From 409b3db22fd5b036a9dc25f9e42b60fd73c753d0 Mon Sep 17 00:00:00 2001 From: Mahavir Jain Date: Fri, 20 Mar 2020 20:42:10 +0530 Subject: [PATCH] bootloader_support: initialize mbedtls_ctr_drbg_context per mbedtls v2.16.5 requirement In commit 02d2903e39e87f185c5af9029b2c09c0943b8b05, mbedtls was updated to release v2.16.5, where it was made mandatory to initialize mbedtls_ctr_drbg_context before using same. It was fixed in wpa supplicant but missed out in secure boot v2 verification code. This commit fixes that. --- components/bootloader_support/src/idf/secure_boot_signatures.c | 1 + 1 file changed, 1 insertion(+) diff --git a/components/bootloader_support/src/idf/secure_boot_signatures.c b/components/bootloader_support/src/idf/secure_boot_signatures.c index aae4599b7..d2021cf1a 100644 --- a/components/bootloader_support/src/idf/secure_boot_signatures.c +++ b/components/bootloader_support/src/idf/secure_boot_signatures.c @@ -207,6 +207,7 @@ esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signa } mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0); if (ret != 0) { ESP_LOGE(TAG, "mbedtls_ctr_drbg_seed returned -0x%04x\n", ret);