diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index d34b4b07e..a19b29712 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -686,7 +686,7 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; #endif - rng_context_t rng; + rng_context_t rng_context; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; mbedtls_ssl_session saved_session; @@ -741,7 +741,9 @@ int main( int argc, char *argv[] ) mbedtls_ssl_init( &ssl ); mbedtls_ssl_config_init( &conf ); memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) ); - mbedtls_ctr_drbg_init( &rng.drbg ); + rng_context_t *rng = &rng_context; + mbedtls_ctr_drbg_init( &rng->drbg ); + mbedtls_entropy_init( &rng->entropy ); #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_init( &cacert ); mbedtls_x509_crt_init( &clicert ); @@ -1533,12 +1535,12 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); - mbedtls_entropy_init( &rng.entropy ); - if (opt.reproducible) + int reproducible = opt.reproducible; + if ( reproducible ) { srand( 1 ); - if( ( ret = mbedtls_ctr_drbg_seed( &rng.drbg, dummy_entropy, - &rng.entropy, (const unsigned char *) pers, + if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy, + &rng->entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", @@ -1548,8 +1550,8 @@ int main( int argc, char *argv[] ) } else { - if( ( ret = mbedtls_ctr_drbg_seed( &rng.drbg, mbedtls_entropy_func, - &rng.entropy, (const unsigned char *) pers, + if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func, + &rng->entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", @@ -1903,7 +1905,7 @@ int main( int argc, char *argv[] ) #endif #endif } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng.drbg ); + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng->drbg ); mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); @@ -3023,8 +3025,8 @@ exit: mbedtls_ssl_session_free( &saved_session ); mbedtls_ssl_free( &ssl ); mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &rng.drbg ); - mbedtls_entropy_free( &rng.entropy ); + mbedtls_ctr_drbg_free( &rng->drbg ); + mbedtls_entropy_free( &rng->entropy ); if( session_data != NULL ) mbedtls_platform_zeroize( session_data, session_data_len ); mbedtls_free( session_data ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 303bec9d5..bceca5408 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1282,7 +1282,7 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; #endif - rng_context_t rng; + rng_context_t rng_context; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; #if defined(MBEDTLS_TIMING_C) @@ -1376,7 +1376,9 @@ int main( int argc, char *argv[] ) mbedtls_net_init( &listen_fd ); mbedtls_ssl_init( &ssl ); mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &rng.drbg ); + rng_context_t *rng = &rng_context; + mbedtls_ctr_drbg_init( &rng->drbg ); + mbedtls_entropy_init( &rng->entropy ); #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_init( &cacert ); mbedtls_x509_crt_init( &srvcert ); @@ -2292,12 +2294,12 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); - mbedtls_entropy_init( &rng.entropy ); - if (opt.reproducible) + int reproducible = opt.reproducible; + if ( reproducible ) { srand( 1 ); - if( ( ret = mbedtls_ctr_drbg_seed( &rng.drbg, dummy_entropy, - &rng.entropy, (const unsigned char *) pers, + if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, dummy_entropy, + &rng->entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", @@ -2307,8 +2309,8 @@ int main( int argc, char *argv[] ) } else { - if( ( ret = mbedtls_ctr_drbg_seed( &rng.drbg, mbedtls_entropy_func, - &rng.entropy, (const unsigned char *) pers, + if( ( ret = mbedtls_ctr_drbg_seed( &rng->drbg, mbedtls_entropy_func, + &rng->entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", @@ -2705,7 +2707,7 @@ int main( int argc, char *argv[] ) #endif #endif } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng.drbg ); + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &rng->drbg ); mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); #if defined(MBEDTLS_SSL_CACHE_C) @@ -2724,7 +2726,7 @@ int main( int argc, char *argv[] ) if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED ) { if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx, - mbedtls_ctr_drbg_random, &rng.drbg, + mbedtls_ctr_drbg_random, &rng->drbg, MBEDTLS_CIPHER_AES_256_GCM, opt.ticket_timeout ) ) != 0 ) { @@ -2746,7 +2748,7 @@ int main( int argc, char *argv[] ) if( opt.cookies > 0 ) { if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, - mbedtls_ctr_drbg_random, &rng.drbg ) ) != 0 ) + mbedtls_ctr_drbg_random, &rng->drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); goto exit; @@ -2899,7 +2901,7 @@ int main( int argc, char *argv[] ) - opt.async_private_error : opt.async_private_error ); ssl_async_keys.f_rng = mbedtls_ctr_drbg_random; - ssl_async_keys.p_rng = &rng.drbg; + ssl_async_keys.p_rng = &rng->drbg; mbedtls_ssl_conf_async_private_cb( &conf, sign, decrypt, @@ -3997,8 +3999,8 @@ exit: mbedtls_ssl_free( &ssl ); mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &rng.drbg ); - mbedtls_entropy_free( &rng.entropy ); + mbedtls_ctr_drbg_free( &rng->drbg ); + mbedtls_entropy_free( &rng->entropy ); #if defined(MBEDTLS_SSL_CACHE_C) mbedtls_ssl_cache_free( &cache );