diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 747aca4..b374b34 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h

@@ -55,6 +55,16 @@
 #define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE              -0x003D  /**< No strong sources have been added to poll. */
 #define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR                 -0x003F  /**< Read/write error in file. */
 
+/* Indicates whether at least one standard strong entropy source is enabled. */
+#if defined(MBEDTLS_TEST_NULL_ENTROPY) ||             \
+    ( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
+      ( !defined(MBEDTLS_NO_PLATFORM_ENTROPY)  ||     \
+         defined(MBEDTLS_HAVEGE_C)             ||     \
+         defined(MBEDTLS_ENTROPY_HARDWARE_ALT) ||     \
+         defined(ENTROPY_NV_SEED) ) )
+#define MBEDTLS_ENTROPY_HAVE_STRONG
+#endif
+
 /**
  * \name SECTION: Module settings
  *

diff --git a/library/entropy.c b/library/entropy.c
index d4d1b27..4de1682 100644
--- a/library/entropy.c
+++ b/library/entropy.c

@@ -83,6 +83,9 @@
     mbedtls_havege_init( &ctx->havege_data );
 #endif
 
+    /* Reminder: Update MBEDTLS_ENTROPY_HAVE_STRONG when
+     *           adding more strong entropy sources here. */
+
 #if defined(MBEDTLS_TEST_NULL_ENTROPY)
     mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
                                 1, MBEDTLS_ENTROPY_SOURCE_STRONG );

diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data
index 5cff399..bf9ce49 100644
--- a/tests/suites/test_suite_entropy.data
+++ b/tests/suites/test_suite_entropy.data

@@ -52,10 +52,14 @@
 Check NV seed manually #3
 entropy_nv_seed:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
 
-Entropy self test
-depends_on:!MBEDTLS_TEST_NULL_ENTROPY
+Entropy self test (with strong entropy)
+depends_on:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_ENTROPY_HAVE_STRONG
 entropy_selftest:0
 
+Entropy self test (without strong entropy)
+depends_on:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_ENTROPY_HAVE_STRONG
+entropy_selftest:1
+
 Entropy self test (MBEDTLS_TEST_NULL_ENTROPY)
 depends_on:MBEDTLS_TEST_NULL_ENTROPY
 entropy_selftest:1

diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index e9ae1bf..f64e1a7 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function

@@ -658,7 +658,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
+/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_HAVE_STRONG */
 void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
 {
     mbedtls_rsa_context ctx;