Modify mbed TLS config.h to use NV seed

The config.h now takes into consideration whether the mbed TLS NV Seed
feature is present to decide which configuration is actually going to
be used.

Author: Andres Amaya Garcia

features/mbedtls/importer/adjust-config.sh

@@ -37,36 +37,42 @@ add_code() {
 
 # add an #ifndef to include config-no-entropy.h when the target does not have
 # an entropy source we can use.
-add_code                                                                                  \
-    "#ifndef MBEDTLS_CONFIG_H\n"                                                          \
-    "\n"                                                                                  \
-    "#include \"platform\/inc\/platform_mbed.h\"\n"                                       \
-    "\n"                                                                                  \
-    "\/*\n"                                                                               \
-    " * Only use features that do not require an entropy source when\n"                   \
-    " * DEVICE_ENTROPY_SOURCE is not defined in mbed OS.\n"                               \
-    " *\/\n"                                                                              \
-    "#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_TEST_NULL_ENTROPY)\n" \
-    "#include \"mbedtls\/config-no-entropy.h\"\n"                                         \
-    "\n"                                                                                  \
-    "#if defined(MBEDTLS_USER_CONFIG_FILE)\n"                                             \
-    "#include MBEDTLS_USER_CONFIG_FILE\n"                                                 \
-    "#endif\n"                                                                            \
-    "\n"                                                                                  \
+add_code                                                                \
+    "#ifndef MBEDTLS_CONFIG_H\n"                                        \
+    "\n"                                                                \
+    "#include \"platform\/inc\/platform_mbed.h\"\n"                     \
+    "\n"                                                                \
+    "\/*\n"                                                             \
+    " * Only use features that do not require an entropy source when\n" \
+    " * this is not available in Mbed OS. For more information on\n"    \
+    " * Mbed TLS entropy options please refer to entropy.h\n"           \
+    " *\/\n"                                                            \
+    "#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && \\\\\n"              \
+    "    !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n"                 \
+    "    !defined(MBEDTLS_ENTROPY_NV_SEED)\n"                           \
+    "#include \"mbedtls\/config-no-entropy.h\"\n"                       \
+    "\n"                                                                \
+    "#if defined(MBEDTLS_USER_CONFIG_FILE)\n"                           \
+    "#include MBEDTLS_USER_CONFIG_FILE\n"                               \
+    "#endif\n"                                                          \
+    "\n"                                                                \
     "#else\n"
 
 add_code                                                                              \
     "#include \"check_config.h\"\n"                                                   \
     "\n"                                                                              \
-    "#endif \/* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_TEST_NULL_ENTROPY *\/\n"    \
+    "#endif \/* !MBEDTLS_ENTROPY_HARDWARE_ALT &&\n"                                   \
+    "        * !MBEDTLS_TEST_NULL_ENTROPY &&\n"                                       \
+    "        * !MBEDTLS_ENTROPY_NV_SEED *\/\n"                                        \
     "\n"                                                                              \
     "#if defined(MBEDTLS_TEST_NULL_ENTROPY)\n"                                        \
     "#warning \"MBEDTLS_TEST_NULL_ENTROPY has been enabled. This \" \\\\\n"           \
     "    \"configuration is not secure and is not suitable for production use\"\n"    \
     "#endif\n"                                                                        \
     "\n"                                                                              \
     "#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n" \
-    "    !defined(MBEDTLS_ENTROPY_HARDWARE_ALT)\n"                                    \
+    "    !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && \\\\\n"                            \
+    "    !defined(MBEDTLS_ENTROPY_NV_SEED)\n"                                         \
     "#error \"No entropy source was found at build time, so TLS \" \\\\\n"            \
     "    \"functionality is not available\"\n"                                        \
     "#endif\n"

features/mbedtls/inc/mbedtls/config.h

@@ -31,9 +31,12 @@
 
 /*
  * Only use features that do not require an entropy source when
- * DEVICE_ENTROPY_SOURCE is not defined in mbed OS.
+ * this is not available in Mbed OS. For more information on
+ * Mbed TLS entropy options please refer to entropy.h
  */
-#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_TEST_NULL_ENTROPY)
+#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && \
+    !defined(MBEDTLS_TEST_NULL_ENTROPY) && \
+    !defined(MBEDTLS_ENTROPY_NV_SEED)
 #include "mbedtls/config-no-entropy.h"
 
 #if defined(MBEDTLS_USER_CONFIG_FILE)
@@ -2731,15 +2734,18 @@
 
 #include "check_config.h"
 
-#endif /* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_TEST_NULL_ENTROPY */
+#endif /* !MBEDTLS_ENTROPY_HARDWARE_ALT &&
+        * !MBEDTLS_TEST_NULL_ENTROPY &&
+        * !MBEDTLS_ENTROPY_NV_SEED */
 
 #if defined(MBEDTLS_TEST_NULL_ENTROPY)
 #warning "MBEDTLS_TEST_NULL_ENTROPY has been enabled. This " \
     "configuration is not secure and is not suitable for production use"
 #endif
 
 #if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \
-    !defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && \
+    !defined(MBEDTLS_ENTROPY_NV_SEED)
 #error "No entropy source was found at build time, so TLS " \
     "functionality is not available"
 #endif