diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 965efffcb..1a057a4af 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3683,14 +3683,6 @@ */ //#define MBEDTLS_PLATFORM_GMTIME_R_ALT -/** - * Uncomment the macro to let Mbed TLS use a platform implementation of - * global RNG. - * - * By default the global RNG function will be a no-op. - */ -//#define MBEDTLS_PLATFORM_GLOBAL_RNG - /* \} name SECTION: Customisation configuration options */ /** diff --git a/library/platform_util.c b/library/platform_util.c index 349146d48..6ba4112fb 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -38,6 +38,10 @@ #include "mbedtls/platform.h" #include "mbedtls/threading.h" +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) +#include "mbedtls/entropy_poll.h" +#endif + #include #include @@ -135,13 +139,20 @@ int mbedtls_platform_memcmp( const void *buf1, const void *buf2, size_t num ) return( diff ); } -#if !defined(MBEDTLS_PLATFORM_GLOBAL_RNG) uint32_t mbedtls_platform_random_in_range( size_t num ) { +#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) (void) num; return 0; +#else + uint32_t result = 0; + size_t olen = 0; + + mbedtls_hardware_poll( NULL, (unsigned char *) &result, sizeof( result ), + &olen ); + return( result % num ); +#endif } -#endif /* !MBEDTLS_PLATFORM_GLOBAL_RNG */ #if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) #include diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c index f78592141..0c2692179 100644 --- a/programs/ssl/query_config.c +++ b/programs/ssl/query_config.c @@ -2666,14 +2666,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */ -#if defined(MBEDTLS_PLATFORM_GLOBAL_RNG) - if( strcmp( "MBEDTLS_PLATFORM_GLOBAL_RNG", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GLOBAL_RNG ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_GLOBAL_RNG */ - #if defined(MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION) if( strcmp( "MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION", config ) == 0 ) {