From 97f59ab527ae02cf34b7271a3d369e92d9039884 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 22 Oct 2019 18:42:27 +0200
Subject: [PATCH] CTR_DRBG: add the possibility of grabbing entropy for a nonce

Add a new function mbedtls_ctr_drbg_set_nonce_len() which configures
the DRBG instance to call f_entropy a second time during the initial
seeding to grab a nonce.

The default nonce length is 0, so there is no behavior change unless
the user calls the new function.
---
 library/ctr_drbg.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 85bd04f2b..8a62f6d46 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -357,10 +357,10 @@ void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
  * and with output
  *   ctx contains new_working_state
  */
-int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx,
-                                      const unsigned char *additional,
-                                      size_t len,
-                                      size_t nonce_len )
+static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx,
+                                             const unsigned char *additional,
+                                             size_t len,
+                                             size_t nonce_len )
 {
     unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
     size_t seedlen = 0;