mbedtls: error on mbedtls_ctr_drbg_seed

Question

I'm using mbedtls to run SSL server. The function mbedtls_ctr_drbg_seed returned -34. My code is below:

const char *pers = "ssl_server2";
  mbedtls_havege_state hs;
  mbedtls_ssl_session ssn;
  mbedtls_entropy_context entropy;
  mbedtls_ctr_drbg_context ctr_drbg;
  // One HTTPS Request Handling
  memset( &ssn, 0, sizeof( mbedtls_ssl_session ) );
  /*
  * 4. Setup stuff
  */
  mbedtls_ssl_init( &ssl );
  mbedtls_ssl_config_init( &conf );
  mbedtls_ctr_drbg_init( &ctr_drbg );
  mbedtls_entropy_init( &entropy );
  printf( "  . Setting up the RNG and SSL data...." );
  if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, sizeof( pers ) ) ) != 0 )
  {
     printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n", -ret );
     goto ExitFunction;
  }
  else
     printf( " mbedtls_ctr_drbg_seed returned 0x%x ok\n", ret );

Answer 1

As @Gilles rightfully said, the error you are receiving is probably -0x34, which is MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED. This error is returned when the function mbedtls_entropy_func() fails. Please check the the entropy source you are using is strong enough, meaning you have at least one entropy source which is strong, when added with mbedtls_entropy_add_source(). You should also verify that the entropy source you are using can collect enough entropy, and exceeds the threshold set to the source.
There are other locations where mbedtls_entropy_func() might fail, therefore I suggest you check these locations as well.