From: Ilias Apalodimas Date: Thu, 14 Nov 2024 14:29:15 +0000 (+0200) Subject: net: lwip: provide entropy to MBed TLS in one go X-Git-Url: http://git.dujemihanovic.xyz/img/static/%7B%7B%20%24.Site.BaseURL%20%7D%7Dposts/%7B%7B%20%24style.RelPermalink%20%7D%7D?a=commitdiff_plain;h=2cde2f4a0073ac1e4a528a1fab40e3d6c1f4bf29;p=u-boot.git net: lwip: provide entropy to MBed TLS in one go We currently provide entropy to mbedTLS using 8b chunks. Take into account the 'len' parameter passed by MBed TLS to the entropy gathering function instead. Note that the current code works because len is always 128 (defined at compile time), therefore mbedtls_hardware_poll() is called repeatedly and the buffer is filled correctly. But passing 'len' to dm_rng_read() is both better and simpler. Reviewed-by: Jerome Forissier Suggested-by: Simon Glass Signed-off-by: Ilias Apalodimas Reviewed-by: Simon Glass --- diff --git a/net/lwip/wget.c b/net/lwip/wget.c index e85d57bc1d..062aa7c44f 100644 --- a/net/lwip/wget.c +++ b/net/lwip/wget.c @@ -42,7 +42,6 @@ int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len, size_t *olen) { struct udevice *dev; - u64 rng = 0; int ret; *olen = 0; @@ -52,12 +51,11 @@ int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len, log_err("Failed to get an rng: %d\n", ret); return ret; } - ret = dm_rng_read(dev, &rng, sizeof(rng)); + ret = dm_rng_read(dev, output, len); if (ret) return ret; - memcpy(output, &rng, len); - *olen = sizeof(rng); + *olen = len; return 0; }