Create seedfile automatically in test code

[gilles-peskine-arm]

When MBEDTLS_ENTROPY_NV_SEED is enabled, any code that calls mbedtls_entropy_init needs an existing seedfile of sufficient size.

MBEDTLS_ENTROPY_NV_SEED is disabled by default, but it is enabled in the full config.

Several of our test scripts create a seedfile, including all.sh and basic-build-test.sh. So everything just works in CI runs. But when running tests manually, this can be a gotcha.

Historically this has mostly worked invisibly because test_suite_entropy happens not to require a valid seedfile on entry and to leave a valid seedfile behind when it passes, and the other test suites that call the entropy module come after entropy in alphabetical order. But if you enable MBEDTLS_USE_PSA_CRYPTO (which config.py full does) then test_suite_cipher calls psa_crypto_init which obtains entropy and therefore requires a seedfile. Since cipher comes before entropy, if you haven't created a seedfile manually, psa_crypto_init() fails.

Another failure reason is when the seedfile is too small. The size of the seedfile is determined by
the hash that the entropy module uses. If you run tests with either MBEDTLS_SHA512_C disabled or MBEDTLS_ENTROPY_FORCE_SHA256 enabled, and then run tests with MBEDTLS_SHA512_C enabled or MBEDTLS_ENTROPY_FORCE_SHA256 disabled, and MBEDTLS_ENTROPY_NV_SEED enabled in both cases, the second test run starts with a seedfile that's too small, and again it will fail if something needs entropy before test_suite_entropy.

In production, the seedfile should contain cryptographic-quality random data. In tests, this isn't necessary. So I think we should add automatic seedfile creation to the test suite, but not to the sample programs.

The seedfile read/write functions are configurable, and if they're set to non-default values, they might not access a file via stdio. So the test startup code should only work in terms of the mbedtls_nv_seed_write and mbedtls_nv_seed_read abstractions.

[yuhaoth]

#5989 can fix this