From ea22406f7661edcce88defb9d20517ec967a5a9f Mon Sep 17 00:00:00 2001 From: Damien George Date: Thu, 31 May 2018 21:52:29 +1000 Subject: [PATCH] extmod/modussl_mbedtls: Use mbedtls_entropy_func for CTR-DRBG entropy. If mbedtls_ctr_drbg_seed() is available in the mbedtls bulid then so should be mbedtls_entropy_func(). Then it's up to the port to configure a valid entropy source, eg via MBEDTLS_ENTROPY_HARDWARE_ALT. --- extmod/modussl_mbedtls.c | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/extmod/modussl_mbedtls.c b/extmod/modussl_mbedtls.c index 636f45f4e4..1c9dfd17f9 100644 --- a/extmod/modussl_mbedtls.c +++ b/extmod/modussl_mbedtls.c @@ -73,15 +73,6 @@ STATIC void mbedtls_debug(void *ctx, int level, const char *file, int line, cons } #endif -// TODO: FIXME! -STATIC int null_entropy_func(void *data, unsigned char *output, size_t len) { - (void)data; - (void)output; - (void)len; - // enjoy random bytes - return 0; -} - STATIC int _mbedtls_ssl_send(void *ctx, const byte *buf, size_t len) { mp_obj_t sock = *(mp_obj_t*)ctx; @@ -140,7 +131,7 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) { mbedtls_entropy_init(&o->entropy); const byte seed[] = "upy"; - ret = mbedtls_ctr_drbg_seed(&o->ctr_drbg, null_entropy_func/*mbedtls_entropy_func*/, &o->entropy, seed, sizeof(seed)); + ret = mbedtls_ctr_drbg_seed(&o->ctr_drbg, mbedtls_entropy_func, &o->entropy, seed, sizeof(seed)); if (ret != 0) { goto cleanup; }