Also provide RAND_is_entropy_cpu_jitter

crypto/crypto_test.cc

@@ -76,11 +76,13 @@ TEST(CryptoTest, Strndup) {
 
 TEST(CryptoTest, aws_lc_assert_entropy_cpu_jitter) {
 #if defined(FIPS_ENTROPY_SOURCE_JITTER_CPU)
+  ASSERT_EQ(1, RAND_is_entropy_cpu_jitter());
   ASSERT_EQ(1, RAND_assert_entropy_cpu_jitter());
 #elif !defined(OPENSSL_ANDROID)
+  ASSERT_EQ(0, RAND_is_entropy_cpu_jitter());
   ASSERT_DEATH_IF_SUPPORTED( { RAND_assert_entropy_cpu_jitter(); } , "");
 #else
-  SUCCEED();
+  ASSERT_EQ(0, RAND_is_entropy_cpu_jitter());
 #endif
 }
 

crypto/fipsmodule/rand/rand.c

@@ -77,11 +77,17 @@ static const unsigned kReseedInterval = 16777216;
 int RAND_assert_entropy_cpu_jitter(void) {
   return 1;
 }
+int RAND_is_entropy_cpu_jitter(void) {
+  return 1;
+}
 #elif defined(FIPS_ENTROPY_SOURCE_PASSIVE)
 static const unsigned kReseedInterval = 4096;
 int RAND_assert_entropy_cpu_jitter(void) {
   BORINGSSL_FIPS_abort();
 }
+int RAND_is_entropy_cpu_jitter(void) {
+  return 0;
+}
 #else
 #error "A FIPS entropy source must be explicitly defined"
 #endif
@@ -95,6 +101,9 @@ static const unsigned kReseedInterval = 4096;
 int RAND_assert_entropy_cpu_jitter(void) {
   abort();
 }
+int RAND_is_entropy_cpu_jitter(void) {
+  return 0;
+}
 #endif // defined(BORINGSSL_FIPS)
 
 

include/openssl/rand.h

@@ -141,9 +141,13 @@ OPENSSL_EXPORT const RAND_METHOD *RAND_get_rand_method(void);
 OPENSSL_EXPORT int RAND_set_rand_method(const RAND_METHOD *);
 
 // RAND_assert_entropy_cpu_jitter will abort the process if CPU jitter entropy
-// was not enabled for the build.
+// was not enabled for the build. Otherwise, returns 1.
 OPENSSL_EXPORT int RAND_assert_entropy_cpu_jitter(void);
 
+// RAND_is_entropy_cpu_jitter returns 1 if CPU jitter entropy
+// was not enabled for the build. Otherwise, returns 0;
+OPENSSL_EXPORT int RAND_is_entropy_cpu_jitter(void);
+
 // RAND_keep_random_devices_open does nothing.
 OPENSSL_EXPORT OPENSSL_DEPRECATED void RAND_keep_random_devices_open(int a);