Adding defualt behaviour for platforms without TRNG.

If setting the MBEDTLS_PLATFORM_NV_SEED_ALT and MBEDTLS_ENTROPY_NV_SEED flags and not setting MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_NV_SEED_READ_MACRO flags mbed-os will add an entropy source to the relevent partition - SPE in case of daul core or in case of single core V7 to the main partition. The defualt behaviour will be to read or write the data from the ITS.
2018-11-21 17:13:27 +02:00 · 2018-11-21 17:13:27 +02:00 · 7b2c924ac7
parent bd47a8c2b8
commit 7b2c924ac7
2 changed files with 72 additions and 0 deletions
--- a/features/mbedtls/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/inc/default_random_seed.h
+++ b/features/mbedtls/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/inc/default_random_seed.h
@ -0,0 +1,42 @@
+
+
+#ifndef DEFAULT_RANDOM_SEED_H
+#define DEFAULT_RANDOM_SEED_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+
+/** Read seed from the secure storage.
+ *
+ *  This function will be the default function for reading the Random seed.
+ *
+ *   @param buf[out] buffer to hold the seed value from the secure storage
+ *   @param buf_len[in] input buffer length
+ *
+ * @returns
+ * secure storage API return value.
+ *
+ */
+int mbed_default_seed_read(unsigned char *buf, size_t buf_len);
+
+/** Writes seed to the secure storage.
+ *
+ *  This function will be the default function for writing the Random seed.
+ *
+ *   @param buf[in] buffer to the seed value
+ *   @param buf_len[in] input buffer length
+ *
+ * @returns
+ * secure storage API return value.
+ */
+int mbed_default_seed_write(unsigned char *buf, size_t buf_len);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* DEFAULT_RANDOM_SEED_H */
--- a/features/mbedtls/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/src/default_random_seed.cpp
+++ b/features/mbedtls/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/src/default_random_seed.cpp
@ -0,0 +1,30 @@
+#include "mbed.h"
+#include "crypto.h"
+#include "default_random_seed.h"
+#include "psa_prot_internal_storage.h"
+
+int mbed_default_seed_read(unsigned char *buf, size_t buf_len)
+{
+    struct psa_its_info_t info = {0, 0};
+    size_t actual_size = buf_len;
+    psa_its_get_info(MBED_RANDOM_SEED_ITS_UID, &info);
+    if (info.size < buf_len)
+    {
+        actual_size = info.size;
+    }
+    psa_its_status_t rc = psa_its_get(MBED_RANDOM_SEED_ITS_UID, 0, actual_size, buf);
+    /* Make sure that in case of an error the value will be negative
+     * Mbed TLS errors are negative values */
+    rc  = rc < 0 ? rc : (-1 * rc);
+    return (rc);
+}
+
+int mbed_default_seed_write(unsigned char *buf, size_t buf_len)
+{
+    psa_its_status_t rc = psa_its_set(MBED_RANDOM_SEED_ITS_UID, buf_len, buf, 0);
+    /* Make sure that in case of an error the value will be negative
+     * Mbed TLS errors are negative values */
+    rc  = rc < 0 ? rc : (-1 * rc);
+    return (rc);
+}
+