diff options
| author | Kevin Kane <kkane@microsoft.com> | 2016-09-30 17:13:41 -0700 |
|---|---|---|
| committer | Randeep Singh <randeep.s@samsung.com> | 2016-10-12 05:41:46 +0000 |
| commit | efe535c4e9ef643928dc9868637879dd500ab55a (patch) | |
| tree | b04b3680189c0ba532a17943f311c40e51a09ddf | |
| parent | 45b9f4b4dade573f698f307c421c107d6190653f (diff) | |
| download | iotivity-efe535c4e9ef643928dc9868637879dd500ab55a.tar.gz iotivity-efe535c4e9ef643928dc9868637879dd500ab55a.tar.bz2 iotivity-efe535c4e9ef643928dc9868637879dd500ab55a.zip | |
[IOT-1380] Use BCryptGenRandom on Windows
Patch mbedTLS to use BCryptGenRandom on Windows.
Add the mbedtls subtree to .gitignore.
Change-Id: I23367aac194de2531299badc466a0d39e46eda4d
Signed-off-by: Kevin Kane <kkane@microsoft.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/12725
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Dave Thaler <dthaler@microsoft.com>
Reviewed-by: Dmitriy Zhuravlev <d.zhuravlev@samsung.com>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>
Reviewed-by: Greg Zaverucha <gregz@microsoft.com>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>
(cherry picked from commit 881029a89e9e1f5a828fc2d2df705a6d62a93189)
Reviewed-on: https://gerrit.iotivity.org/gerrit/13123
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | extlibs/mbedtls/ocf.patch | 41 |
2 files changed, 42 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore index 03d48b284..015589054 100644 --- a/.gitignore +++ b/.gitignore @@ -116,6 +116,7 @@ build_common/arduino/extlibs/arduino/arduino-1.5.8 extlibs/tinydtls/dtls-client extlibs/tinydtls/dtls-server extlibs/bluez/bluez +extlibs/mbedtls/mbedtls # Ignore editor (e.g. Emacs) backup and autosave files *~ diff --git a/extlibs/mbedtls/ocf.patch b/extlibs/mbedtls/ocf.patch index 1976f89d2..f2801a328 100644 --- a/extlibs/mbedtls/ocf.patch +++ b/extlibs/mbedtls/ocf.patch @@ -132,6 +132,47 @@ index deaaa37..4f10540 100644 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED #endif +diff --git a/library/entropy_poll.c b/library/entropy_poll.c +index a116e60..c022caf 100644 +--- a/library/entropy_poll.c ++++ b/library/entropy_poll.c +@@ -54,28 +54,29 @@ + #define _WIN32_WINNT 0x0400 + #endif + #include <windows.h> +-#include <wincrypt.h> ++#include <bcrypt.h> + + int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, + size_t *olen ) + { +- HCRYPTPROV provider; + ((void) data); + *olen = 0; + +- if( CryptAcquireContext( &provider, NULL, NULL, +- PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE ) ++ /* ++ * size_t may be 64 bits, but ULONG is always 32. ++ * If len is larger than the maximum for ULONG, just fail. ++ * It's unlikely anything ever will want to ask for this much randomness. ++ */ ++ if ( len > 0xFFFFFFFFULL ) + { + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + } + +- if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE ) ++ if ( !BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, (ULONG) len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) ) + { +- CryptReleaseContext( provider, 0 ); + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + } + +- CryptReleaseContext( provider, 0 ); + *olen = len; + + return( 0 ); diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 3546331..74cef29 100644 --- a/library/ssl_ciphersuites.c |