Refuse reproducible mode with MBEDTLS_USE_PSA_CRYPTO
With MBEDTLS_USE_PSA_CRYPTO, some of the randomness for the TLS
connection is generated inside the PSA crypto subsystem, which has no
reproducible mode. Whether there is a nonzero amount of randomness
coming from inside the PSA subsystem rather than from the random
generator set by mbedtls_ssl_conf_rng() depends on the choice of
cipher suite and other connection parameters as well as the level of
support for MBEDTLS_USE_PSA_CRYPTO. Rather than give unreliable
results, conservatively abort with a clear error message.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
index 46cea14..56e9431 100644
--- a/programs/ssl/ssl_test_lib.c
+++ b/programs/ssl/ssl_test_lib.c
@@ -76,6 +76,14 @@
int rng_seed( rng_context_t *rng, int reproducible, const char *pers )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( reproducible )
+ {
+ mbedtls_fprintf( stderr,
+ "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n" );
+ return( -1 );
+ }
+#endif
int ( *f_entropy )( void *, unsigned char *, size_t ) =
( reproducible ? dummy_entropy : mbedtls_entropy_func );