pw_tls_client: Add fake entropy backend
Add a default fake entropy for demo and test purpose.
Change-Id: Icfa4d91cfbdb5590d980656792793755803a0c4c
Reviewed-on: https://pigweed-review.googlesource.com/c/pigweed/pigweed/+/51402
Commit-Queue: Rob Mohr <mohrr@google.com>
Pigweed-Auto-Submit: Rob Mohr <mohrr@google.com>
Reviewed-by: Ali Zhang <alizhang@google.com>
diff --git a/pw_tls_client/BUILD b/pw_tls_client/BUILD
index d688cdc..28d7d3d 100644
--- a/pw_tls_client/BUILD
+++ b/pw_tls_client/BUILD
@@ -48,7 +48,7 @@
# ready.
pw_cc_facade(
- name = "pw_tls_client_entropy_facade",
+ name = "entropy_facade",
hdrs = [
"public/pw_tls_client/entropy.h",
],
@@ -59,6 +59,14 @@
],
)
+pw_cc_library(
+ name = "fake_entropy",
+ srcs = [ "fake_entropy.cc" ],
+ deps = [
+ ":entropy_facade"
+ ],
+)
+
# TODO(zyecheng): The target requires a build_time.h header that defines a
# 'constexpr size_t kBuildTimeMicrosecondsUTC' variable for storing the build time.
# In gn build, this is generated by a python action target. Need to figure out a
diff --git a/pw_tls_client/BUILD.gn b/pw_tls_client/BUILD.gn
index cca5357..8e72dd2 100644
--- a/pw_tls_client/BUILD.gn
+++ b/pw_tls_client/BUILD.gn
@@ -50,6 +50,14 @@
]
}
+# A fake entropy source that does nothing. It should only be used for
+# demo and test purpose only. Production code shall not use it.
+pw_source_set("fake_entropy") {
+ public_deps = [ ":tls_entropy.facade" ]
+ sources = [ "fake_entropy.cc" ]
+ deps = [ "$dir_pw_log" ]
+}
+
# The ":time" target wraps the time() and gettimeofday(), which are
# commonly used by TLS libraries for expiration check.
config("time_wrap") {
diff --git a/pw_tls_client/configs.gni b/pw_tls_client/configs.gni
index 18920b2..70e04e5 100644
--- a/pw_tls_client/configs.gni
+++ b/pw_tls_client/configs.gni
@@ -19,7 +19,7 @@
pw_tls_client_BACKEND = ""
# Backend for pw_tls_client:tls_entropy
- pw_tls_client_ENTROPY_BACKEND = ""
+ pw_tls_client_ENTROPY_BACKEND = "$dir_pw_tls_client:fake_entropy"
# Backend for pw_tls_client:time
pw_tls_client_TIME_BACKEND = "$dir_pw_tls_client:build_time"
diff --git a/pw_tls_client/docs.rst b/pw_tls_client/docs.rst
index 5a9ec6d..380018c 100644
--- a/pw_tls_client/docs.rst
+++ b/pw_tls_client/docs.rst
@@ -37,7 +37,8 @@
-----------
TLS requires an entropy source for generating random bytes. Users of this
module should provide one by implementing a backend to the
-``pw_tls_client:entropy`` facade.
+``pw_tls_client:entropy`` facade. The backend defaults to
+``pw_tls_client:fake_entropy`` that does nothing.
2. Chromium Verifier
---------------------
diff --git a/pw_tls_client/fake_entropy.cc b/pw_tls_client/fake_entropy.cc
new file mode 100644
index 0000000..8205031
--- /dev/null
+++ b/pw_tls_client/fake_entropy.cc
@@ -0,0 +1,28 @@
+// Copyright 2021 The Pigweed Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License"); you may not
+// use this file except in compliance with the License. You may obtain a copy of
+// the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations under
+// the License.
+
+#include "pw_log/log.h"
+#include "pw_tls_client/entropy.h"
+
+namespace pw::tls_client {
+
+Status GetRandomBytes(ByteSpan) {
+ PW_LOG_INFO(
+ "Warning. The TLS client is using a fake enropy source that does "
+ "nothing. This should only be used for demo and test purpose."
+ "Production code shall not use it");
+ return OkStatus();
+}
+
+} // namespace pw::tls_client