mbed TLS v3.1.0
Functions
External random generator

Functions

psa_status_t mbedtls_psa_external_get_random (mbedtls_psa_external_random_context_t *context, uint8_t *output, size_t output_size, size_t *output_length)
 

Detailed Description

Function Documentation

psa_status_t mbedtls_psa_external_get_random ( mbedtls_psa_external_random_context_t context,
uint8_t *  output,
size_t  output_size,
size_t *  output_length 
)

External random generator function, implemented by the platform.

When the compile-time option MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, this function replaces Mbed TLS's entropy and DRBG modules for all random generation triggered via PSA crypto interfaces.

Note
This random generator must deliver random numbers with cryptographic quality and high performance. It must supply unpredictable numbers with a uniform distribution. The implementation of this function is responsible for ensuring that the random generator is seeded with sufficient entropy. If you have a hardware TRNG which is slow or delivers non-uniform output, declare it as an entropy source with mbedtls_entropy_add_source() instead of enabling this option.
Parameters
[in,out]contextPointer to the random generator context. This is all-bits-zero on the first call and preserved between successive calls.
[out]outputOutput buffer. On success, this buffer contains random data with a uniform distribution.
output_sizeThe size of the output buffer in bytes.
[out]output_lengthOn success, set this value to output_size.
Return values
PSA_SUCCESSSuccess. The output buffer contains output_size bytes of cryptographic-quality random data, and *output_length is set to output_size.
PSA_ERROR_INSUFFICIENT_ENTROPYThe random generator requires extra entropy and there is no way to obtain entropy under current environment conditions. This error should not happen under normal circumstances since this function is responsible for obtaining as much entropy as it needs. However implementations of this function may return PSA_ERROR_INSUFFICIENT_ENTROPY if there is no way to obtain entropy without blocking indefinitely.
PSA_ERROR_HARDWARE_FAILUREA failure of the random generator hardware that isn't covered by PSA_ERROR_INSUFFICIENT_ENTROPY.