From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by mx.groups.io with SMTP id smtpd.web11.7008.1597198891977878706 for ; Tue, 11 Aug 2020 19:21:32 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20161025 header.b=YUi/Uvp8; spf=pass (domain: gmail.com, ip: 209.85.210.169, mailfrom: matthewfcarlson@gmail.com) Received: by mail-pf1-f169.google.com with SMTP id x25so246649pff.4 for ; Tue, 11 Aug 2020 19:21:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ObrbVob8a/l9gLUfgQhAA3AhcDu/T9Vr3Po95z2Diok=; b=YUi/Uvp880+8pWdvhQmArk6MDwOo5RkJeF6nFTmoGE9UxvmGmZcQyRF5Ko5pZhasbf g09eDZs2Z2Mj3s0rV5ERRdw/QuvvQzj2f0SUH982L6W8ver4pzyD5x3q5BBwxjAyTZFf Ia1VQz0jAIULO3CsEvs1pIgSONDfKC7wD9qfSnldZHQbVHfXW7cqebH+4nZTBTzEHaJN 2NTYrN9j3txd3zlQRwFlsnYEwm9TE5i9j5H82TAw5ol+DE32ZjWfx3rRs+YrvE0BVTco uw/wbTJB2xcMchSekS3Ss4STzatnpiEcz5I/ifQ2Qaxss7TAlHdh7f/flMakuayLmHG9 gz2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ObrbVob8a/l9gLUfgQhAA3AhcDu/T9Vr3Po95z2Diok=; b=ThH86keCFVr/9QrvmX5vOHbAKsQZ78lP0jDAXC4hRNrDBlVxKABRwGB5c4Mg/ZkcHP bqEJaSzUfiBqStObbpOeV+h/9fluGXVoQ5RWjG6VJr9V709D5jJbwyyhRiUndyNjL41/ udDkXxkqtKa0zqHfn2FjpVc4yhSEkTTzaxbH5aaPvFXLIjyEz8g3T5MYco6Gtc7Ij+CV BSTdur6IWpmpv0NrTkSJ2fkrBKv/D7mOAI9tiH9COM3tgapCmj0QWGmatee9iX4PtGF6 3f0AbjqRI4hVak+FDrMy3urhkd3MCtG4TjuGgRYTEQADTVVjUPNDxbbgcZb8h71yAkfV 8NxA== X-Gm-Message-State: AOAM531q8wUTdDh7/DDyVO9Rqa0MHSHLCANqlqz1PkaAZSdR+8yLiu5N iK8kudaSrgYU66dF8Lpu2m5CxJ1+HjQyoA== X-Google-Smtp-Source: ABdhPJyXFGXq8K+AbyPGYp2D1xLLUQY21qwBTQJ+0NX/0V+k61eqBdwbfHmWYonm9lNoBk1acYfS8Q== X-Received: by 2002:a63:2944:: with SMTP id p65mr3323713pgp.271.1597198891139; Tue, 11 Aug 2020 19:21:31 -0700 (PDT) Return-Path: Received: from tvis-name-05.localdomain ([50.34.40.129]) by smtp.gmail.com with ESMTPSA id q17sm415952pfh.32.2020.08.11.19.21.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Aug 2020 19:21:30 -0700 (PDT) From: "Matthew Carlson" To: devel@edk2.groups.io Cc: Michael D Kinney , Liming Gao , Zhiguang Liu , Matthew Carlson Subject: [PATCH v5 1/5] MdePkg: TimerRngLib: Added RngLib that uses TimerLib Date: Tue, 11 Aug 2020 19:21:23 -0700 Message-Id: <20200812022127.1205-2-matthewfcarlson@gmail.com> X-Mailer: git-send-email 2.27.0.windows.1 In-Reply-To: <20200812022127.1205-1-matthewfcarlson@gmail.com> References: <20200812022127.1205-1-matthewfcarlson@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Matthew Carlson Added a new RngLib that provides random numbers from the TimerLib using the performance counter. This is meant to be used for OpenSSL to replicate past behavior. This should not be used in production as a real source of entropy. Ref: https://github.com/tianocore/edk2/pull/845 Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1871 Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Matthew Carlson --- MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c | 187 +++++++++++= +++++++++ MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf | 40 +++++ MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni | 17 ++ MdePkg/MdePkg.dsc | 3 +- 4 files changed, 246 insertions(+), 1 deletion(-) diff --git a/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c b/MdePkg/Libra= ry/BaseRngLibTimerLib/RngLibTimer.c new file mode 100644 index 000000000000..915382fb9278 --- /dev/null +++ b/MdePkg/Library/BaseRngLibTimerLib/RngLibTimer.c @@ -0,0 +1,187 @@ +/** @file=0D + BaseRng Library that uses the TimerLib to provide reasonably random numb= ers.=0D + Do not use this on a production system.=0D +=0D + Copyright (c) Microsoft Corporation.=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +**/=0D +=0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +/**=0D + * Using the TimerLib GetPerformanceCounterProperties() we delay=0D + * for enough time for the PerformanceCounter to increment.