Add MBEDTLS_ENTROPY_HARDWARE_ALT

Makes it easier for an external module to plug its hardware entropy collector.
2025-11-03 12:11:27 -05:00 · 2015-06-19 10:06:21 +02:00 · 2015-06-19 10:06:21 +02:00 · 3f77dfbd52
commit 3f77dfbd52
parent bf82ff0209
3 changed files with 31 additions and 0 deletions
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@ -277,6 +277,19 @@
 //#define MBEDTLS_AES_ENCRYPT_ALT
 //#define MBEDTLS_AES_DECRYPT_ALT

+/**
+ * \def MBEDTLS_EMTROPY_HARDWARE_ALT
+ *
+ * Uncomment this macro to let mbed TLS use your own implementation of a
+ * hardware entropy collector.
+ *
+ * Your function must be called \c mbedtls_hardware_poll(), have the same
+ * prototype as declared in entropy_poll.h, and accept NULL as first argument.
+ *
+ * Uncomment to use your own hardware entropy collector.
+ */
+//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
 /**
 * \def MBEDTLS_AES_ROM_TABLES
 *
--- a/include/mbedtls/entropy_poll.h
+++ b/include/mbedtls/entropy_poll.h
@ -42,6 +42,7 @@ extern "C" {
 #define MBEDTLS_ENTROPY_MIN_PLATFORM     32     /**< Minimum for platform source    */
 #define MBEDTLS_ENTROPY_MIN_HAVEGE       32     /**< Minimum for HAVEGE             */
 #define MBEDTLS_ENTROPY_MIN_HARDCLOCK     4     /**< Minimum for mbedtls_timing_hardclock()        */
+#define MBEDTLS_ENTROPY_MIN_HARDWARE     32     /**< Minimum for the hardware source */

 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
 /**
@ -69,6 +70,19 @@ int mbedtls_hardclock_poll( void *data,
                    unsigned char *output, size_t len, size_t *olen );
 #endif

+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+/**
+ * \brief           Entropy poll callback for a hardware source
+ *
+ * \warning         This is not provided by mbed TLS!
+ *                  See \c MBEDTLS_ENTROPY_HARDWARE_ALT in config.h.
+ *
+ * \note            This must accept NULL as its first argument.
+ */
+int mbedtls_hardware_poll( void *data,
+                           unsigned char *output, size_t len, size_t *olen );
+#endif
+
 #ifdef __cplusplus
 }
 #endif
--- a/library/entropy.c
+++ b/library/entropy.c
@ -86,6 +86,10 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
    mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
                        MBEDTLS_ENTROPY_MIN_HAVEGE );
 #endif
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL
+                                MBEDTLS_ENTROPY_MIN_HARDWARE );
+#endif
 #endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
 }