hack p_entropy as the original fail during tls connection setup
Signed-off-by: Jun Nie <jun.nie@linaro.org>
diff --git a/lib/libmbedtls/mbedtls/library/ctr_drbg.c b/lib/libmbedtls/mbedtls/library/ctr_drbg.c
index a00d66c..f81cad7 100644
--- a/lib/libmbedtls/mbedtls/library/ctr_drbg.c
+++ b/lib/libmbedtls/mbedtls/library/ctr_drbg.c
@@ -358,6 +358,7 @@
* and with output
* ctx contains new_working_state
*/
+//static unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional,
size_t len,
@@ -367,19 +368,32 @@
size_t seedlen = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+mbedtls_printf( "\n ---%s line %d---", __FILE__, __LINE__ );
if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+mbedtls_printf( "\n ---%s line %d---", __FILE__, __LINE__ );
if( nonce_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+mbedtls_printf( "\n ---%s line %d---", __FILE__, __LINE__ );
if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+mbedtls_printf( "\n ---%s line %d---", __FILE__, __LINE__ );
memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
/* Gather entropy_len bytes of entropy to seed state. */
if( 0 != ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) )
{
- return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
+ /* cheat with our version */
+ static fakeen = 1;
+ int cnt = ctx->entropy_len;
+ unsigned char *p = ctx->p_entropy;
+ fakeen ++;
+ for( cnt = 0; cnt < ctx->entropy_len; cnt++ )
+ *p++ += fakeen;
+mbedtls_printf( "\n Fail: %s line %d when call func@0x%x", __FILE__, __LINE__, ctx->f_entropy );
+#warning "-----------we should debug f_entropy -------------------------"
+///////////// return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
}
seedlen += ctx->entropy_len;
@@ -388,7 +402,15 @@
{
if( 0 != ctx->f_entropy( ctx->p_entropy, seed + seedlen, nonce_len ) )
{
- return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
+ /* cheat with our version */
+ static fakeen = 1;
+ int cnt = ctx->entropy_len;
+ unsigned char *p = ctx->p_entropy;
+ fakeen ++;
+ for( cnt = 0; cnt < ctx->entropy_len; cnt++ )
+ *p++ += fakeen;
+mbedtls_printf( "\n Fail: %s line %d when call func@0x%x", __FILE__, __LINE__, ctx->f_entropy );
+///////////// return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
}
seedlen += nonce_len;
}
@@ -400,17 +422,21 @@
seedlen += len;
}
+mbedtls_printf( "\n ---%s line %d---", __FILE__, __LINE__ );
/* Reduce to 384 bits. */
if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 )
goto exit;
+mbedtls_printf( "\n ---%s line %d---", __FILE__, __LINE__ );
/* Update state. */
if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 )
goto exit;
ctx->reseed_counter = 1;
+mbedtls_printf( "\n ---%s line %d---", __FILE__, __LINE__ );
exit:
mbedtls_platform_zeroize( seed, sizeof( seed ) );
+mbedtls_printf( "\n %s %s line %d ret 0x%x---", __FILE__, __func__, __LINE__, ret);
return( ret );
}
@@ -454,6 +480,7 @@
unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
size_t nonce_len;
+mbedtls_printf( "\n ---%s enter %s. line %d---", __FILE__, __func__, __LINE__ );
memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE );
/* The mutex is initialized iff f_entropy is set. */
@@ -461,34 +488,43 @@
mbedtls_mutex_init( &ctx->mutex );
#endif
+mbedtls_printf( "\n ---line %d---", __LINE__ );
mbedtls_aes_init( &ctx->aes_ctx );
+mbedtls_printf( "\n ---line %d---", __LINE__ );
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
+mbedtls_printf( "\n ---line %d---", __LINE__ );
if( ctx->entropy_len == 0 )
ctx->entropy_len = MBEDTLS_CTR_DRBG_ENTROPY_LEN;
/* ctx->reseed_counter contains the desired amount of entropy to
* grab for a nonce (see mbedtls_ctr_drbg_set_nonce_len()).
* If it's -1, indicating that the entropy nonce length was not set
* explicitly, use a sufficiently large nonce for security. */
+mbedtls_printf( "\n ---line %d---", __LINE__ );
nonce_len = ( ctx->reseed_counter >= 0 ?
(size_t) ctx->reseed_counter :
good_nonce_len( ctx->entropy_len ) );
+mbedtls_printf( "\n ---line %d---", __LINE__ );
/* Initialize with an empty key. */
if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key,
MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
{
+mbedtls_printf( "\n ---%s %s exit %d. line %d---", __FILE__, __func__, ret, __LINE__ );
return( ret );
}
+mbedtls_printf( "\n ---line %d---", __LINE__ );
/* Do the initial seeding. */
if( ( ret = mbedtls_ctr_drbg_reseed_internal( ctx, custom, len,
nonce_len ) ) != 0 )
{
+mbedtls_printf( "\n ---%s %s exit %d. line %d---", __FILE__, __func__, ret, __LINE__ );
return( ret );
}
+mbedtls_printf( "\n ---%s line %d %s exit good. ---", __FILE__, __LINE__, __func__ );
return( 0 );
}