diff --git a/ChangeLog b/ChangeLog index 2725f383e..60383a97b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,6 +12,9 @@ Features calling mbedtls_x509_crt_parse_path(). * Added a configuration file config-no-entropy.h that enables a subset of library features that do not require an entropy source. + * Added the macro MBEDTLS_ENTROPY_MIN_HARDWARE in config.h. This allows users + to configure the minimum number of bytes for entropy sources using the + mbedtls_hardware_poll() function. Bugfix * Fix for platform time abstraction to avoid dependency issues where a build diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 91e4a0264..95f17d456 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -22,7 +22,8 @@ * Minimal configuration of features that do not require an entropy source * Distinguishing reatures: * - no entropy module - * - no TLS protocol implementation available due missing entropy source + * - no TLS protocol implementation available due to absence of an entropy + * source * * See README.txt for usage instructions. */ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 8a892d74c..a58519bd5 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2509,6 +2509,7 @@ /* Entropy options */ //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ +//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ /* Memory buffer allocator options */ //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h index 430e8651c..81258d5f3 100644 --- a/include/mbedtls/entropy_poll.h +++ b/include/mbedtls/entropy_poll.h @@ -41,7 +41,9 @@ extern "C" { #define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */ #define MBEDTLS_ENTROPY_MIN_HAVEGE 32 /**< Minimum for HAVEGE */ #define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */ +#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE) #define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */ +#endif /** * \brief Entropy poll callback that provides 0 entropy.