[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-users] mbedtls

From: Trampas Stern
Subject: Re: [lwip-users] mbedtls
Date: Tue, 18 Feb 2020 07:29:13 -0500

I found that chrome will not work with openssl keys generated by the comments in the code I found I had to generate different keys using the following commands. 

openssl ecparam -genkey -name prime256v1 -out ca.key
openssl req -x509 -new -SHA256 -nodes -key ca.key -days 3650 -out ca.crt

see: https://www.erianna.com/ecdsa-certificate-authorities-and-certificates-with-openssl/

Now on the next issues... 

On Mon, Feb 17, 2020 at 3:52 PM Trampas Stern <address@hidden> wrote:
It appears that  ALTCP_MBEDTLS_ENTROPY_PTR  is a memory location not a pointer to function. 

I just went in and hacked the entropy_poll.c and created a new function: 

int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
                           size_t *olen )
size_t i=0;
uint32_t x;
uint8_t *ptr;
uint32_t j=0;
while (i<len && j<4)
*olen = i;

   return( 0 );

This got me passed that bug, however when running the https server I am unable to connect with Chrome.  I am trying to determine the root cause. 


On Mon, Feb 17, 2020 at 3:39 PM address@hidden <address@hidden> wrote:
Am 17.02.2020 um 18:09 schrieb Trampas Stern:
> Does anyone know how on an embedded platform to setup the entropy using
> mbedtls?

I did that, but it's been a while, and I don't remember from the top of
my head.

I think you *can* use a string entropy source and implement that
correctly or you can enable some kind of debug option that says
somethink like "this is for testing only; using no entropy is ok"...

> Specifically I am trying to get https running with lwip and getting an
> assertion failure:
> Assertion "httpd_init: altcp_tls_new failed" failed at line 2872 in
> ../src/libraries/lwip/src/apps/http/httpd.c
> Which I think is because of lack of entropy functions.  
> I did try defining ALTCP_MBEDTLS_ENTROPY_PTR
> and  ALTCP_MBEDTLS_ENTROPY_LEN but that seems to cause hard faults, when
> I assign it to a function pointer that generates a random number.

That seems strange.


lwip-users mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]