feat(tc): provide a mock mbedtls-random generation function
Simulated the utilization of an external RNG through the
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG configuration option in mbedTLS.
Consequently, an implementation of mbedtls_psa_external_get_random()
is provided. Given the absence of actual external RNG support,
we provide a mock implementation by utilizing the system counter to
fill the the buffer to provide a random number, specifically tailored
for the use exclusively within the TF-M testsuite.
While this method is not ideal for generating random numbers,
alternatives like the 'rand' library function are not feasible due to
lack of support in TF-A. Additionally, the architectural 'rand'
instruction is not viable, as it is only supported for platforms with
Armv8.5-a+ architecture as an optional feature.
mbedtls_psa_external_get_random() function comes into play during the
exportation of the public portion of the delegated attestation key.
This helps in using mbedTLS-3.4.1 for running the delegated attestation
tests on TC platform.
Change-Id: Ifcf4e3231aad93595e00c353a4b0c606c0ef9fc2
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
diff --git a/plat/arm/board/tc/plat_tc_mbedtls_config.h b/plat/arm/board/tc/plat_tc_mbedtls_config.h
index f0aa60b..773629c 100644
--- a/plat/arm/board/tc/plat_tc_mbedtls_config.h
+++ b/plat/arm/board/tc/plat_tc_mbedtls_config.h
@@ -22,11 +22,7 @@
#endif
#define MBEDTLS_PSA_CRYPTO_C
-#define MBEDTLS_HMAC_DRBG_C
-#define MBEDTLS_ENTROPY_C
-#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
-#define MBEDTLS_NO_PLATFORM_ENTROPY
-#define MBEDTLS_TEST_NULL_ENTROPY
+#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
#define MBEDTLS_ECP_C
#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
diff --git a/plat/arm/board/tc/tc_bl31_setup.c b/plat/arm/board/tc/tc_bl31_setup.c
index ff7809d..80e5370 100644
--- a/plat/arm/board/tc/tc_bl31_setup.c
+++ b/plat/arm/board/tc/tc_bl31_setup.c
@@ -9,6 +9,7 @@
#include <libfdt.h>
#include <tc_plat.h>
+#include <arch_helpers.h>
#include <common/bl_common.h>
#include <common/debug.h>
#include <drivers/arm/css/css_mhu_doorbell.h>
@@ -19,6 +20,34 @@
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
+#include <psa/crypto_platform.h>
+#include <psa/crypto_types.h>
+#include <psa/crypto_values.h>
+
+#ifdef PLATFORM_TEST_TFM_TESTSUITE
+/*
+ * We pretend using an external RNG (through MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+ * mbedTLS config option) so we need to provide an implementation of
+ * mbedtls_psa_external_get_random(). Provide a fake one, since we do not
+ * actually use any of external RNG and this function is only needed during
+ * the execution of TF-M testsuite during exporting the public part of the
+ * delegated attestation key.
+ */
+psa_status_t mbedtls_psa_external_get_random(
+ mbedtls_psa_external_random_context_t *context,
+ uint8_t *output, size_t output_size,
+ size_t *output_length)
+{
+ for (size_t i = 0U; i < output_size; i++) {
+ output[i] = (uint8_t)(read_cntpct_el0() & 0xFFU);
+ }
+
+ *output_length = output_size;
+
+ return PSA_SUCCESS;
+}
+#endif /* PLATFORM_TEST_TFM_TESTSUITE */
+
static scmi_channel_plat_info_t tc_scmi_plat_info[] = {
{
.scmi_mbx_mem = CSS_SCMI_PAYLOAD_BASE,