Allow compile-time configuration of PRNG in SSL module
Introduces MBEDTLS_SSL_CONF_RNG to allow configuring the
RNG to be used by the SSL module at compile-time.
Impact on code-size:
| | GCC 8.2.1 | ARMC5 5.06 | ARMC6 6.12 |
| --- | --- | --- | --- |
| `libmbedtls.a` before | 23535 | 24089 | 27103 |
| `libmbedtls.a` after | 23471 | 24077 | 27045 |
| gain in Bytes | 64 | 12 | 58 |
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index ead0fa7..7364dc4 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -902,8 +902,10 @@
void (*f_dbg)(void *, int, const char *, int, const char *);
void *p_dbg; /*!< context for the debug function */
+#if !defined(MBEDTLS_SSL_CONF_RNG)
/** Callback for getting (pseudo-)random numbers */
int (*f_rng)(void *, unsigned char *, size_t);
+#endif /* !MBEDTLS_SSL_CONF_RNG */
void *p_rng; /*!< context for the RNG function */
#if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_NO_SESSION_CACHE)
@@ -1462,9 +1464,16 @@
void *p_vrfy );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#if !defined(MBEDTLS_SSL_CONF_RNG)
/**
* \brief Set the random number generator callback
*
+ * \note On constrained systems, the RNG can also be
+ * configured at compile-time via the option
+ * MBEDTLS_SSL_CONF_RNG. In this case, the
+ * \p f_rng argument in this function has no
+ * effect.
+ *
* \param conf SSL configuration
* \param f_rng RNG function
* \param p_rng RNG parameter
@@ -1472,6 +1481,16 @@
void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
+#else
+/**
+ * \brief Set the random number generator callback context.
+ *
+ * \param conf SSL configuration
+ * \param p_rng RNG parameter
+ */
+void mbedtls_ssl_conf_rng_ctx( mbedtls_ssl_config *conf,
+ void *p_rng );
+#endif
/**
* \brief Set the debug callback