Mbed-TLS
diff --git a/‎scripts/generate_config_tests.py
Lines changed: 3 additions & 1 deletion b/‎scripts/generate_config_tests.py
Lines changed: 3 additions & 1 deletion
diff --git a/‎tests/include/test/fake_external_rng_for_test.h
Lines changed: 17 additions & 0 deletions b/‎tests/include/test/fake_external_rng_for_test.h
Lines changed: 17 additions & 0 deletions
diff --git a/‎tests/src/fake_external_rng_for_test.c
Lines changed: 22 additions & 5 deletions b/‎tests/src/fake_external_rng_for_test.c
Lines changed: 22 additions & 5 deletions
@@ -58,14 +58,16 @@ def single_setting_case(setting: config_common.Setting, when_on: bool,
     'MBEDTLS_ERROR_STRERROR_DUMMY': '!MBEDTLS_ERROR_C',
     'MBEDTLS_GENPRIME': 'MBEDTLS_RSA_C',
     'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES': 'MBEDTLS_ENTROPY_C',
-    'MBEDTLS_NO_PLATFORM_ENTROPY': 'MBEDTLS_ENTROPY_C',
     'MBEDTLS_PKCS1_V15': 'MBEDTLS_RSA_C',
     'MBEDTLS_PKCS1_V21': 'MBEDTLS_RSA_C',
     'MBEDTLS_PSA_CRYPTO_CLIENT': '!MBEDTLS_PSA_CRYPTO_C',
     'MBEDTLS_PSA_INJECT_ENTROPY': 'MBEDTLS_PSA_CRYPTO_C',
     'MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS': 'MBEDTLS_PSA_CRYPTO_C',
 }
 
+if build_tree.is_mbedtls_3_6():
+    SIMPLE_DEPENDENCIES['MBEDTLS_NO_PLATFORM_ENTROPY'] = 'MBEDTLS_ENTROPY_C'
+
 def dependencies_of_setting(cfg: config_common.Config,
                             setting: config_common.Setting) -> Optional[str]:
     """Return dependencies without which a setting is not meaningful.
 
@@ -37,4 +37,21 @@ void mbedtls_test_enable_insecure_external_rng(void);
 void mbedtls_test_disable_insecure_external_rng(void);
 #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
 
+#if defined(MBEDTLS_PLATFORM_GET_ENTROPY_ALT)
+
+#include <mbedtls/platform.h>
+
+/* Force return value or entropy content in mbedtls_platform_get_entropy()
+ * as follows:
+ * - if fail == 0 && forced_entropy_content == 0 then
+ *   mbedtls_platform_get_entropy() behaves properly.
+ * - if fail != 0 then MBEDTLS_ERR_ENTROPY_SOURCE_FAILED is returned.
+ * - if forced_entropy_content != 0 then
+ *      - return value is success (0) but
+ *      - returned entropy_content will be equal to forced_entropy_content.
+ */
+void mbedtls_test_get_entropy_force(int fail, size_t forced_entropy_content);
+
+#endif /* MBEDTLS_PLATFORM_GET_ENTROPY_ALT */
+
 #endif /* FAKE_EXTERNAL_RNG_FOR_TEST_H */
@@ -2,7 +2,7 @@
  *
  * Helper functions to test external functions:
  * - mbedtls_psa_external_get_random()
- * - mbedtls_platform_get_entropy_alt()
+ * - mbedtls_platform_get_entropy()
  *
  * These functions are provided only for test purposes and they should not be
  * used for production.
@@ -54,16 +54,33 @@ psa_status_t mbedtls_psa_external_get_random(
 #if defined(MBEDTLS_PLATFORM_GET_ENTROPY_ALT)
 
 #include <test/random.h>
-# include <mbedtls/platform.h>
+#include <mbedtls/entropy.h>
 
-int mbedtls_platform_get_entropy_alt(unsigned char *output, size_t output_size,
-                                     size_t *output_len, size_t *entropy_content)
+static int get_entropy_alt_force_failure = 0;
+static size_t get_entropy_alt_forced_entropy_content = SIZE_MAX;
+
+void mbedtls_test_get_entropy_force(int fail, size_t forced_entropy_content)
+{
+    get_entropy_alt_force_failure = fail;
+    get_entropy_alt_forced_entropy_content = forced_entropy_content;
+}
+
+int mbedtls_platform_get_entropy(unsigned char *output, size_t output_size,
+                                 size_t *output_len, size_t *entropy_content)
 {
+    if (get_entropy_alt_force_failure != 0) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
     mbedtls_test_rnd_std_rand(NULL, output, output_size);
 
     *output_len = output_size;
     if (entropy_content != NULL) {
-        *entropy_content = output_size * 8;
+        if (get_entropy_alt_forced_entropy_content < SIZE_MAX) {
+            *entropy_content = get_entropy_alt_forced_entropy_content;
+        } else {
+            *entropy_content = output_size * 8;
+        }
     }
 
     return 0;