djsundog
/
circuitpython
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

extmod/modussl_mbedtls: Use mbedtls_entropy_func for CTR-DRBG entropy. 

If mbedtls_ctr_drbg_seed() is available in the mbedtls bulid then so should
be mbedtls_entropy_func().  Then it's up to the port to configure a valid
entropy source, eg via MBEDTLS_ENTROPY_HARDWARE_ALT.
This commit is contained in:
Damien George 2018-05-31 21:52:29 +10:00
parent 98b9f0fc9d
commit ea22406f76
1 changed files with 1 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
extmod/modussl_mbedtls.c
View File

@ -73,15 +73,6 @@ STATIC void mbedtls_debug(void *ctx, int level, const char *file, int line, cons
}
#endif
// TODO: FIXME!
STATIC int null_entropy_func(void *data, unsigned char *output, size_t len) {
(void)data;
(void)output;
(void)len;
// enjoy random bytes
return 0;
}
STATIC int _mbedtls_ssl_send(void *ctx, const byte *buf, size_t len) {
mp_obj_t sock = *(mp_obj_t*)ctx;
@ -140,7 +131,7 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
mbedtls_entropy_init(&o->entropy);
const byte seed[] = "upy";
ret = mbedtls_ctr_drbg_seed(&o->ctr_drbg, null_entropy_func/*mbedtls_entropy_func*/, &o->entropy, seed, sizeof(seed));
ret = mbedtls_ctr_drbg_seed(&o->ctr_drbg, mbedtls_entropy_func, &o->entropy, seed, sizeof(seed));
if (ret != 0) {
goto cleanup;
}