[lwip-devel] [altcp_tls_mbedtls] Entropy and RNG

[Giuseppe Modugno]

In altcp_tls_mbedtls.c is defined a static pointer altcp_tls_entropy_rng 
to a struct that manages random number generator, so its members are 
mbedtls_entropy_context and mbedtls_ctr_drbg_context.

The struct is allocated only one time at the first TLS connection setup 
and shared with all TLS connections. When all TLS connections are freed, 
the struct is freed too.

This approach is good if altcp_tls_mbedtls is the only module in the 
application that uses entropy and random number generator. However some 
applications could have the need to generate random numbers for other 
purposes. In this case, I think it's better to share a single entropy 
pool and a single random number generator for all the application.

I'm thinking to patch altcp_tls_mbedtls adding a macro that removes all 
the code related to "internal" altcp_tls_entropy_rng. In 
altcp_tls_create_config(), we call mbedtls_ssl_conf_rng() with a custom 
function with a custom argument. Something similar to:

#ifndef ALTCP_MBEDTLS_RNG_FUNC
/** Entropy and random generator are shared by all mbedTLS configuration */
struct altcp_tls_entropy_rng {
  mbedtls_entropy_context entropy;
  mbedtls_ctr_drbg_context ctr_drbg;
  int ref;
};
static struct altcp_tls_entropy_rng *altcp_tls_entropy_rng;
#endif

...

#ifdef ALTCP_MBEDTLS_RNG_FUNC
    mbedtls_ssl_conf_rng(&conf->conf, ALTCP_MBEDTLS_RNG_FUNC,
#ifdef ALTCP_MEDTLS_RNG_FUNC_ARG
        ALTCP_MBEDTLS_RNG_FUNC_ARG
#else
        NULL
#endif
    );
#else
    mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random, 
&altcp_tls_entropy_rng->ctr_drbg);
#endif

What do you think?