Hello ,
Whenever I am enabling MBEDTLS_ENTROPY_NV_SEED,entire code is misbehaving. Could you please provide me some documents or example regarding this
On Wed, 7 Dec 2022, 16:50 Gilles Peskine via mbed-tls, < mbed-tls@lists.trustedfirmware.org> wrote:
Hello,
With no random generator at all, only a few cryptographic operations are possible: signature verification, hashes, MAC, symmetric decryption, symmetric encryption with a deterministic nonce.
If you have no entropy sources on the device, you can provision a seed during the device manufacturing, and use that for the random generator. In Mbed TLS, enable MBEDTLS_ENTROPY_NV_SEED, disable other entropy sources, and provide seed read/write functions as described in https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how_to_integrate_nv_seed... .
The usage of the RNG is the same whether the entropy comes from a hardware RNG or only from a provisioned seed. You just have to configure the entropy module appropriately. Then you use CTR_DRBG or HMAC_DRBG or PSA normally.
Best regards,
-- Gilles Peskine Mbed TLS developer
On 07/12/2022 12:20, PRASHANT TRIPATHI via mbed-tls wrote:
Dear sir/madam
I have following queries regarding implementation of MBED CRYPTO Libraries :
- How crypto libraries files could be used on baremetal with no entropy
source(cross compilation )?
- How asymmetric cryptographic operations like RSA , RNG , EC ,DSA etc ,
could be implemented on baremetal without entropy , seed provisions ?
- If i want to use some custom PRNG and entropy , then how the respective
contexts structures could be filled ?
Thanks & Regards, *Prashant Tripathi*
-- mbed-tls mailing list -- mbed-tls@lists.trustedfirmware.org To unsubscribe send an email to mbed-tls-leave@lists.trustedfirmware.org