[QUESTION] SSL connect error : Failed - mbedTLS: ctr_drbg_init returned (-0x0034) CTR_DRBG - The entropy source failed

[RTL8710]

trafficstars

running error：

** Logging ** 2024-05-22 18:43:10.263 ERROR blockingCurlCall(): Curl perform failed for url https://cah7l82f9wtsm.credentials.iot.us-east-2.amazonaws.com/role-aliases/ipcamera_event_rule_alias/credentials with result SSL connect error : Failed - mbedTLS: ctr_drbg_init returned (-0x0034) CTR_DRBG - The entropy source failed

Failed with status 0x16000001

[hassanctech]

What platform and OS are you on?

[RTL8710]

mips platform linux os

[disa6302]

@RTL8710 ,

Some context: CTR_DRBG is a deterministic random bit generator based on the AES block cipher operating in counter mode. Entropy Source provides the randomness needed for cryptographic operations. Insecure or insufficient entropy can compromise security.

I think mbedtls uses /dev/urandom or /dev/random to gather the entropy. So could you run the following and report what happens?

1. ls -l /dev/urandom and ls -l /dev/random
2. cat /proc/sys/kernel/random/entropy_avail -> does this report anything?

You could also try to follow the instructions here: https://github.com/awslabs/amazon-kinesis-video-streams-webrtc-sdk-c?tab=readme-ov-file#provide-hardware-entropy-source. This SDK does not have a custom config file for mbedtls and use the mbedtls default provided, but that is something you can try to set up? For your reference, check this config file in WebRTC C SDK: https://github.com/awslabs/amazon-kinesis-video-streams-webrtc-sdk-c/blob/master/configs/config_mbedtls.h

[niyatim23]

Closing due to staleness. Feel free to reopen if the issue persists