From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web10.1597.1598981630811326245 for ; Tue, 01 Sep 2020 10:33:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Ulk5iXpM; spf=pass (domain: gmail.com, ip: 209.85.210.175, mailfrom: matthewfcarlson@gmail.com) Received: by mail-pf1-f175.google.com with SMTP id 17so1195555pfw.9 for ; Tue, 01 Sep 2020 10:33:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=w7sWbZCXhh7nWGE6xIhEPOWDIyecaC39Mq2DH+sX6Pk=; b=Ulk5iXpMxQD6qdnjZNhKNQlXQgAXX38d1/OUrVzpaciDN5JSLaiZe3L73KzZ/8hbRk iUd+QCuWHENVZfo5bCySYiEwhaa2SVbXjhU3LmALPAFGUuOQc4Eq7p4UT3GZZa0BzXGG 1WWVJ52fRfDi8Y+umc44vlYz+zPrl5UUk/nyTDQGquFjpMsili7Cp8+UizH3jvalLKBM +61h1GEWdlk5p+45aOz+CnFNE8naDzIYuQrEeY3bz6xAfDZ/pc/YdZl78UuYQfQGaQMz XtxVO5S8y432vnMd7wEkqhA50H0knnagvJG7ZDtMonoLM0wkNwb7GP9MQEh0EqWGO/R2 SsKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=w7sWbZCXhh7nWGE6xIhEPOWDIyecaC39Mq2DH+sX6Pk=; b=XNX7iEI4NZBmCk02aP2FPpwzzwJZe+7b5uTvpQHa6+1QHFj30mIQlTggo+ShlOjCB7 qys5GrU+VrQNVaSMGX00AHO1MkcfigMlpz5jtqLSHHExzojDpU5QUgNV/oNbI/3zMHiS 1bOuyC3XaDGLKWrZ1RNDKlu9gLm5ksMxkGfnSj9NbvNCQ27OhO8SHXUa18dfRQfiQ42O IBXaGtfEOsS+z5UaGBZKmzyPnrN7y2M4DoVLRrsXD8RTLHV4ARMzeOCKv9NdhSYLmZxE ZgSMerjMGDFHisYZHL3JLfkBvNUIhLGFzaD2UJy4XoDt9CaaKHHmvQ2++vz/U4zcXjFW i4Qg== X-Gm-Message-State: AOAM530xg21+YGXLNjAgk9Vm5VgN7g7Fq5nyongD7Jg5Y7I0eetXfjpN GKPufiAPzzN9kxyfRTuC4NDPM24hxYSncQ== X-Google-Smtp-Source: ABdhPJwqwRcQq8nbCtVeQr+83wzhSouZi2JZpTjT8ulptwVJxNfgWPsnIEne1dV6zXM2pbjw+kNx/A== X-Received: by 2002:a65:4502:: with SMTP id n2mr2388195pgq.132.1598981629977; Tue, 01 Sep 2020 10:33:49 -0700 (PDT) Return-Path: Received: from tvis-name-05.localdomain ([50.34.58.90]) by smtp.gmail.com with ESMTPSA id 205sm2729842pfz.14.2020.09.01.10.33.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 01 Sep 2020 10:33:49 -0700 (PDT) From: "Matthew Carlson" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael D Kinney , Liming Gao , Zhiguang Liu , Matthew Carlson Subject: [PATCH v10 2/5] MdePkg: BaseRngLibDxe: Add RngLib that uses RngDxe Date: Tue, 1 Sep 2020 10:33:43 -0700 Message-Id: <20200901173346.676-3-matthewfcarlson@gmail.com> X-Mailer: git-send-email 2.28.0.windows.1 In-Reply-To: <20200901173346.676-1-matthewfcarlson@gmail.com> References: <20200901173346.676-1-matthewfcarlson@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Matthew Carlson This adds a RngLib that uses the RngProtocol to provide randomness. This means that the RngLib is meant to be used with DXE_DRIVERS. Ref: https://github.com/tianocore/edk2/pull/845 Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1871 Cc: Ard Biesheuvel Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Matthew Carlson --- MdePkg/Library/DxeRngLib/DxeRngLib.c | 199 ++++++++++++++++++++ MdePkg/Library/DxeRngLib/DxeRngLib.inf | 38 ++++ MdePkg/Library/DxeRngLib/DxeRngLib.uni | 15 ++ MdePkg/MdePkg.dsc | 4 +- 4 files changed, 255 insertions(+), 1 deletion(-) diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.c b/MdePkg/Library/DxeRngLi= b/DxeRngLib.c new file mode 100644 index 000000000000..9c3d67b5a62d --- /dev/null +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.c @@ -0,0 +1,199 @@ +/** @file=0D + Provides an implementation of the library class RngLib that uses the Rng = protocol.=0D +=0D + Copyright (c) Microsoft Corporation. All rights reserved.=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +/**=0D + Routine Description:=0D +=0D + Generates a random number via the NIST=0D + 800-9A algorithm. Refer to=0D + http://csrc.nist.gov/groups/STM/cavp/documents/drbg/DRBGVS.pdf=0D + for more information.=0D +=0D + @param[out] Buffer Buffer to receive the random number.=0D + @param[in] BufferSize Number of bytes in Buffer.=0D +=0D + @retval EFI_SUCCESS or underlying failure code.=0D +**/=0D +STATIC=0D +EFI_STATUS=0D +GenerateRandomNumberViaNist800Algorithm (=0D + OUT UINT8 *Buffer,=0D + IN UINTN BufferSize=0D + )=0D +{=0D + EFI_STATUS Status;=0D + EFI_RNG_PROTOCOL *RngProtocol;=0D +=0D + RngProtocol =3D NULL;=0D +=0D + if (Buffer =3D=3D NULL) {=0D + DEBUG((DEBUG_ERROR, "%a: Buffer =3D=3D NULL.