psa: simplify management of mbedtls_psa_drbg_context_t
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c371339..c8dd0d0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -101,11 +101,6 @@
static psa_global_data_t global_data;
-#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
-mbedtls_psa_drbg_context_t *const mbedtls_psa_drbg_ctx =
- &global_data.rng.drbg;
-#endif
-
#define GUARD_MODULE_INITIALIZED \
if (global_data.initialized == 0) \
return PSA_ERROR_BAD_STATE;
@@ -7322,7 +7317,7 @@
MBEDTLS_ENTROPY_SOURCE_STRONG);
#endif
- mbedtls_psa_drbg_init(MBEDTLS_PSA_DRBG_CTX);
+ mbedtls_psa_drbg_init(&rng->drbg);
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
}
@@ -7333,7 +7328,7 @@
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
memset(rng, 0, sizeof(*rng));
#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
- mbedtls_psa_drbg_free(MBEDTLS_PSA_DRBG_CTX);
+ mbedtls_psa_drbg_free(&rng->drbg);
rng->entropy_free(&rng->entropy);
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
}
@@ -7348,7 +7343,7 @@
return PSA_SUCCESS;
#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
const unsigned char drbg_seed[] = "PSA";
- int ret = mbedtls_psa_drbg_seed(&rng->entropy,
+ int ret = mbedtls_psa_drbg_seed(&rng->drbg, &rng->entropy,
drbg_seed, sizeof(drbg_seed) - 1);
return mbedtls_to_psa_error(ret);
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
@@ -7382,7 +7377,7 @@
(output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ?
MBEDTLS_PSA_RANDOM_MAX_REQUEST :
output_size);
- int ret = mbedtls_psa_legacy_get_random(MBEDTLS_PSA_DRBG_CTX,
+ int ret = mbedtls_psa_legacy_get_random(&global_data.rng.drbg,
output, request_size);
if (ret != 0) {
return mbedtls_to_psa_error(ret);
diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h
index 0a2ae9e..10db73d 100644
--- a/library/psa_crypto_random_impl.h
+++ b/library/psa_crypto_random_impl.h
@@ -118,14 +118,6 @@
#define MBEDTLS_PSA_RANDOM_MAX_REQUEST MBEDTLS_HMAC_DRBG_MAX_REQUEST
#endif
-/** A pointer to the PSA DRBG context.
- *
- * This variable is only intended to be used through the macro
- * #MBEDTLS_PSA_DRBG_CTX.
- */
-extern mbedtls_psa_drbg_context_t *const mbedtls_psa_drbg_ctx;
-#define MBEDTLS_PSA_DRBG_CTX mbedtls_psa_drbg_ctx
-
/** Seed the PSA DRBG.
*
* \param entropy An entropy context to read the seed from.
@@ -138,18 +130,19 @@
* \return An Mbed TLS error code (\c MBEDTLS_ERR_xxx) on failure.
*/
static inline int mbedtls_psa_drbg_seed(
+ mbedtls_psa_drbg_context_t *drbg_ctx,
mbedtls_entropy_context *entropy,
const unsigned char *custom, size_t len)
{
#if defined(MBEDTLS_CTR_DRBG_C)
- return mbedtls_ctr_drbg_seed(MBEDTLS_PSA_DRBG_CTX,
+ return mbedtls_ctr_drbg_seed(drbg_ctx,
mbedtls_entropy_func,
entropy,
custom, len);
#elif defined(MBEDTLS_HMAC_DRBG_C)
const mbedtls_md_info_t *md_info =
mbedtls_md_info_from_type(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE);
- return mbedtls_hmac_drbg_seed(MBEDTLS_PSA_DRBG_CTX,
+ return mbedtls_hmac_drbg_seed(drbg_ctx,
md_info,
mbedtls_entropy_func,
entropy,