fix(mbedtls): Addressed comments on PR15679

components/mbedtls/port/esp_hardware.c

@@ -9,7 +9,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include "esp_random.h"
-#include "mbedtls/esp_random.h"
+#include "mbedtls/esp_mbedtls_random.h"
 
 #include <entropy_poll.h>
 
@@ -27,6 +27,7 @@ int mbedtls_hardware_poll( void *data,
 
 int mbedtls_esp_random(void *ctx, unsigned char *buf, size_t len)
 {
+    (void) ctx; // unused
     esp_fill_random(buf, len);
     return 0;
 }

components/mbedtls/port/include/mbedtls/esp_mbedtls_random.h

@@ -0,0 +1,32 @@
+/*
+ * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#pragma once
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief MbedTLS-compatible RNG function
+ *
+ * @note Suitable for passing as f_rng to various MbedTLS APIs that require it.
+ *       It uses esp_fill_random internally, and the caller must ensure that the
+ *       entropy sources of the RNG peripheral are enabled correctly. See the RNG
+ *       chapter in the TRM for more details.
+ *
+ * @param ctx User-supplied context
+ * @param buf Pointer to a buffer to fill with random numbers
+ * @param len Length of the buffer in bytes
+ *
+ * @return 0 on success
+ */
+int mbedtls_esp_random(void *ctx, unsigned char *buf, size_t len);
+
+#ifdef __cplusplus
+}
+#endif

components/mbedtls/port/include/mbedtls/esp_random.h

@@ -1,29 +0,0 @@
-/*
- * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
- *
- * SPDX-License-Identifier: Apache-2.0
- */
-#pragma once
-
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * @brief MbedTLS-compatible RNG function
- *
- * @note Suitable for passing as f_rng to various Mbed-TLS APIs that require it.
- *
- * @param ctx User-supplied context
- * @param buf Pointer to buffer to fill with random numbers.
- * @param len Length of buffer in bytes
- *
- * @return 0 (success)
- */
-int mbedtls_esp_random(void *ctx, unsigned char *buf, size_t len);
-
-#ifdef __cplusplus
-}
-#endif

components/mbedtls/test_apps/main/test_ds_sign_and_decrypt.c

@@ -21,7 +21,7 @@ static heap_trace_record_t trace_record[NUM_RECORDS]; // This buffer must be in
 #include "esp_ds.h"
 #include "esp_ds/esp_ds_rsa.h"
 
-int mbedtls_esp_random(void *ctx, unsigned char *output, size_t len)
+static int mbedtls_esp_random(void *ctx, unsigned char *output, size_t len)
 {
     if (len == 0 || output == NULL) {
         return -1;

components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-bignum.c

@@ -7,7 +7,7 @@
 #ifdef ESP_PLATFORM
 #include "esp_system.h"
 #include "mbedtls/bignum.h"
-#include "mbedtls/esp_random.h"
+#include "mbedtls/esp_mbedtls_random.h"
 #endif
 
 #include "utils/includes.h"

components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-ec.c

@@ -7,7 +7,7 @@
 #ifdef ESP_PLATFORM
 #include "esp_system.h"
 #include "mbedtls/bignum.h"
-#include "mbedtls/esp_random.h"
+#include "mbedtls/esp_mbedtls_random.h"
 #endif
 
 #include "utils/includes.h"

components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-rsa.c

@@ -6,7 +6,7 @@
 
 #ifdef ESP_PLATFORM
 #include "mbedtls/bignum.h"
-#include "mbedtls/esp_random.h"
+#include "mbedtls/esp_mbedtls_random.h"
 #endif
 
 #include "utils/includes.h"

components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c

@@ -13,7 +13,7 @@
 #include "crypto/sha256.h"
 #include "crypto/sha384.h"
 
-#include "mbedtls/esp_random.h"
+#include "mbedtls/esp_mbedtls_random.h"
 
 /* TODO: Remove this once the appropriate solution is found
  *