Fix confusing comment in ctr drbg thread test
Make it clearer where the magic number chosen for entropy_len actually
comes from, and why we chose this value.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index 425c43e..63524f2 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -354,7 +354,12 @@
const size_t n_random_calls = thread_count * thread_random_reps + 1;
- /* Based on the size of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA512. */
+ /* This is a known-answer test, and although tests use a mock entropy
+ * function the input entropy length will still affect the output.
+ * We therefore need to pick a fixed entropy length, rather than using the
+ * default entropy length (MBEDTLS_CTR_DRBG_ENTROPY_LEN). We've chosen to
+ * use the default value of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA-512,
+ * as this was the value used when the expected answers were calculated. */
const size_t entropy_len = 48;
AES_PSA_INIT();
@@ -367,8 +372,8 @@
test_offset_idx = 0;
- /* Need to do this, otherwise if we are forced into using SHA256 for
- * whaever reason, output will differ. */
+ /* Need to set a non-default fixed entropy len, to ensure same output across
+ * all configs - see above for details. */
mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_len);
if (reseed == 0) {