- Added option to prevent default entropy sources from loading (POLARSSL_NO_DEFAULT_ENTROPY_SOURCES)

include/polarssl/config.h

@@ -154,6 +154,19 @@
  */
 #define POLARSSL_FS_IO
 
+/**
+ * \def POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ * Do not add default entropy sources. These are the platform specific,
+ * hardclock and HAVEGE based poll functions.
+ *
+ * This is useful to have more control over the added entropy sources in an 
+ * application.
+ *
+ * Uncomment this macro to prevent loading of default entropy functions.
+#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
+ */
+
 /**
  * \def POLARSSL_NO_PLATFORM_ENTROPY
  *

include/polarssl/entropy.h

@@ -38,6 +38,7 @@
 
 #define POLARSSL_ERR_ENTROPY_SOURCE_FAILED                 -0x003C  /**< Critical entropy source failure. */
 #define POLARSSL_ERR_ENTROPY_MAX_SOURCES                   -0x003E  /**< No more sources can be added. */
+#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED            -0x0040  /**< No sources have been added to poll. */
 
 #define ENTROPY_MAX_SOURCES     20      /**< Maximum number of sources supported */
 #define ENTROPY_MAX_GATHER      128     /**< Maximum amount requested from entropy sources */
@@ -104,7 +105,7 @@ void entropy_init( entropy_context *ctx );
  * \param threshold Minimum required from source before entropy is released
  *                  ( with entropy_func() )
  *
- * \return          0 is successful or POLARSSL_ERR_ENTROPY_MAX_SOURCES
+ * \return          0 if successful or POLARSSL_ERR_ENTROPY_MAX_SOURCES
  */
 int entropy_add_source( entropy_context *ctx,
                         f_source_ptr f_source, void *p_source,

include/polarssl/error.h

@@ -58,7 +58,7 @@
  * DES       1  0x0032-0x0032
  * NET      11  0x0040-0x0054
  * CTR_DBRG  3  0x0034-0x003A
- * ENTROPY   2  0x003C-0x003E
+ * ENTROPY   3  0x003C-0x0040
  * MD2       1  0x0070-0x0070
  * MD4       1  0x0072-0x0072
  * MD5       1  0x0074-0x0074