Mbed TLS is now part of TrustedFirmware.org.

How to generate an AES key - is example wrong?


Jan 9, 2016 08:32
Ivan

example - https://tls.mbed.org/kb/how-to/generate-an-aes-key

mbedtls_entropy_init( &entropy );
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
    (unsigned char *) pers, strlen( pers ) ) ) != 0 )
{
    printf( " failed\n ! mbedtls_ctr_drbg_init returned -0x%04x\n", -ret );
    goto exit;
}

if( ( ret = mbedtls_ctr_drbg_random( &ctr_drbg, key, 32 ) ) != 0 )
{
    printf( " failed\n ! mbedtls_ctr_drbg_random returned -0x%04x\n", -ret );
    goto exit;
}

mbedtls_ctr_drbg_init - function does not take 5 arguments and return void! (void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx))

should i do it this way: mbedtls_ctr_drbg_init( &ctr_drbg) without mbedtls_entropy_init( &entropy )?

 
Feb 8, 2017 16:16
Fred

I just encountered this issue myself. It looks like the page is outdated, having read the documentation, it looks like you need to first call:

mbedtls_ctr_drbg_init(&ctr_drbg);

Which just memsets it to 0 and initialises a mutex if pthreads is enabled, then you should:

mbedtls_ctr_drbg_seed(&ctr_drbg, ...);

With those 5 arguments.