Open Patater opened 5 years ago
In https://github.com/gilles-peskine-arm/mbed-crypto/tree/psa-inject_entropy-force_seed-1 I've implemented some unit tests and added NV seed callbacks that use the PSA entropy file. I've also patched the platform module to always use the PSA NV seed callbacks, which isn't right because it breaks non-PSA use of the NV seed.
Internal Jira reference: https://jira.arm.com/browse/IOTCRYPT-806
Apologies, this was closed in error by the automated bot - re-opening.
Description
Currently, a user must define their own NV seed read and write callbacks when they enable PSA entropy injection. Also, they must ensure that their NV seed read and write callbacks are compatible with how the seed is written from Mbed Crypto. This is bad coupling and makes the feature too hard to use.
Instead, provide default, Mbed-Crypto-compatible NV seed read and write callbacks, automatically register them with the Mbed TLS NV Seed system, and error if any other NV Seed configuration options are set (as only one set of NV Seed callbacks can be present in any given system).
Issue request type