From b422cab052b51ec84758638d6783d6ba4fc60613 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 1 Dec 2023 16:18:10 +0800
Subject: [PATCH] tls: check RNG in ssl_conf_check when calling
 mbedtls_ssl_setup

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 library/ssl_tls.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6678b7133a..28be8a6fba 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1355,6 +1355,11 @@ static int ssl_conf_check(const mbedtls_ssl_context *ssl)
     }
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
+    if (ssl->conf->f_rng == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
+        return MBEDTLS_ERR_SSL_NO_RNG;
+    }
+
     /* Space for further checks */
 
     return 0;