Merge pull request #4450 from mstarzyk-mobica/remove_null_entropy
Remove MBEDTLS_TEST_NULL_ENTROPY config option.
This commit is contained in:
commit
729fa5be88
16 changed files with 21 additions and 149 deletions
|
@ -56,17 +56,6 @@ else()
|
|||
endif()
|
||||
|
||||
# Warning string - created as a list for compatibility with CMake 2.8
|
||||
set(WARNING_BORDER "*******************************************************\n")
|
||||
set(NULL_ENTROPY_WARN_L1 "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined!\n")
|
||||
set(NULL_ENTROPY_WARN_L2 "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES\n")
|
||||
set(NULL_ENTROPY_WARN_L3 "**** AND IS *NOT* SUITABLE FOR PRODUCTION USE\n")
|
||||
|
||||
set(NULL_ENTROPY_WARNING "${WARNING_BORDER}"
|
||||
"${NULL_ENTROPY_WARN_L1}"
|
||||
"${NULL_ENTROPY_WARN_L2}"
|
||||
"${NULL_ENTROPY_WARN_L3}"
|
||||
"${WARNING_BORDER}")
|
||||
|
||||
set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
|
||||
set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n")
|
||||
set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n")
|
||||
|
@ -99,26 +88,6 @@ if(MBEDTLS_PYTHON_EXECUTABLE)
|
|||
message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
|
||||
endif()
|
||||
|
||||
# If NULL Entropy is configured, display an appropriate warning
|
||||
execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY
|
||||
RESULT_VARIABLE result)
|
||||
if(${result} EQUAL 0)
|
||||
message(WARNING ${NULL_ENTROPY_WARNING})
|
||||
|
||||
if(NOT UNSAFE_BUILD)
|
||||
message(FATAL_ERROR "\
|
||||
\n\
|
||||
Warning! You have enabled MBEDTLS_TEST_NULL_ENTROPY. \
|
||||
This option is not safe for production use and negates all security \
|
||||
It is intended for development use only. \
|
||||
\n\
|
||||
To confirm you want to build with this option, re-run cmake with the \
|
||||
option: \n\
|
||||
cmake -DUNSAFE_BUILD=ON ")
|
||||
|
||||
return()
|
||||
endif()
|
||||
endif()
|
||||
endif()
|
||||
|
||||
# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
|
||||
|
|
2
ChangeLog.d/remove_null_entropy.txt
Normal file
2
ChangeLog.d/remove_null_entropy.txt
Normal file
|
@ -0,0 +1,2 @@
|
|||
API changes
|
||||
* Remove the MBEDTLS_TEST_NULL_ENTROPY config option. Fixes #4388.
|
9
Makefile
9
Makefile
|
@ -59,12 +59,6 @@ uninstall:
|
|||
done
|
||||
endif
|
||||
|
||||
WARNING_BORDER =*******************************************************\n
|
||||
NULL_ENTROPY_WARN_L1=**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! ****\n
|
||||
NULL_ENTROPY_WARN_L2=**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES ****\n
|
||||
NULL_ENTROPY_WARN_L3=**** AND IS *NOT* SUITABLE FOR PRODUCTION USE ****\n
|
||||
|
||||
NULL_ENTROPY_WARNING=\n$(WARNING_BORDER)$(NULL_ENTROPY_WARN_L1)$(NULL_ENTROPY_WARN_L2)$(NULL_ENTROPY_WARN_L3)$(WARNING_BORDER)
|
||||
|
||||
WARNING_BORDER_LONG =**********************************************************************************\n
|
||||
CTR_DRBG_128_BIT_KEY_WARN_L1=**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined! ****\n
|
||||
|
@ -81,9 +75,6 @@ ifndef WINDOWS
|
|||
-scripts/config.py get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \
|
||||
echo '$(CTR_DRBG_128_BIT_KEY_WARNING)'
|
||||
|
||||
# If NULL Entropy is configured, display an appropriate warning
|
||||
-scripts/config.py get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \
|
||||
echo '$(NULL_ENTROPY_WARNING)'
|
||||
endif
|
||||
|
||||
clean:
|
||||
|
|
11
docs/3.0-migration-guide.d/remove-null-entropy.md
Normal file
11
docs/3.0-migration-guide.d/remove-null-entropy.md
Normal file
|
@ -0,0 +1,11 @@
|
|||
Remove the option to build the library without any entropy sources
|
||||
------------------------------------------------------------------
|
||||
|
||||
This does not affect users who use the default `config.h`, as this option was
|
||||
already off by default.
|
||||
|
||||
If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option and your platform
|
||||
doesn't have any entropy source, you should use `MBEDTLS_ENTROPY_NV_SEED`
|
||||
and make sure your device is provisioned with a strong random seed.
|
||||
Alternatively, for testing purposes only, you can create and register a fake
|
||||
entropy function.
|
|
@ -201,15 +201,6 @@
|
|||
#endif
|
||||
#undef MBEDTLS_HAS_MEMSAN
|
||||
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \
|
||||
( !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) )
|
||||
#error "MBEDTLS_TEST_NULL_ENTROPY defined, but not all prerequisites"
|
||||
#endif
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \
|
||||
( defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT) )
|
||||
#error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_GCM_C) && ( \
|
||||
!defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
|
||||
#error "MBEDTLS_GCM_C defined, but not all prerequisites"
|
||||
|
|
|
@ -527,23 +527,6 @@
|
|||
//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
|
||||
//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_TEST_NULL_ENTROPY
|
||||
*
|
||||
* Enables testing and use of mbed TLS without any configured entropy sources.
|
||||
* This permits use of the library on platforms before an entropy source has
|
||||
* been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
|
||||
* MBEDTLS_ENTROPY_NV_SEED switches).
|
||||
*
|
||||
* WARNING! This switch MUST be disabled in production builds, and is suitable
|
||||
* only for development.
|
||||
* Enabling the switch negates any security provided by the library.
|
||||
*
|
||||
* Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
|
||||
*
|
||||
*/
|
||||
//#define MBEDTLS_TEST_NULL_ENTROPY
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_ENTROPY_HARDWARE_ALT
|
||||
*
|
||||
|
|
|
@ -21,12 +21,6 @@
|
|||
|
||||
#if defined(MBEDTLS_ENTROPY_C)
|
||||
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
#warning "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! "
|
||||
#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES "
|
||||
#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE "
|
||||
#endif
|
||||
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "entropy_poll.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
@ -73,11 +67,6 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
|
|||
/* Reminder: Update ENTROPY_HAVE_STRONG in the test files
|
||||
* when adding more strong entropy sources here. */
|
||||
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
|
||||
1, MBEDTLS_ENTROPY_SOURCE_STRONG );
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
|
||||
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
|
||||
mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
|
||||
|
@ -524,7 +513,6 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
|
|||
#endif /* MBEDTLS_FS_IO */
|
||||
|
||||
#if defined(MBEDTLS_SELF_TEST)
|
||||
#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
/*
|
||||
* Dummy source function
|
||||
*/
|
||||
|
@ -538,7 +526,6 @@ static int entropy_dummy_source( void *data, unsigned char *output,
|
|||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
|
||||
|
||||
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
||||
|
||||
|
@ -646,17 +633,14 @@ cleanup:
|
|||
int mbedtls_entropy_self_test( int verbose )
|
||||
{
|
||||
int ret = 1;
|
||||
#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
mbedtls_entropy_context ctx;
|
||||
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
||||
unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
||||
size_t i, j;
|
||||
#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
|
||||
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( " ENTROPY test: " );
|
||||
|
||||
#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
mbedtls_entropy_init( &ctx );
|
||||
|
||||
/* First do a gather to make sure we have default sources */
|
||||
|
@ -704,7 +688,6 @@ int mbedtls_entropy_self_test( int verbose )
|
|||
|
||||
cleanup:
|
||||
mbedtls_entropy_free( &ctx );
|
||||
#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
|
||||
|
||||
if( verbose != 0 )
|
||||
{
|
||||
|
|
|
@ -211,23 +211,6 @@ int mbedtls_platform_entropy_poll( void *data,
|
|||
#endif /* _WIN32 && !EFIX64 && !EFI32 */
|
||||
#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
|
||||
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
int mbedtls_null_entropy_poll( void *data,
|
||||
unsigned char *output, size_t len, size_t *olen )
|
||||
{
|
||||
((void) data);
|
||||
((void) output);
|
||||
|
||||
*olen = 0;
|
||||
if( len < sizeof(unsigned char) )
|
||||
return( 0 );
|
||||
|
||||
output[0] = 0;
|
||||
*olen = sizeof(unsigned char);
|
||||
return( 0 );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_TIMING_C)
|
||||
int mbedtls_hardclock_poll( void *data,
|
||||
unsigned char *output, size_t len, size_t *olen )
|
||||
|
|
|
@ -43,14 +43,6 @@ extern "C" {
|
|||
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Entropy poll callback that provides 0 entropy.
