From a8e0b9171b1e34e5789b986f8437a7aa3c5a4367 Mon Sep 17 00:00:00 2001
From: Sagar Bijwe <sagar@espressif.com>
Date: Wed, 26 Feb 2020 17:18:35 +0530
Subject: [PATCH 1/2] wpa_supplicant: Fix SAE test-case failure on mbedtls
 version udpate

Problem:
mbedtls_ctr_drbg_context was initialized in crypto_ec_point_mul. This
was okay in releases before 2.16.4 as entropy_len used to get set to
MBEDTLS_CTR_DRBG_ENTROPY_LEN in function mbedtls_ctr_drbg_seed. The
function is now changed to set the length to
MBEDTLS_CTR_DRBG_ENTROPY_LEN if previous length is 0 and hence the bug.

Solution:
Initialize mbedtls_ctr_drbg_context in crypto_ec_point_mul.
---
 components/wpa_supplicant/src/crypto/crypto_mbedtls.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/components/wpa_supplicant/src/crypto/crypto_mbedtls.c b/components/wpa_supplicant/src/crypto/crypto_mbedtls.c
index d6a91b532..fbbab1a9e 100644
--- a/components/wpa_supplicant/src/crypto/crypto_mbedtls.c
+++ b/components/wpa_supplicant/src/crypto/crypto_mbedtls.c
@@ -270,7 +270,7 @@ struct crypto_ec *crypto_ec_init(int group)
         return NULL;
     }
 
-    mbedtls_ecp_group_init( &e->group );
+    mbedtls_ecp_group_init(&e->group);
 
     if (mbedtls_ecp_group_load(&e->group, grp_id)) {
         crypto_ec_deinit(e);
@@ -287,7 +287,7 @@ void crypto_ec_deinit(struct crypto_ec *e)
         return;
     }
 
-    mbedtls_ecp_group_free( &e->group );
+    mbedtls_ecp_group_free(&e->group);
     os_free(e);
 }
 
@@ -421,6 +421,7 @@ int crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p,
     mbedtls_ctr_drbg_context ctr_drbg;
 
     mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
 
     MBEDTLS_MPI_CHK(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
                                     NULL, 0));
@@ -432,8 +433,8 @@ int crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p,
                 mbedtls_ctr_drbg_random,
                 &ctr_drbg));
 cleanup:
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
     return ret ? -1 : 0;
 }
 

From 13e3e26065123422c6f025df0d712227229d4648 Mon Sep 17 00:00:00 2001
From: Mahavir Jain <mahavir@espressif.com>
Date: Wed, 12 Feb 2020 13:55:32 +0530
Subject: [PATCH 2/2] mbedtls: upgrade to release v2.16.5

For detailed release notes please refer to:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-released

Closes: IDFGH-2638
Closes: https://github.com/espressif/esp-idf/issues/4716
---
 components/mbedtls/mbedtls | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/mbedtls/mbedtls b/components/mbedtls/mbedtls
index f5f2e5926..9ef92c551 160000
--- a/components/mbedtls/mbedtls
+++ b/components/mbedtls/mbedtls
@@ -1 +1 @@
-Subproject commit f5f2e5926cd294ae7cb579ff6a12ad9303caeb6e
+Subproject commit 9ef92c551eb8d92677034c3ec8078a8076febf41