mbedTLS: Add ESP8266 hardware entropy source discovered by @foogod

Addresses #3, provided turns out to be an effective HWRNG.

core/include/esp/wdev_regs.h

@@ -0,0 +1,44 @@
+/* esp/dport_regs.h
+ *
+ * ESP8266 WDEV register definitions
+ *
+ * In the DPORT memory space, alongside DPORT regs. However mostly
+ * concerned with the WiFi hardware interface.
+ *
+ * Not well understood at all, 100% figured out via reverse engineering.
+ */
+
+#ifndef _ESP_WDEV__REGS_H
+#define _ESP_WDEV__REGS_H
+
+#include "esp/types.h"
+#include "common_macros.h"
+
+#define WDEV_BASE 0x3ff20e00
+#define WDEV (*(struct WDEV_REGS *)(WDEV_BASE))
+
+/* WDEV registers
+*/
+
+struct WDEV_REGS {
+    uint32_t volatile _unknown00;          // 0x00
+    uint32_t volatile _unknown04;          // 0x04
+    uint32_t volatile _unknown08;          // 0x08
+    uint32_t volatile _unknown0c;          // 0x0c
+    uint32_t volatile _unknown10;          // 0x10
+    uint32_t volatile _unknown14;          // 0x14
+    uint32_t volatile _unknown18;          // 0x18
+    uint32_t volatile _unknown1c;          // 0x1c
+    uint32_t volatile _unknown20;          // 0x20
+    uint32_t volatile _unknown24;          // 0x24
+    uint32_t volatile _unknown28;          // 0x28
+    uint32_t volatile _unknown2c;          // 0x2c
+    uint32_t volatile _unknown30;          // 0x30
+    uint32_t volatile _unknown34;          // 0x34
+    uint32_t volatile _unknown38;          // 0x38
+    uint32_t volatile _unknown3c;          // 0x3c
+    uint32_t volatile _unknown40;          // 0x40
+    uint32_t volatile HWRNG;               // 0x44 Appears to be HW RNG, see https://github.com/SuperHouse/esp-open-rtos/issues/3#issuecomment-139453094
+};
+
+#endif

extras/mbedtls/hardware_entropy.c

@@ -0,0 +1,27 @@
+/* ESP8266 "Hardware RNG" (validity still being confirmed) support for ESP8266
+ *
+ * Based on research done by @foogod.
+ *
+ * Please don't rely on this too much as an entropy source, quite yet...
+ *
+ * Part of esp-open-rtos
+ * Copyright (C) 2015 Angus Gratton
+ * BSD Licensed as described in the file LICENSE
+ */
+#include <mbedtls/entropy_poll.h>
+#include <esp/wdev_regs.h>
+#include <string.h>
+
+int mbedtls_hardware_poll( void *data,
+                           unsigned char *output, size_t len, size_t *olen )
+{
+    (void)(data);
+    for(int i = 0; i < len; i+=4) {
+        uint32_t random = WDEV.HWRNG;
+        /* using memcpy here in case output is unaligned */
+        memcpy(output + i, &random, (i+4 <= len) ? 4 : (len % 4));
+    }
+    if(olen)
+        *olen = len;
+    return 0;
+}

extras/mbedtls/include/mbedtls/config.h

@@ -289,7 +289,8 @@
  *
  * Uncomment to use your own hardware entropy collector.
  */
-//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+/* hardware RNG interface provided in hardware_entropy.c */
+#define MBEDTLS_ENTROPY_HARDWARE_ALT
 
 /**
  * \def MBEDTLS_AES_ROM_TABLES
@@ -777,7 +778,7 @@
  * This option is only useful if both MBEDTLS_SHA256_C and
  * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
  */
-//#define MBEDTLS_ENTROPY_FORCE_SHA256
+#define MBEDTLS_ENTROPY_FORCE_SHA256
 
 /**
  * \def MBEDTLS_MEMORY_DEBUG
@@ -2350,7 +2351,8 @@
 
 /* CTR_DRBG options */
 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
-//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL        10000 /**< Interval before reseed is performed by default */
+/* this is normally 10x higher, but reseeding seems quite inexpensive on esp8266 */
+#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL        1000 /**< Interval before reseed is performed by default */
 //#define MBEDTLS_CTR_DRBG_MAX_INPUT                256 /**< Maximum number of additional input bytes */
 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST             1024 /**< Maximum number of requested bytes per call */
 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT           384 /**< Maximum size of (re)seed buffer */