Closed annejan closed 5 years ago
Could it be this was done to work around the ESP8266's lack of resources?
No, esp8266 uses axtls (extmod/modussl_axtls.c). The mbedtls module was added independently of esp8266 and can definitely do with improvements.
If so would you be open to a PR changing this for the ESP32?
It would be great to fix this in the main upstream uPy repo. I don't know if it's best to use the provided mbedtls_entropy_func (which seems complex and uses a SHA algo to generate entropy), or a custom function that returns hardware RNG.
Upstream commit https://github.com/micropython/micropython/commit/ea22406f7661edcce88defb9d20517ec967a5a9f enabled a proper entropy function.
The random function returning 0 https://github.com/micropython/micropython-esp32/blob/esp32/extmod/modussl_mbedtls.c#L74 And the random seed starting with "upy" https://github.com/micropython/micropython-esp32/blob/esp32/extmod/modussl_mbedtls.c#L123 Makes me feel this is not very random / cryptographically sound.
Could it be this was done to work around the ESP8266's lack of resources? If so would you be open to a PR changing this for the ESP32?
I completely get not including hundreds of root CA's etc, and not validating certificates, but the above seems more of a risk factor than that posed by a MitM . .
Since mbedtls uses a Counter mode Deterministic Random Byte Generator which is currently always seeded with "upy" and has no source of randomness.