I’m sorry for the the dumb questions, but I haven’t any knowledge on this argument.
My embedded platform doesn’t have a true entropy source. I think the best I can do is using non-volatile memory as the entropy source.
The application needs random numbers for several things: TCP/IP lwip stack (DNS, DHCP, local TCP port, …), TLS connection, another module that lets a user to pair securily to the device.
Now my first question. Must the entropy (I mean the entropy context) be unique in all the application and shared among all the modules that need random numbers? What are the drawbacks to have two entropy contexts?
altcp_tls_mbedtls is an adaptation layer between lwip TCP/IP stack and mbedTLS libraries. This layer defines and manages already an entropy and a crt_dbrg context. In order to have a single entropy in the application, I have to patch this lwip module.
The second question is about crt_dbrg context to generate random numbers. Is it possible to have multiple random generators in the application that share the same entropy context? Is it better to have a single generator for the application?