From 7c90a9e314e6e393d30d86c4bed1f3cbbf3a92ad Mon Sep 17 00:00:00 2001 From: TomoYamanaka Date: Fri, 24 Aug 2018 12:06:01 +0900 Subject: [PATCH] Improve the config adjustment script for ENTROPY_NV_SEED Although "nv_seed" is one of "entropy", it doesn't included to the "!defined" lineup in the following config file. Therefore, when MBEDTLS_ENTROPY_NV_SEED is defined, it is accidently invoked "mbedtls/config-no-entropy.h". mbed-os\features\mbedtls\inc\mbedtls\config.h I think that correct processing should go to line 47, not line 40. --- features/mbedtls/importer/adjust-config.sh | 61 +++++++++++----------- 1 file changed, 31 insertions(+), 30 deletions(-) diff --git a/features/mbedtls/importer/adjust-config.sh b/features/mbedtls/importer/adjust-config.sh index 7fe26c353ae..d025783abf4 100755 --- a/features/mbedtls/importer/adjust-config.sh +++ b/features/mbedtls/importer/adjust-config.sh @@ -37,38 +37,39 @@ add_code() { # add an #ifndef to include config-no-entropy.h when the target does not have # an entropy source we can use. -add_code \ - "#ifndef MBEDTLS_CONFIG_H\n" \ - "\n" \ - "#include \"platform\/inc\/platform_mbed.h\"\n" \ - "\n" \ - "\/*\n" \ - " * Only use features that do not require an entropy source when\n" \ - " * DEVICE_ENTROPY_SOURCE is not defined in mbed OS.\n" \ - " *\/\n" \ - "#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_TEST_NULL_ENTROPY)\n" \ - "#include \"mbedtls\/config-no-entropy.h\"\n" \ - "\n" \ - "#if defined(MBEDTLS_USER_CONFIG_FILE)\n" \ - "#include MBEDTLS_USER_CONFIG_FILE\n" \ - "#endif\n" \ - "\n" \ +add_code \ + "#ifndef MBEDTLS_CONFIG_H\n" \ + "\n" \ + "#include \"platform\/inc\/platform_mbed.h\"\n" \ + "\n" \ + "\/*\n" \ + " * Only use features that do not require an entropy source when\n" \ + " * DEVICE_ENTROPY_SOURCE is not defined in mbed OS.\n" \ + " *\/\n" \ + "#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n" \ + " !defined(MBEDTLS_ENTROPY_NV_SEED)\n" \ + "#include \"mbedtls\/config-no-entropy.h\"\n" \ + "\n" \ + "#if defined(MBEDTLS_USER_CONFIG_FILE)\n" \ + "#include MBEDTLS_USER_CONFIG_FILE\n" \ + "#endif\n" \ + "\n" \ "#else\n" -add_code \ - "#include \"check_config.h\"\n" \ - "\n" \ - "#endif \/* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_TEST_NULL_ENTROPY *\/\n" \ - "\n" \ - "#if defined(MBEDTLS_TEST_NULL_ENTROPY)\n" \ - "#warning \"MBEDTLS_TEST_NULL_ENTROPY has been enabled. This \" \\\\\n" \ - " \"configuration is not secure and is not suitable for production use\"\n" \ - "#endif\n" \ - "\n" \ - "#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n" \ - " !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_ENTROPY_NV_SEED)\n" \ - "#error \"No entropy source was found at build time, so TLS \" \\\\\n" \ - " \"functionality is not available\"\n" \ +add_code \ + "#include \"check_config.h\"\n" \ + "\n" \ + "#endif \/* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_TEST_NULL_ENTROPY && !MBEDTLS_ENTROPY_NV_SEED *\/\n" \ + "\n" \ + "#if defined(MBEDTLS_TEST_NULL_ENTROPY)\n" \ + "#warning \"MBEDTLS_TEST_NULL_ENTROPY has been enabled. This \" \\\\\n" \ + " \"configuration is not secure and is not suitable for production use\"\n" \ + "#endif\n" \ + "\n" \ + "#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n" \ + " !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_ENTROPY_NV_SEED)\n" \ + "#error \"No entropy source was found at build time, so TLS \" \\\\\n" \ + " \"functionality is not available\"\n" \ "#endif\n" # not supported on mbed OS, nor used by mbed Client