[altcp_tls_mbedtls] Entropy and RNG

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[altcp_tls_mbedtls] Entropy and RNG

Giuseppe Modugno
In altcp_tls_mbedtls.c is defined a static pointer altcp_tls_entropy_rng
to a struct that manages random number generator, so its members are
mbedtls_entropy_context and mbedtls_ctr_drbg_context.

The struct is allocated only one time at the first TLS connection setup
and shared with all TLS connections. When all TLS connections are freed,
the struct is freed too.

This approach is good if altcp_tls_mbedtls is the only module in the
application that uses entropy and random number generator. However some
applications could have the need to generate random numbers for other
purposes. In this case, I think it's better to share a single entropy
pool and a single random number generator for all the application.

I'm thinking to patch altcp_tls_mbedtls adding a macro that removes all
the code related to "internal" altcp_tls_entropy_rng. In
altcp_tls_create_config(), we call mbedtls_ssl_conf_rng() with a custom
function with a custom argument. Something similar to:

#ifndef ALTCP_MBEDTLS_RNG_FUNC
/** Entropy and random generator are shared by all mbedTLS configuration */
struct altcp_tls_entropy_rng {
   mbedtls_entropy_context entropy;
   mbedtls_ctr_drbg_context ctr_drbg;
   int ref;
};
static struct altcp_tls_entropy_rng *altcp_tls_entropy_rng;
#endif

...

#ifdef ALTCP_MBEDTLS_RNG_FUNC
     mbedtls_ssl_conf_rng(&conf->conf, ALTCP_MBEDTLS_RNG_FUNC,
#ifdef ALTCP_MEDTLS_RNG_FUNC_ARG
         ALTCP_MBEDTLS_RNG_FUNC_ARG
#else
         NULL
#endif
     );
#else
     mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random,
&altcp_tls_entropy_rng->ctr_drbg);
#endif

What do you think?



_______________________________________________
lwip-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-devel
Reply | Threaded
Open this post in threaded view
|

Re: [altcp_tls_mbedtls] Entropy and RNG

David Girault
Le jeudi 22 août 2019 à 18:01 +0200, Giuseppe Modugno a écrit :

> In altcp_tls_mbedtls.c is defined a static pointer
> altcp_tls_entropy_rng
> to a struct that manages random number generator, so its members are
> mbedtls_entropy_context and mbedtls_ctr_drbg_context.
>
> The struct is allocated only one time at the first TLS connection
> setup
> and shared with all TLS connections. When all TLS connections are
> freed,
> the struct is freed too.
>
> This approach is good if altcp_tls_mbedtls is the only module in the
> application that uses entropy and random number generator. However
> some
> applications could have the need to generate random numbers for
> other
> purposes. In this case, I think it's better to share a single
> entropy
> pool and a single random number generator for all the application.
>
> I'm thinking to patch altcp_tls_mbedtls adding a macro that removes
> all
> the code related to "internal" altcp_tls_entropy_rng. In
> altcp_tls_create_config(), we call mbedtls_ssl_conf_rng() with a
> custom
> function with a custom argument. Something similar to:
>
> #ifndef ALTCP_MBEDTLS_RNG_FUNC
> /** Entropy and random generator are shared by all mbedTLS
> configuration */
> struct altcp_tls_entropy_rng {
>    mbedtls_entropy_context entropy;
>    mbedtls_ctr_drbg_context ctr_drbg;
>    int ref;
> };
> static struct altcp_tls_entropy_rng *altcp_tls_entropy_rng;
> #endif
>
> ...
>
> #ifdef ALTCP_MBEDTLS_RNG_FUNC
>      mbedtls_ssl_conf_rng(&conf->conf, ALTCP_MBEDTLS_RNG_FUNC,
> #ifdef ALTCP_MEDTLS_RNG_FUNC_ARG
>          ALTCP_MBEDTLS_RNG_FUNC_ARG
> #else
>          NULL
> #endif
>      );
> #else
>      mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random,
> &altcp_tls_entropy_rng->ctr_drbg);
> #endif
>
> What do you think?

Hi Giuseppe,

I think it's a usefull addition allowing application to do it the way
it want.

I think three new configuration define must be declared in
altcp_tls_mbedtls_opts.h. Something like thay:

#ifdef ALTCP_MBEDTLS_RNG_FUNC
#define ALTCP_MBEDTLS_RNG_FUNC mbedtls_ctr_drbg_random
#endif
#ifdef ALTCP_MBEDTLS_RNG_ARG
#define
ALTCP_MBEDTLS_RNG_ARG &altcp_tls_entropy_rng->ctr_drbg
#else
#define
ALTCP_MBEDTLS_RNG_CUSTOM 1
#endfif

So all dynamic management of the altcp_tls_entropy_rng structure can be
disabled using a #ifndef ALTCP_MBEDTLS_RNG_CUSTOM statement.

And no need to use #ifdef for the mbedtls_ssl_conf_rng call.

Do you already made some patch?

Regards,
David



_______________________________________________
lwip-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-devel