mbedTLS requires some randomess in order to setup a TLS conection. Since we don't have known APIs -- e.g /dev/urandom, we must define our own function which mbedTLS uses. The crypto library will call that function recursively until it gets all the randomness it needs. Instead of doing it in 8b chunks fill in whatever mbedTLS asks for in one call.
It's worth noting that 'len' in this function is controlled by mbedTLS at build-time options and currently defaults to 128b. Suggested-by: Simon Glass <[email protected]> Signed-off-by: Ilias Apalodimas <[email protected]> --- net/lwip/wget.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/net/lwip/wget.c b/net/lwip/wget.c index ba8579899002..4fd552fd306e 100644 --- a/net/lwip/wget.c +++ b/net/lwip/wget.c @@ -42,7 +42,6 @@ int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len, size_t *olen) { struct udevice *dev; - u64 rng = 0; int ret; *olen = 0; @@ -52,12 +51,11 @@ int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len, log_err("Failed to get an rng: %d\n", ret); return ret; } - ret = dm_rng_read(dev, &rng, sizeof(rng)); + ret = dm_rng_read(dev, output, len); if (ret) return ret; - memcpy(output, &rng, len); - *olen = sizeof(rng); + *olen = len; return 0; } -- 2.45.2
