Enforce NULL context for hardcoded RNG

commit: 572d448ab234e8edaa3e7dc0dd95c49cf8c86382 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Tue Jul 23 13:47:53 2019 +0100
committer: Hanno Becker <hanno.becker@arm.com> Mon Aug 12 17:05:03 2019 +0100
tree: 6754b9d64574cc89e912c83cd52587e16d1c5f37
parent: 9a12243b012493043fdda9cc4e5fc21cc5c3ac7b [diff] [blame]
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index cdd77f2..9b40fa7 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c

@@ -149,6 +149,20 @@
     return( 0 );
 }
 
+#if defined(MBEDTLS_SSL_CONF_RNG)
+int rng_wrap( void *ctx, unsigned char *dst, size_t len );
+
+mbedtls_ctr_drbg_context *rng_ctx_global = NULL;
+int rng_wrap( void *ctx, unsigned char *dst, size_t len )
+{
+    /* We expect the NULL parameter here. */
+    if( ctx != NULL )
+        return( -1 );
+
+    return( mbedtls_ctr_drbg_random( rng_ctx_global, dst, len ) );
+}
+#endif /* MBEDTLS_SSL_CONF_RNG */
+
 int main( int argc, char *argv[] )
 {
     int ret = 1;
@@ -424,7 +438,12 @@
         else
             mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
 
-        mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+#if !defined(MBEDTLS_SSL_CONF_RNG)
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+#else
+    rng_ctx_global = &ctr_drbg;
+#endif
+
 #if defined(MBEDTLS_DEBUG_C)
         mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
 #endif
commit	572d448ab234e8edaa3e7dc0dd95c49cf8c86382	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Tue Jul 23 13:47:53 2019 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Mon Aug 12 17:05:03 2019 +0100
tree	6754b9d64574cc89e912c83cd52587e16d1c5f37
parent	9a12243b012493043fdda9cc4e5fc21cc5c3ac7b [diff] [blame]