As suggested by @foogod, thanks!
Addresses #3, provided turns out to be an effective HWRNG.
mbedTLS version 2.1.0 (current stable) Has some known issues/hacks: * Entropy source not hooked in at all * Linker script has a messy hack in it to store some (not all) data in irom