Gate entropy injection through a dedicated configuration option Entropy injection has specific testing requirements. Therefore it should depend on a specific option.

commit: e3dbdd8d908218c7b7c3c3a62babb658c5c8a2a4 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Mon Feb 25 11:04:06 2019 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Fri Mar 15 11:15:21 2019 +0100
tree: 1874901ca65dcc27f9c9d5d5c69efb522952ccf8
parent: 6bf4baef953eac07516a5dc44f96846561e26438 [diff]
diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 7f7c0cf..4873c36 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h

@@ -1232,6 +1232,19 @@
 //#define MBEDTLS_PSA_CRYPTO_SPM
 
 /**
+ * \def MBEDTLS_PSA_INJECT_ENTROPY
+ *
+ * Enable support for entropy injection at first boot. This feature is
+ * required on systems that do not have a built-in entropy source (TRNG).
+ * This feature is currently not supported on systems that have a built-in
+ * entropy source.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED
+ *
+ */
+//#define MBEDTLS_PSA_INJECT_ENTROPY
+
+/**
  * \def MBEDTLS_RSA_NO_CRT
  *
  * Do not use the Chinese Remainder Theorem
@@ -2715,7 +2728,7 @@
  *
  * Requires: MBEDTLS_FS_IO
  */
-//#define MBEDTLS_PSA_ITS_FILE_C
+#define MBEDTLS_PSA_ITS_FILE_C
 
 /**
  * \def MBEDTLS_RIPEMD160_C
commit	e3dbdd8d908218c7b7c3c3a62babb658c5c8a2a4	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Feb 25 11:04:06 2019 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Mar 15 11:15:21 2019 +0100
tree	1874901ca65dcc27f9c9d5d5c69efb522952ccf8
parent	6bf4baef953eac07516a5dc44f96846561e26438 [diff]