commit 803886d307057a945476aceaf009a98a26af0f51
author Soby Mathew <soby.mathew@arm.com> Mon Aug 10 12:18:03 2020 +0100
committer Soby Mathew <soby.mathew@arm.com> Tue Sep 08 12:16:54 2020 +0100
tree ae480c33ad850f252cbd49a2594024cfdd26abb9
parent 7329d7e9991db8e0389b9d829c2411f428c2ffa1

Crypto: Highlight unsafe NULL entropy more explicitly

The MBEDTLS_TEST_NULL_ENTROPY is only to used for test purposes and
production platforms must use a hardware entropy source for stronger
cryptographic security. Although there is a build warning message
from MbedCrypto regarding this, this patch makes this more explicit
by adding a runtime message and clarifying the integration guide.

Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I773a3c509dafdd5ffcd46ae5227acbc84aa81129

docs/reference/services/tfm_crypto_integration_guide.rst

diff --git a/docs/reference/services/tfm_crypto_integration_guide.rst b/docs/reference/services/tfm_crypto_integration_guide.rst
index 4065930..6eaa5e0 100644
--- a/docs/reference/services/tfm_crypto_integration_guide.rst
+++ b/docs/reference/services/tfm_crypto_integration_guide.rst
@@ -63,6 +63,27 @@
   Mbed Crypto functions. Decryption code is skipped in AES CCM mode in Profile
   Small by default.
 
+****************************
+Crypto Backend configuration
+****************************
+
+The Crypto service can use either a hardware crypto accelerator backend like
+CC-312 or a software crypto library which by default is MbedTLS. If using
+MbedTLS as backend, then the library configuration is supplied using the
+MBEDTLS_CONFIG_FILE header option. TF-M Crypto provides a default
+configuration header ``tfm_mbedcrypto_config.h`` and this can be overridden
+based on TF-M configuration or platform. Platforms can also use
+``MBEDTLS_USER_CONFIG_FILE`` to override specific options from default.
+
+.. Note::
+
+    The default entropy source configured for MbedTLS is
+    MBEDTLS_TEST_NULL_ENTROPY and this does not provide randomness
+    for production devices. It is must for production devices to select
+    either a hardware entropy source via MBEDTLS_ENTROPY_HARDWARE_ALT or
+    provision a unique seed for the device during production and use
+    MBEDTLS_ENTROPY_NV_SEED option.
+
 **************************
 Crypto service integration
 **************************

secure_fw/partitions/crypto/crypto_init.c

diff --git a/secure_fw/partitions/crypto/crypto_init.c b/secure_fw/partitions/crypto/crypto_init.c
index f706395..265fcfb 100644
--- a/secure_fw/partitions/crypto/crypto_init.c
+++ b/secure_fw/partitions/crypto/crypto_init.c
@@ -9,6 +9,7 @@
 
 #include "tfm_crypto_api.h"
 #include "tfm_crypto_defs.h"
+#include "log/tfm_log.h"
 
 /*
  * \brief This Mbed TLS include is needed to initialise the memory allocator
@@ -279,6 +280,11 @@
 
 static psa_status_t tfm_crypto_engine_init(void)
 {
+    /* Log unsafe entropy source */
+#if defined (MBEDTLS_TEST_NULL_ENTROPY)
+    LOG_MSG("\033[1;34m[Crypto] MBEDTLS_TEST_NULL_ENTROPY is not suitable for production!\033[0m\r\n");
+#endif
+
     /* Initialise the Mbed Crypto memory allocator to use static
      * memory allocation from the provided buffer instead of using
      * the heap