commit a928e6727876377322d2fafe46383126e9c69e05
author Andres Amaya Garcia <andama01@arm.com> Tue Sep 13 13:30:02 2016 +0100
committer Simon Butcher <simon.butcher@arm.com> Tue Sep 13 13:30:02 2016 +0100
tree 7acf43e64d93db681aae9d41f8b92b4ee55f05e8
parent c0d76b8255f000aa8cfd64d6106a0024e8672259

Documentation and entropy self test changes (#610)

Ensure that the entropy self test always fails whenever
MBEDTLS_TEST_NULL_ENTROPY is defined. This is because the option is
meant to be for testing and development purposes rather than production
quality software. Also, this patch enhances the documentation for
mbedtls_entropy_source_self_test() and mbedtls_entropy_self_test().

include/mbedtls/entropy.h

diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 19e8e72..747aca4 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -255,6 +255,9 @@
 /**
  * \brief          Checkup routine
  *
+ *                 This module self-test also calls the entropy self-test,
+ *                 mbedtls_entropy_source_self_test();
+ *
  * \return         0 if successful, or 1 if a test failed
  */
 int mbedtls_entropy_self_test( int verbose );
@@ -263,6 +266,14 @@
 /**
  * \brief          Checkup routine
  *
+ *                 Verifies the integrity of the hardware entropy source
+ *                 provided by the function 'mbedtls_hardware_poll()'.
+ *
+ *                 Note this is the only hardware entropy source that is known
+ *                 at link time, and other entropy sources configured
+ *                 dynamically at runtime by the function
+ *                 mbedtls_entropy_add_source() will not be tested.
+ *
  * \return         0 if successful, or 1 if a test failed
  */
 int mbedtls_entropy_source_self_test( int verbose );