=0D + * Depending on your system=0D + *=0D + * If the return value from GetPerformanceCounterProperties (TimerLib)=0D + * is zero, this function will not delay and attempt to assert.=0D + */=0D +VOID=0D +EFIAPI=0D +DecentDelay(=0D + VOID=0D + )=0D +{=0D + UINT64 StartValue;=0D + UINT64 EndValue;=0D + UINT64 CounterHz;=0D + UINT64 MinumumDelayInMicroSeconds;=0D + // Get the counter properties=0D + CounterHz =3D GetPerformanceCounterProperties(&StartValue, &EndValue);=0D + // Make sure we won't divide by zero=0D + if (CounterHz =3D=3D 0) {=0D + ASSERT(FALSE); // Assert so the developer knows something is wrong=0D + return;=0D + }=0D + // Calculate the minimum delay based on 1.5 microseconds divided by the = hertz.=0D + // We calculate the length of a cycle (1/CounterHz) and multiply it by 1= .5 microseconds=0D + // This ensures that the performance counter has increased by at least o= ne=0D + MinumumDelayInMicroSeconds =3D 1500000 / CounterHz;=0D +=0D + MicroSecondDelay(MinumumDelayInMicroSeconds);=0D +}=0D +=0D +=0D +/**=0D + Generates a 16-bit random number.=0D +=0D + if Rand is NULL, then ASSERT().=0D +=0D + @param[out] Rand Buffer pointer to store the 16-bit random value.=0D +=0D + @retval TRUE Random number generated successfully.=0D + @retval FALSE Failed to generate the random number.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +GetRandomNumber16 (=0D + OUT UINT16 *Rand=0D + )=0D +{=0D + UINT32 Index;=0D + UINT8* RandPtr;=0D +=0D + ASSERT (Rand !=3D NULL);=0D +=0D + if (NULL =3D=3D Rand) {=0D + return FALSE;=0D + }=0D +=0D + RandPtr =3D (UINT8 *) Rand;=0D + // Get 2 bytes of random ish data=0D + // This should take around 10us=0D + for (Index =3D 0; Index < 2; Index ++) {=0D + *RandPtr =3D (UINT8) (GetPerformanceCounter () & 0xFF);=0D + DecentDelay (); // delay to give chance for performance counter to cat= ch up=0D + RandPtr++;=0D + }=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a 32-bit random number.=0D +=0D + if Rand is NULL, then ASSERT().=0D +=0D + @param[out] Rand Buffer pointer to store the 32-bit random value.=0D +=0D + @retval TRUE Random number generated successfully.=0D + @retval FALSE Failed to generate the random number.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +GetRandomNumber32 (=0D + OUT UINT32 *Rand=0D + )=0D +{=0D + UINT32 Index;=0D + UINT8* RandPtr;=0D +=0D + ASSERT (Rand !=3D NULL);=0D +=0D + if (NULL =3D=3D Rand) {=0D + return FALSE;=0D + }=0D +=0D + RandPtr =3D (UINT8 *) Rand;=0D + // Get 4 bytes of random ish data=0D + // This should take around 20ms=0D + for (Index =3D 0; Index < 4; Index ++) {=0D + *RandPtr =3D (UINT8) (GetPerformanceCounter () & 0xFF);=0D + DecentDelay (); // delay to give chance for performance counter to cat= ch up=0D + RandPtr++;=0D + }=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a 64-bit random number.=0D +=0D + if Rand is NULL, then ASSERT().=0D +=0D + @param[out] Rand Buffer pointer to store the 64-bit random value.=0D +=0D + @retval TRUE Random number generated successfully.=0D + @retval FALSE Failed to generate the random number.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +GetRandomNumber64 (=0D + OUT UINT64 *Rand=0D + )=0D +{=0D + UINT32 Index;=0D + UINT8* RandPtr;=0D +=0D + ASSERT (Rand !=3D NULL);=0D +=0D + if (NULL =3D=3D Rand) {=0D + return FALSE;=0D + }=0D +=0D + RandPtr =3D (UINT8 *) Rand;=0D + // Get 8 bytes of random ish data=0D + // This should take around 40ms=0D + for (Index =3D 0; Index < 8; Index ++) {=0D + *RandPtr =3D (UINT8) (GetPerformanceCounter () & 0xFF);=0D + DecentDelay (); // delay to give chance for performance counter to cat= ch up=0D + RandPtr++;=0D + }=0D +=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a 128-bit random number.=0D +=0D + if Rand is NULL, then ASSERT().=0D +=0D + @param[out] Rand Buffer pointer to store the 128-bit random value.