Remove RNG from x509 and PK remove the f_rng and p_rng parameter from x509 and PK. Signed-off-by: Ben Taylor <ben.taylor@linaro.org>

commit: 440cb2aac296d07afc9ec111977bf24d54dc4061 [log] [tgz]
author: Ben Taylor <ben.taylor@linaro.org> Wed Mar 05 09:40:08 2025 +0000
committer: Ben Taylor <ben.taylor@linaro.org> Wed Mar 26 08:17:38 2025 +0000
tree: 905f7d92af35764d8f1b04115ab4a611d5727018
parent: b90a16d58993a0503700007371fc5db42c629318 [diff]
diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c
index b064078..2be5842 100644
--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c

@@ -248,8 +248,7 @@
             goto cleanup;
         }
 
-        ret = mbedtls_pk_parse_keyfile(&pk, opt.filename, opt.password,
-                                       mbedtls_ctr_drbg_random, &ctr_drbg);
+        ret = mbedtls_pk_parse_keyfile(&pk, opt.filename, opt.password);
 
         if (ret != 0) {
             mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile returned -0x%04x\n",

diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c
index b9b477b..e36130b 100644
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c

@@ -363,8 +363,7 @@
             goto exit;
         }
 
-        ret = mbedtls_pk_parse_keyfile(&key, opt.filename, NULL,
-                                       mbedtls_ctr_drbg_random, &ctr_drbg);
+        ret = mbedtls_pk_parse_keyfile(&key, opt.filename, NULL);
         if (ret != 0) {
             mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile returned -0x%04x",
                            (unsigned int) -ret);

diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c
index a7b9001..d2bfde5 100644
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c

@@ -89,8 +89,7 @@
     mbedtls_printf("\n  . Reading private key from '%s'", argv[1]);
     fflush(stdout);
 
-    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "",
-                                        mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) {
         mbedtls_printf(" failed\n  ! mbedtls_pk_parse_keyfile returned -0x%04x\n",
                        (unsigned int) -ret);
         goto exit;
@@ -119,8 +118,7 @@
     mbedtls_printf("\n  . Decrypting the encrypted data");
     fflush(stdout);
 
-    if ((ret = mbedtls_pk_decrypt(&pk, buf, i, result, &olen, sizeof(result),
-                                  mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+    if ((ret = mbedtls_pk_decrypt(&pk, buf, i, result, &olen, sizeof(result))) != 0) {
         mbedtls_printf(" failed\n  ! mbedtls_pk_decrypt returned -0x%04x\n",
                        (unsigned int) -ret);
         goto exit;

diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c
index 28a849b..1ab2a3d 100644
--- a/programs/pkey/pk_encrypt.c
+++ b/programs/pkey/pk_encrypt.c

@@ -105,8 +105,7 @@
     fflush(stdout);
 
     if ((ret = mbedtls_pk_encrypt(&pk, input, strlen(argv[2]),
-                                  buf, &olen, sizeof(buf),
-                                  mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+                                  buf, &olen, sizeof(buf))) != 0) {
         mbedtls_printf(" failed\n  ! mbedtls_pk_encrypt returned -0x%04x\n",
                        (unsigned int) -ret);
         goto exit;

diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index af52583..92d9660 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c

@@ -85,8 +85,7 @@
     mbedtls_printf("\n  . Reading private key from '%s'", argv[1]);
     fflush(stdout);
 
-    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "",
-                                        mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) {
         mbedtls_printf(" failed\n  ! Could not parse '%s'\n", argv[1]);
         goto exit;
     }
@@ -106,8 +105,7 @@
     }
 
     if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0,
-                               buf, sizeof(buf), &olen,
-                               mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+                               buf, sizeof(buf), &olen)) != 0) {
         mbedtls_printf(" failed\n  ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret);
         goto exit;
     }

diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index e4f27f3..a5e06fb 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c

@@ -86,8 +86,7 @@
     mbedtls_printf("\n  . Reading private key from '%s'", argv[1]);
     fflush(stdout);
 
-    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "",
-                                        mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) {
         mbedtls_printf(" failed\n  ! Could not read key from '%s'\n", argv[1]);
         mbedtls_printf("  ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret);
         goto exit;
@@ -120,8 +119,7 @@
     }
 
     if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0,
-                               buf, sizeof(buf), &olen,
-                               mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+                               buf, sizeof(buf), &olen)) != 0) {
         mbedtls_printf(" failed\n  ! mbedtls_pk_sign returned %d\n\n", ret);
         goto exit;
     }
commit	440cb2aac296d07afc9ec111977bf24d54dc4061	[log] [tgz]
author	Ben Taylor <ben.taylor@linaro.org>	Wed Mar 05 09:40:08 2025 +0000
committer	Ben Taylor <ben.taylor@linaro.org>	Wed Mar 26 08:17:38 2025 +0000
tree	905f7d92af35764d8f1b04115ab4a611d5727018
parent	b90a16d58993a0503700007371fc5db42c629318 [diff]