mbedtls why I am getting the "The random generator failed to generate non-zeros" error

Question

I am trying to port AWS SDK which uses mbedtls on Ameba Board. I have a function for AWS : iot_tls_connect to initialize mbedtls.

MCU has a TRNG but in the first phase it is not important to use HW TRNG. A software RNG and Entropy can be fine. I tried lots of different combination and mbedtls config but I am getting following error

iot_tls_connect: mbedtls_ssl_handshake(): RSA - The random generator failed to generate non-zeros aws_iot_mqtt_connect failed SSL handshake error

My last code

mbedtls_net_init(&server_fd);
mbedtls_ssl_init(&ssl);
mbedtls_ssl_config_init(&conf);
mbedtls_ctr_drbg_init(&ctr_drbg);
mbedtls_x509_crt_init(&cacert);
mbedtls_x509_crt_init(&clicert);
mbedtls_pk_init(&pkey);
/*  my_random returns random values from HW TRNG */
mbedtls_ssl_conf_rng(&ssl, my_random, NULL);

IOT_DEBUG("Seeding the random number generator...");
mbedtls_entropy_init(&entropy);

/* Added to test */
ret = mbedtls_entropy_add_source(&entropy, entropy_dummy_source, NULL, 16, 1);

if((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, pers, strlen(pers))) != 0) { ... }

/* Added for test as suggested in tutorials */
mbedtls_ctr_drbg_set_prediction_resistance(&ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON );

It can be about my config file. Tutorials did not help. It blocks me. Any idea.

Thank you.

score 1 · Answer 1 · answered Aug 05 '17 at 15:17

1

I am using Ameba SDK and I found a bug in their modification for HW Crypto module in AES.c. It was the reason so not a generic issue.

answered Aug 05 '17 at 15:17

muratcakmak

325
2
14

mbedtls why I am getting the "The random generator failed to generate non-zeros" error

1 Answers1