From 1ceab6e43ae01054ba1c0c7c031e89453ee1a0d6 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Tue, 21 Jun 2016 10:14:00 +0100 Subject: [PATCH] Adds a check and warning for the null entropy option If the option MBEDTLS_TEST_NULL_ENTROPY is enabled, the cmake generated makefile will generate an error unless a UNSAFE_BUILD switch is also enabled. Equally, a similar warning will always be generated if the Makefile is built, and another warning is generated on every compilation of entropy.c. This is to ensure the user is aware of what they're doing when they enable the null entropy option. --- CMakeLists.txt | 30 ++++++++++++++++++++++++++++++ Makefile | 16 +++++++++++++++- library/entropy.c | 6 +++--- 3 files changed, 48 insertions(+), 4 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 094d9069b..7ae33ccb6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -6,6 +6,7 @@ option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) +option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) # the test suites currently have compile errors with MSVC if(MSVC) @@ -14,6 +15,35 @@ else() option(ENABLE_TESTING "Build mbed TLS tests." ON) endif() +find_package(Perl) +if(PERL_FOUND) + + # If NULL Entropy is configured, display an appropriate warning + execute_process(COMMAND ${PERL_EXECUTABLE} scripts/config.pl get MBEDTLS_TEST_NULL_ENTROPY + RESULT_VARIABLE result) + if(${result} EQUAL 0) + message(WARNING "\ + ******************************************************* + **** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! + **** THIS BUILD HAS NO DEFINED ENTROPY SOURCES + **** AND IS *NOT* SUITABLE FOR PRODUCTION USE + *******************************************************") + if(NOT UNSAFE_BUILD) + message(FATAL_ERROR "\ +\n\ +Warning! You have enabled MBEDTLS_TEST_NULL_ENTROPY. \ +This option is not safe for production use and negates all security \ +It is intended for development use only. \ +\n\ +To confirm you want to build with this option, re-run cmake with the \ +option: \n\ + cmake -DUNSAFE_BUILD=ON ") + + return() + endif() + endif() +endif() + set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE} CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull" FORCE) diff --git a/Makefile b/Makefile index 7f03115b0..128362774 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ PREFIX=mbedtls_ .PHONY: all no_test programs lib tests install uninstall clean test check covtest lcov apidoc apidoc_clean -all: programs tests +all: programs tests post_build no_test: programs @@ -53,6 +53,20 @@ uninstall: done endif +WARNING_BORDER =*******************************************************\n +NULL_ENTROPY_WARN_L1=**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! ****\n +NULL_ENTROPY_WARN_L2=**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES ****\n +NULL_ENTROPY_WARN_L3=**** AND IS *NOT* SUITABLE FOR PRODUCTION USE ****\n + +NULL_ENTROPY_WARNING=\n$(WARNING_BORDER)$(NULL_ENTROPY_WARN_L1)$(NULL_ENTROPY_WARN_L2)$(NULL_ENTROPY_WARN_L3)$(WARNING_BORDER) + +# Post build steps +post_build: + # If NULL Entropy is configured, display an appropriate warning + -scripts/config.pl get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \ + echo '$(NULL_ENTROPY_WARNING)' + + clean: $(MAKE) -C library clean $(MAKE) -C programs clean diff --git a/library/entropy.c b/library/entropy.c index 282640f2d..45c894b1d 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -28,9 +28,9 @@ #if defined(MBEDTLS_ENTROPY_C) #if defined(MBEDTLS_TEST_NULL_ENTROPY) -#warning "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! ****" -#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES ****" -#warning "**** NOT SUITABLE FOR PRODUCTION ****" +#warning "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! " +#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES " +#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE " #endif #include "mbedtls/entropy.h"