commit bf82ff0209d06546ca968e2c9bbafadb90694e97
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Jun 19 09:40:51 2015 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jun 22 14:40:56 2015 +0200
tree 1fdb5a25c9a5787862daaeff60728eeec0879a72
parent 60c793bdc91c6a41bdb4bf7ab76ebb24a9330963

Fix entropy thresholds

include/mbedtls/entropy.h

diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 039664b..a99d20d 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -107,8 +107,8 @@
 {
     mbedtls_entropy_f_source_ptr    f_source;   /**< The entropy source callback */
     void *          p_source;   /**< The callback data pointer */
-    size_t          size;       /**< Amount received */
-    size_t          threshold;  /**< Minimum level required before release */
+    size_t          size;       /**< Amount received in bytes */
+    size_t          threshold;  /**< Minimum bytes required before release */
 }
 mbedtls_entropy_source_state;
 
@@ -155,7 +155,7 @@
  * \param f_source  Entropy function
  * \param p_source  Function data
  * \param threshold Minimum required from source before entropy is released
- *                  ( with mbedtls_entropy_func() )
+ *                  ( with mbedtls_entropy_func() ) (in bytes)
  *
  * \return          0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
  */

include/mbedtls/entropy_poll.h

diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h
index 34746f9..231042e 100644
--- a/include/mbedtls/entropy_poll.h
+++ b/include/mbedtls/entropy_poll.h
@@ -37,11 +37,11 @@
 #endif
 
 /*
- * Default thresholds for built-in sources
+ * Default thresholds for built-in sources, in bytes
  */
-#define MBEDTLS_ENTROPY_MIN_PLATFORM    128     /**< Minimum for platform source    */
-#define MBEDTLS_ENTROPY_MIN_HAVEGE      128     /**< Minimum for HAVEGE             */
-#define MBEDTLS_ENTROPY_MIN_HARDCLOCK    32     /**< Minimum for mbedtls_timing_hardclock()        */
+#define MBEDTLS_ENTROPY_MIN_PLATFORM     32     /**< Minimum for platform source    */
+#define MBEDTLS_ENTROPY_MIN_HAVEGE       32     /**< Minimum for HAVEGE             */
+#define MBEDTLS_ENTROPY_MIN_HARDCLOCK     4     /**< Minimum for mbedtls_timing_hardclock()        */
 
 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
 /**

library/entropy.c

diff --git a/library/entropy.c b/library/entropy.c
index 3626d34..fa3dcde 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -250,7 +250,7 @@
 
 int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
 {
-    int ret, count = 0, i, reached;
+    int ret, count = 0, i, done;
     mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data;
     unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
 
@@ -276,13 +276,12 @@
         if( ( ret = entropy_gather_internal( ctx ) ) != 0 )
             goto exit;
 
-        reached = 0;
-
+        done = 1;
         for( i = 0; i < ctx->source_count; i++ )
-            if( ctx->source[i].size >= ctx->source[i].threshold )
-                reached++;
+            if( ctx->source[i].size < ctx->source[i].threshold )
+                done = 0;
     }
-    while( reached != ctx->source_count );
+    while( ! done );
 
     memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );