From 53de78444c657a7bfc374cbdb991567cbade8d0c Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Wed, 8 Jun 2016 15:29:18 +0100
Subject: [PATCH] Add entropy safety switch.

Add a switch that turns entropy collecting off entirely, but enables
mbed TLS to run in an entirely unsafe mode. Enables to test mbed TLS
on platforms that don't have their entropy sources integrated yet.
---
 include/mbedtls/check_config.h | 11 +++++++++++
 include/mbedtls/config.h       | 23 +++++++++++++++++++++++
 include/mbedtls/entropy_poll.h |  8 ++++++++
 library/entropy.c              |  5 +++++
 library/entropy_poll.c         | 16 ++++++++++++++++
 scripts/config.pl              |  2 ++
 6 files changed, 65 insertions(+)

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index d31555df7c..407cd571ae 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -130,6 +130,17 @@
 #error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_TEST_WO_ENTROPY)
+#warning "MBEDTLS_TEST_WO_ENTROPY defined, this build provides no security!"
+#if !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+#error "MBEDTLS_TEST_WO_ENTROPY defined, but not all prerequisites"
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
+    defined(MBEDTLS_HAVEGE_C)
+#error "MBEDTLS_TEST_WO_ENTROPY defined, but entropy sources too"
+#endif
+#endif
+
 #if defined(MBEDTLS_GCM_C) && (                                        \
         !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) )
 #error "MBEDTLS_GCM_C defined, but not all prerequisites"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 0efee04545..c42b88d74f 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -278,6 +278,29 @@
 //#define MBEDTLS_AES_ENCRYPT_ALT
 //#define MBEDTLS_AES_DECRYPT_ALT
 
+/**
+ * \def MBEDTLS_TEST_WO_ENTROPY
+ *
+ * Enable testing mbed TLS without access to any entropy. This enables testing
+ * the library before the platforms entropy sources are integrated (, see for
+ * example the MBEDTLS_ENTROPY_HARDWARE_ALT or the MBEDTLS_ENTROPY_NV_SEED
+ * switch).
+ *
+ * WARNING! This switch is extremely DANGEROUS, don't use it in production code
+ * under any circumstances. This switch nullifies any security provided by the
+ * library.
+ */
+//#define MBEDTLS_TEST_WO_ENTROPY
+
+
+/**
+ * \def MBEDTLS_ENTROPY_NV_SEED
+ *
+ * Strong software entropy source. It is not yet implemented,
+ * adding it because it is mutually exclusive with MBEDTLS_TEST_WO_ENTROPY.
+ */
+//#define MBEDTLS_ENTROPY_NV_SEED
+
 /**
  * \def MBEDTLS_ENTROPY_HARDWARE_ALT
  *
diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h
index dc11911341..3fcfef269b 100644
--- a/include/mbedtls/entropy_poll.h
+++ b/include/mbedtls/entropy_poll.h
@@ -43,6 +43,14 @@ extern "C" {
 #define MBEDTLS_ENTROPY_MIN_HARDCLOCK     4     /**< Minimum for mbedtls_timing_hardclock()        */
 #define MBEDTLS_ENTROPY_MIN_HARDWARE     32     /**< Minimum for the hardware source */
 
+/**
+ * \brief           Entropy poll callback that provides 0 entropy.
+ */
+#if defined(MBEDTLS_TEST_WO_ENTROPY)
+    int mbedtls_zero_entropy_poll( void *data,
+                                unsigned char *output, size_t len, size_t *olen );
+#endif
+
 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
 /**
  * \brief           Platform-specific entropy poll callback
diff --git a/library/entropy.c b/library/entropy.c
index cdbd35c34e..381f730946 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -73,6 +73,11 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
     mbedtls_havege_init( &ctx->havege_data );
 #endif
 
+#if defined(MBEDTLS_TEST_WO_ENTROPY)
+    mbedtls_entropy_add_source( ctx, mbedtls_zero_entropy_poll, NULL,
+                                1, MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+
 #if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
     mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index e2f45c78a5..79efb87e9d 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -188,6 +188,22 @@ int mbedtls_platform_entropy_poll( void *data,
 #endif /* _WIN32 && !EFIX64 && !EFI32 */
 #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
 
+#if defined(MBEDTLS_TEST_WO_ENTROPY)
+int mbedtls_zero_entropy_poll( void *data,
+                    unsigned char *output, size_t len, size_t *olen )
+{
+    ((void) data);
+    *olen = 0;
+
+    if( len < sizeof(unsigned char) )
+        return( 0 );
+
+    *olen = sizeof(unsigned char);
+
+    return( 0 );
+}
+#endif
+
 #if defined(MBEDTLS_TIMING_C)
 int mbedtls_hardclock_poll( void *data,
                     unsigned char *output, size_t len, size_t *olen )
diff --git a/scripts/config.pl b/scripts/config.pl
index a6dcfe7d7f..ea7782108c 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -18,6 +18,7 @@
 #
 # Things that shouldn't be enabled with "full".
 #
+#   MBEDTLS_TEST_WO_ENTROPY
 #   MBEDTLS_DEPRECATED_REMOVED
 #   MBEDTLS_HAVE_SSE2
 #   MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
@@ -69,6 +70,7 @@ Options
 EOU
 
 my @excluded = qw(
+MBEDTLS_TEST_WO_ENTROPY
 MBEDTLS_DEPRECATED_REMOVED
 MBEDTLS_HAVE_SSE2
 MBEDTLS_PLATFORM_NO_STD_FUNCTIONS