diff options
author | Marcus Shawcroft <marcus.shawcroft@arm.com> | 2017-02-07 14:09:16 +0000 |
---|---|---|
committer | Jukka Rissanen <jukka.rissanen@linux.intel.com> | 2017-02-09 14:26:58 +0000 |
commit | 15a151a0a0d4e7b8fedb8cd62f3311abe922d20e (patch) | |
tree | e31477e7680180c9521a2a6a47314cac55d9db00 /samples | |
parent | 8a612c3a4461efe50a481930891c2ac946939224 (diff) |
samples/mbedtls_dtls_client: Fix wild write in entropy_source
The example entropy_source implementation should write entropy to the
output buffer rather than to the context pointer which in this example
happens to be NULL.
Take the opportunity to reorganize the entropy_source to use all of
the entropy provided by a call to sys_rand32_get() rather than just
1/4 of it.
The entropy_source() callback from mbedtls is given a maximum amount
of entropy to return, rather than a minimum amount. Hence it makes
more sense to deliver exactly one chunk (32 bits) of entropy from the
call to sys_rand32_get() per call and let the mbedtls entropy handler
worry about how much entropy we actually need to collect (ie the threshold).
Change-Id: I57ed438de5cb1223619fde0fb8039d6eca284646
Signed-off-by: Marcus Shawcroft <marcus.shawcroft@arm.com>
Diffstat (limited to 'samples')
-rw-r--r-- | samples/net/mbedtls_dtlsclient/src/dtls_client.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/samples/net/mbedtls_dtlsclient/src/dtls_client.c b/samples/net/mbedtls_dtlsclient/src/dtls_client.c index f6ef5ef5a..6cdfd1084 100644 --- a/samples/net/mbedtls_dtlsclient/src/dtls_client.c +++ b/samples/net/mbedtls_dtlsclient/src/dtls_client.c @@ -1,7 +1,7 @@ /* Minimal DTLS client. * (Meant to be used with config-threadnet.h) * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2017, ARM Limited, All Rights Reserved * * SPDX-License-Identifier: Apache-2.0 * @@ -132,20 +132,13 @@ static int entropy_source(void *data, unsigned char *output, size_t len, size_t *olen) { uint32_t seed; - char *ptr = data; seed = sys_rand32_get(); - - if (!seed) { - seed = 7; + if (len > sizeof(seed)) { + len = sizeof(seed); } - for (int i = 0; i < len; i++) { - seed ^= seed << 13; - seed ^= seed >> 17; - seed ^= seed << 5; - *ptr++ = (char)seed; - } + memcpy(output, &seed, len); *olen = len; return 0; |