|
||||
*/
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
int mbedtls_null_entropy_poll( void *data,
|
||||
unsigned char *output, size_t len, size_t *olen );
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
|
||||
/**
|
||||
* \brief Platform-specific entropy poll callback
|
||||
|
|
|
@ -252,9 +252,6 @@ static const char * const features[] = {
|
|||
#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
|
||||
"MBEDTLS_ECP_NORMALIZE_MXZ_ALT",
|
||||
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
"MBEDTLS_TEST_NULL_ENTROPY",
|
||||
#endif /* MBEDTLS_TEST_NULL_ENTROPY */
|
||||
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
||||
"MBEDTLS_ENTROPY_HARDWARE_ALT",
|
||||
#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
|
||||
|
|
|
@ -723,14 +723,6 @@ int query_config( const char *config )
|
|||
}
|
||||
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
|
||||
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY)
|
||||
if( strcmp( "MBEDTLS_TEST_NULL_ENTROPY", config ) == 0 )
|
||||
{
|
||||
MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_NULL_ENTROPY );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_TEST_NULL_ENTROPY */
|
||||
|
||||
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
||||
if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 )
|
||||
{
|
||||
|
|
|
@ -194,7 +194,6 @@ EXCLUDE_FROM_FULL = frozenset([
|
|||
'MBEDTLS_SHA512_NO_SHA384', # removes a feature
|
||||
'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan)
|
||||
'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers)
|
||||
'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature
|
||||
'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS
|
||||
'MBEDTLS_X509_REMOVE_INFO', # removes a feature
|
||||
])
|
||||
|
|
|
@ -2074,21 +2074,6 @@ component_test_when_no_ciphersuites_have_mac () {
|
|||
if_build_succeeded tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM'
|
||||
}
|
||||
|
||||
component_test_null_entropy () {
|
||||
msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
|
||||
scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY
|
||||
scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
|
||||
scripts/config.py set MBEDTLS_ENTROPY_C
|
||||
scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
|
||||
scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT
|
||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON .
|
||||
make
|
||||
|
||||
msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)"
|
||||
make test
|
||||
}
|
||||
|
||||
component_test_no_date_time () {
|
||||
msg "build: default config without MBEDTLS_HAVE_TIME_DATE"
|
||||
scripts/config.py unset MBEDTLS_HAVE_TIME_DATE
|
||||
|
|
|
@ -87,11 +87,10 @@ jmp_buf jmp_tmp;
|
|||
|
||||
/* Indicates whether we expect mbedtls_entropy_init
|
||||
* to initialize some strong entropy source. */
|
||||
#if defined(MBEDTLS_TEST_NULL_ENTROPY) || \
|
||||
( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
|
||||
#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
|
||||
( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \
|
||||
defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
|
||||
defined(ENTROPY_NV_SEED) ) )
|
||||
defined(ENTROPY_NV_SEED) )
|
||||
#define ENTROPY_HAVE_STRONG
|
||||
#endif
|
||||
|
||||
|
|
|
@ -83,9 +83,4 @@ Check NV seed manually #3
|
|||
entropy_nv_seed:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
|
||||
|
||||
Entropy self test
|
||||
depends_on:!MBEDTLS_TEST_NULL_ENTROPY
|
||||
entropy_selftest:0
|
||||
|
||||
Entropy self test (MBEDTLS_TEST_NULL_ENTROPY)
|
||||
depends_on:MBEDTLS_TEST_NULL_ENTROPY
|
||||
entropy_selftest:1
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_CTR_DRBG_C */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
|
||||
void random_twice_with_ctr_drbg( )
|
||||
{
|
||||
mbedtls_entropy_context entropy;
|
||||
|
@ -57,7 +57,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_HMAC_DRBG_C */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */
|
||||
void random_twice_with_hmac_drbg( int md_type )
|
||||
{
|
||||
mbedtls_entropy_context entropy;
|
||||
|
@ -97,7 +97,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
||||
void random_twice_with_psa_from_classic( )
|
||||
{
|
||||
unsigned char output1[OUTPUT_SIZE];
|
||||
|
@ -123,7 +123,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
||||
void random_twice_with_psa_from_psa( )
|
||||
{
|
||||
unsigned char output1[OUTPUT_SIZE];
|
||||
|
|
Loading…
Reference in a new issue