Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[QUESTION] SSL connect error : Failed - mbedTLS: ctr_drbg_init returned (-0x0034) CTR_DRBG - The entropy source failed #450

Open
RTL8710 opened this issue May 23, 2024 · 3 comments
Open

[QUESTION] SSL connect error : Failed - mbedTLS: ctr_drbg_init returned (-0x0034) CTR_DRBG - The entropy source failed #450

RTL8710 opened this issue May 23, 2024 · 3 comments
Assignees
@hassanctech
Labels
question Further information is requested

Comments

@RTL8710
Copy link

RTL8710 commented May 23, 2024

running error:

** Logging **
2024-05-22 18:43:10.263 ERROR blockingCurlCall(): Curl perform failed for url https://cah7l82f9wtsm.credentials.iot.us-east-2.amazonaws.com/role-aliases/ipcamera_event_rule_alias/credentials with result SSL connect error : Failed - mbedTLS: ctr_drbg_init returned (-0x0034) CTR_DRBG - The entropy source failed

Failed with status 0x16000001
@RTL8710 RTL8710 added the question Further information is requested label May 23, 2024
@RTL8710 RTL8710 changed the title [QUESTION] [QUESTION]Curl perform failed for url https://cah7l82f9wtsm.credentials.iot.us-east-2.amazonaws.com/role-aliases/ipcamera_event_rule_alias/credentials with result SSL connect error : Failed - mbedTLS: ctr_drbg_init returned (-0x0034) CTR_DRBG - The entropy source failed May 23, 2024
@RTL8710 RTL8710 changed the title [QUESTION]Curl perform failed for url https://cah7l82f9wtsm.credentials.iot.us-east-2.amazonaws.com/role-aliases/ipcamera_event_rule_alias/credentials with result SSL connect error : Failed - mbedTLS: ctr_drbg_init returned (-0x0034) CTR_DRBG - The entropy source failed [QUESTION] SSL connect error : Failed - mbedTLS: ctr_drbg_init returned (-0x0034) CTR_DRBG - The entropy source failed May 23, 2024
@hassanctech hassanctech self-assigned this May 24, 2024
@hassanctech
Copy link
Contributor

What platform and OS are you on?

@RTL8710
Copy link
Author

RTL8710 commented Jun 3, 2024

mips platform
linux os

@disa6302
Copy link
Contributor

@RTL8710 ,

Some context:
CTR_DRBG is a deterministic random bit generator based on the AES block cipher operating in counter mode.
Entropy Source provides the randomness needed for cryptographic operations. Insecure or insufficient entropy can compromise security.

I think mbedtls uses /dev/urandom or /dev/random to gather the entropy. So could you run the following and report what happens?

  1. ls -l /dev/urandom and ls -l /dev/random
  2. cat /proc/sys/kernel/random/entropy_avail -> does this report anything?

You could also try to follow the instructions here: https://github.com/awslabs/amazon-kinesis-video-streams-webrtc-sdk-c?tab=readme-ov-file#provide-hardware-entropy-source. This SDK does not have a custom config file for mbedtls and use the mbedtls default provided, but that is something you can try to set up? For your reference, check this config file in WebRTC C SDK: https://github.com/awslabs/amazon-kinesis-video-streams-webrtc-sdk-c/blob/master/configs/config_mbedtls.h

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hassanctech hassanctech

Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hassanctech @RTL8710 @disa6302