From 5c4f7948d46ee34f6240e6f69e8da86cb45bba30 Mon Sep 17 00:00:00 2001
From: Sagar Bijwe <sagar@espressif.com>
Date: Wed, 26 Feb 2020 17:18:35 +0530
Subject: [PATCH 1/3] wpa_supplicant: Fix SAE test-case failure on mbedtls
 version udpate

Problem:
mbedtls_ctr_drbg_context was initialized in crypto_ec_point_mul. This
was okay in releases before 2.16.4 as entropy_len used to get set to
MBEDTLS_CTR_DRBG_ENTROPY_LEN in function mbedtls_ctr_drbg_seed. The
function is now changed to set the length to
MBEDTLS_CTR_DRBG_ENTROPY_LEN if previous length is 0 and hence the bug.

Solution:
Initialize mbedtls_ctr_drbg_context in crypto_ec_point_mul.
---
 components/wpa_supplicant/src/crypto/crypto_mbedtls.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/components/wpa_supplicant/src/crypto/crypto_mbedtls.c b/components/wpa_supplicant/src/crypto/crypto_mbedtls.c
index b7c0870c6..0f50cd8d0 100644
--- a/components/wpa_supplicant/src/crypto/crypto_mbedtls.c
+++ b/components/wpa_supplicant/src/crypto/crypto_mbedtls.c
@@ -266,7 +266,7 @@ struct crypto_ec *crypto_ec_init(int group)
         return NULL;
     }
 
-    mbedtls_ecp_group_init( &e->group );
+    mbedtls_ecp_group_init(&e->group);
 
     if (mbedtls_ecp_group_load(&e->group, grp_id)) {
         crypto_ec_deinit(e);
@@ -283,7 +283,7 @@ void crypto_ec_deinit(struct crypto_ec *e)
         return;
     }
 
-    mbedtls_ecp_group_free( &e->group );
+    mbedtls_ecp_group_free(&e->group);
     os_free(e);
 }
 
@@ -417,6 +417,7 @@ int crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p,
     mbedtls_ctr_drbg_context ctr_drbg;
 
     mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
 
     MBEDTLS_MPI_CHK(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
                                     NULL, 0));
@@ -428,8 +429,8 @@ int crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p,
                 mbedtls_ctr_drbg_random,
                 &ctr_drbg));
 cleanup:
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
     return ret ? -1 : 0;
 }
 

From 355a210a381674d8ee96748eb7f60654f4804770 Mon Sep 17 00:00:00 2001
From: Mahavir Jain <mahavir@espressif.com>
Date: Wed, 12 Feb 2020 13:55:32 +0530
Subject: [PATCH 2/3] mbedtls: upgrade to release v2.16.5

For detailed release notes please refer to:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-released

Closes: IDFGH-2638
Closes: https://github.com/espressif/esp-idf/issues/4716
---
 components/mbedtls/mbedtls | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/mbedtls/mbedtls b/components/mbedtls/mbedtls
index f5f2e5926..9ef92c551 160000
--- a/components/mbedtls/mbedtls
+++ b/components/mbedtls/mbedtls
@@ -1 +1 @@
-Subproject commit f5f2e5926cd294ae7cb579ff6a12ad9303caeb6e
+Subproject commit 9ef92c551eb8d92677034c3ec8078a8076febf41

From b8fe1fdf2753b2aa85d5fafa99530e2ee7bbb72b Mon Sep 17 00:00:00 2001
From: Mahavir Jain <mahavir@espressif.com>
Date: Fri, 20 Mar 2020 20:42:10 +0530
Subject: [PATCH 3/3] bootloader_support: initialize mbedtls_ctr_drbg_context
 per mbedtls v2.16.5 requirement

In commit 02d2903e39e87f185c5af9029b2c09c0943b8b05, mbedtls was
updated to release v2.16.5, where it was made mandatory to initialize
mbedtls_ctr_drbg_context before using same. It was fixed in wpa supplicant
but missed out in secure boot v2 verification code. This commit
fixes that.
---
 components/bootloader_support/src/idf/secure_boot_signatures.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/components/bootloader_support/src/idf/secure_boot_signatures.c b/components/bootloader_support/src/idf/secure_boot_signatures.c
index aae4599b7..d2021cf1a 100644
--- a/components/bootloader_support/src/idf/secure_boot_signatures.c
+++ b/components/bootloader_support/src/idf/secure_boot_signatures.c
@@ -207,6 +207,7 @@ esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signa
     }
 
     mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
     ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0);
     if (ret != 0) {
         ESP_LOGE(TAG, "mbedtls_ctr_drbg_seed returned -0x%04x\n", ret);