=0D +=0D + @retval TRUE Random number generated successfully.=0D + @retval FALSE Failed to generate the random number.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +GetRandomNumber128 (=0D + OUT UINT64 *Rand=0D + )=0D +{=0D + ASSERT (Rand !=3D NULL);=0D + // This should take around 80ms=0D +=0D + // Read first 64 bits=0D + if (!GetRandomNumber64 (Rand)) {=0D + return FALSE;=0D + }=0D +=0D + // Read second 64 bits=0D + return GetRandomNumber64 (++Rand);=0D +}=0D diff --git a/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf b/Mde= Pkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf new file mode 100644 index 000000000000..34dea0152497 --- /dev/null +++ b/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf @@ -0,0 +1,40 @@ +## @file=0D +# Instance of RNG (Random Number Generator) Library.=0D +#=0D +# BaseRng Library that uses the TimerLib to provide reasonably random num= bers.=0D +# Do NOT use this on a production system as this uses the system performa= nce=0D +# counter rather than a true source of random in addition to having a wea= k=0D +# random algorithm. This is provided primarily as a source of entropy for= =0D +# OpenSSL for platforms that do not have a good built in RngLib as this=0D +# emulates what was done before (though it isn't perfect).=0D +#=0D +# Copyright (c) Microsoft Corporation. All rights reserved.
=0D +#=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +#=0D +#=0D +##=0D +=0D +[Defines]=0D + INF_VERSION =3D 0x00010005=0D + BASE_NAME =3D BaseRngLibTimerLib=0D + MODULE_UNI_FILE =3D BaseRngLibTimerLib.uni=0D + FILE_GUID =3D 74950C45-10FC-4AB5-B114-49C87C17409B= =0D + MODULE_TYPE =3D BASE=0D + VERSION_STRING =3D 1.0=0D + LIBRARY_CLASS =3D RngLib=0D + CONSTRUCTOR =3D BaseRngLibConstructor=0D +=0D +#=0D +# VALID_ARCHITECTURES =3D IA32 X64=0D +#=0D +=0D +[Sources]=0D + RngLibTimer.c=0D +=0D +[Packages]=0D + MdePkg/MdePkg.dec=0D +=0D +[LibraryClasses]=0D + BaseLib=0D + TimerLib=0D diff --git a/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni b/Mde= Pkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni new file mode 100644 index 000000000000..766a8e0ddf97 --- /dev/null +++ b/MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.uni @@ -0,0 +1,17 @@ +// /** @file=0D +// Instance of RNG (Random Number Generator) Library.=0D +//=0D +// BaseRng Library that uses TimerLib's performance counter=0D +// to provide random numbers.=0D +//=0D +// Copyright (c) Microsoft Corporation=0D +//=0D +// SPDX-License-Identifier: BSD-2-Clause-Patent=0D +//=0D +// **/=0D +=0D +=0D +#string STR_MODULE_ABSTRACT #language en-US "Instance of RNG L= ibrary"=0D +=0D +#string STR_MODULE_DESCRIPTION #language en-US "BaseRng Library t= hat uses the TimerLib to provide low-entropy random numbers"=0D +=0D diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc index 472fa3777412..d7ba3a730909 100644 --- a/MdePkg/MdePkg.dsc +++ b/MdePkg/MdePkg.dsc @@ -62,6 +62,8 @@ MdePkg/Library/BasePostCodeLibPort80/BasePostCodeLibPort80.inf=0D MdePkg/Library/BasePrintLib/BasePrintLib.inf=0D MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.i= nf=0D + MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf=0D + MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf=0D MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf=0D MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf=0D MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf=0D @@ -69,7 +71,6 @@ MdePkg/Library/BaseUefiDecompressLib/BaseUefiTianoCustomDecompressLib.in= f=0D MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf=0D MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf=0D - MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf=0D =0D MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf=0D MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf=0D --=20 2.27.0.windows.1