TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 440cb2aac296d07afc9ec111977bf24d54dc4061^! / . / programs / x509 / cert_write.c
commit440cb2aac296d07afc9ec111977bf24d54dc4061[log] [tgz]
authorBen Taylor <ben.taylor@linaro.org>Wed Mar 05 09:40:08 2025 +0000
committerBen Taylor <ben.taylor@linaro.org>Wed Mar 26 08:17:38 2025 +0000
tree905f7d92af35764d8f1b04115ab4a611d5727018
parentb90a16d58993a0503700007371fc5db42c629318 [diff] [blame]
Remove RNG from x509 and PK

remove the f_rng and p_rng parameter from x509 and PK.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>

diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index 5993f24..9776dc1 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c

@@ -206,9 +206,7 @@
     int format;                 /* format                               */
 } opt;
 
-static int write_certificate(mbedtls_x509write_cert *crt, const char *output_file,
-                             int (*f_rng)(void *, unsigned char *, size_t),
-                             void *p_rng)
+static int write_certificate(mbedtls_x509write_cert *crt, const char *output_file)
 {
     int ret;
     FILE *f;
@@ -218,8 +216,7 @@
 
     memset(output_buf, 0, 4096);
     if (opt.format == FORMAT_DER) {
-        ret = mbedtls_x509write_crt_der(crt, output_buf, 4096,
-                                        f_rng, p_rng);
+        ret = mbedtls_x509write_crt_der(crt, output_buf, 4096);
         if (ret < 0) {
             return ret;
         }
@@ -227,8 +224,7 @@
         len = ret;
         output_start = output_buf + 4096 - len;
     } else {
-        ret = mbedtls_x509write_crt_pem(crt, output_buf, 4096,
-                                        f_rng, p_rng);
+        ret = mbedtls_x509write_crt_pem(crt, output_buf, 4096);
         if (ret < 0) {
             return ret;
         }
@@ -780,7 +776,7 @@
         fflush(stdout);
 
         ret = mbedtls_pk_parse_keyfile(&loaded_subject_key, opt.subject_key,
-                                       opt.subject_pwd, mbedtls_ctr_drbg_random, &ctr_drbg);
+                                       opt.subject_pwd);
         if (ret != 0) {
             mbedtls_strerror(ret, buf, sizeof(buf));
             mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile "
@@ -795,7 +791,7 @@
     fflush(stdout);
 
     ret = mbedtls_pk_parse_keyfile(&loaded_issuer_key, opt.issuer_key,
-                                   opt.issuer_pwd, mbedtls_ctr_drbg_random, &ctr_drbg);
+                                   opt.issuer_pwd);
     if (ret != 0) {
         mbedtls_strerror(ret, buf, sizeof(buf));
         mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile "
@@ -806,8 +802,7 @@
     // Check if key and issuer certificate match
     //
     if (strlen(opt.issuer_crt)) {
-        if (mbedtls_pk_check_pair(&issuer_crt.pk, issuer_key,
-                                  mbedtls_ctr_drbg_random, &ctr_drbg) != 0) {
+        if (mbedtls_pk_check_pair(&issuer_crt.pk, issuer_key) != 0) {
             mbedtls_printf(" failed\n  !  issuer_key does not match "
                            "issuer certificate\n\n");
             goto exit;
@@ -984,8 +979,7 @@
     mbedtls_printf("  . Writing the certificate...");
     fflush(stdout);
 
-    if ((ret = write_certificate(&crt, opt.output_file,
-                                 mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+    if ((ret = write_certificate(&crt, opt.output_file)) != 0) {
         mbedtls_strerror(ret, buf, sizeof(buf));
         mbedtls_printf(" failed\n  !  write_certificate -0x%04x - %s\n\n",
                        (unsigned int) -ret, buf);