\n", __FUNCTION__));=0D + return EFI_INVALID_PARAMETER;=0D + }=0D +=0D + Status =3D gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID **)&Rn= gProtocol);=0D + if (EFI_ERROR (Status) || RngProtocol =3D=3D NULL) {=0D + DEBUG((DEBUG_ERROR, "%a: Could not locate RNG prototocol, Status =3D= %r\n", __FUNCTION__, Status));=0D + return Status;=0D + }=0D +=0D + Status =3D RngProtocol->GetRNG (RngProtocol, &gEfiRngAlgorithmSp80090Ctr= 256Guid, BufferSize, Buffer);=0D + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm CTR-256 - Status =3D %r\n", __F= UNCTION__, Status));=0D + if (!EFI_ERROR (Status)) {=0D + return Status;=0D + }=0D +=0D + Status =3D RngProtocol->GetRNG (RngProtocol, &gEfiRngAlgorithmSp80090Hma= c256Guid, BufferSize, Buffer);=0D + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm HMAC-256 - Status =3D %r\n", __= FUNCTION__, Status));=0D + if (!EFI_ERROR (Status)) {=0D + return Status;=0D + }=0D +=0D + Status =3D RngProtocol->GetRNG (RngProtocol, &gEfiRngAlgorithmSp80090Has= h256Guid, BufferSize, Buffer);=0D + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm Hash-256 - Status =3D %r\n", __= FUNCTION__, Status));=0D + if (!EFI_ERROR (Status)) {=0D + return Status;=0D + }=0D + // If all the other methods have failed, use the default method from the= RngProtocol=0D + Status =3D RngProtocol->GetRNG (RngProtocol, NULL, BufferSize, Buffer);= =0D + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm Hash-256 - Status =3D %r\n", __= FUNCTION__, Status));=0D + if (!EFI_ERROR (Status)) {=0D + return Status;=0D + }=0D + // If we get to this point, we have failed=0D + DEBUG((DEBUG_ERROR, "%a: GetRNG() failed, staus =3D %r\n", __FUNCTION__,= Status));=0D +=0D + return Status;=0D +}// GenerateRandomNumberViaNist800Algorithm()=0D +=0D +=0D +/**=0D + Generates a 16-bit random number.=0D +=0D + if Rand is NULL, return FALSE.=0D +=0D + @param[out] Rand Buffer pointer to store the 16-bit random value.=0D +=0D + @retval TRUE Random number generated successfully.=0D + @retval FALSE Failed to generate the random number.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +GetRandomNumber16 (=0D + OUT UINT16 *Rand=0D + )=0D +{=0D + EFI_STATUS Status;=0D +=0D + if (Rand =3D=3D NULL)=0D + {=0D + return FALSE;=0D + }=0D +=0D + Status =3D GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, sizeo= f(UINT16));=0D + if (EFI_ERROR (Status)) {=0D + return FALSE;=0D + }=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a 32-bit random number.=0D +=0D + if Rand is NULL, return FALSE.=0D +=0D + @param[out] Rand Buffer pointer to store the 32-bit random value.=0D +=0D + @retval TRUE Random number generated successfully.=0D + @retval FALSE Failed to generate the random number.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +GetRandomNumber32 (=0D + OUT UINT32 *Rand=0D + )=0D +{=0D + EFI_STATUS Status;=0D +=0D + if (Rand =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + Status =3D GenerateRandomNumberViaNist800Algorithm ((UINT8*)Rand, sizeof= (UINT32));=0D + if (EFI_ERROR (Status)) {=0D + return FALSE;=0D + }=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a 64-bit random number.=0D +=0D + if Rand is NULL, return FALSE.=0D +=0D + @param[out] Rand Buffer pointer to store the 64-bit random value.=0D +=0D + @retval TRUE Random number generated successfully.=0D + @retval FALSE Failed to generate the random number.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +GetRandomNumber64 (=0D + OUT UINT64 *Rand=0D + )=0D +{=0D + EFI_STATUS Status;=0D +=0D + if (Rand =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + Status =3D GenerateRandomNumberViaNist800Algorithm ((UINT8*)Rand, sizeof= (UINT64));=0D + if (EFI_ERROR (Status)) {=0D + return FALSE;=0D + }=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a 128-bit random number.=0D +=0D + if Rand is NULL, return FALSE.=0D +=0D + @param[out] Rand Buffer pointer to store the 128-bit random value.=0D +=0D + @retval TRUE Random number generated successfully.=0D + @retval FALSE Failed to generate the random number.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +GetRandomNumber128 (=0D + OUT UINT64 *Rand=0D + )=0D +{=0D + EFI_STATUS Status;=0D +=0D + if (Rand =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + Status =3D GenerateRandomNumberViaNist800Algorithm ((UINT8*)Rand, 2 * si= zeof(UINT64));=0D + if (EFI_ERROR (Status)) {=0D + return FALSE;=0D + }=0D + return TRUE;=0D +}=0D diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.inf b/MdePkg/Library/DxeRng= Lib/DxeRngLib.inf new file mode 100644 index 000000000000..68554ad21146 --- /dev/null +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.inf @@ -0,0 +1,38 @@ +# @file=0D +# Provides implementation of the library class RngLib that uses the RngPro= tocol=0D +#=0D +# @copyright=0D +# Copyright (c) Microsoft Corporation. All rights reserved.=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +#=0D +##=0D +=0D +[Defines]=0D + INF_VERSION =3D 1.27=0D + BASE_NAME =3D DxeRngLib=0D + MODULE_UNI_FILE =3D DxeRngLib.uni=0D + FILE_GUID =3D FF9F84C5-A33E-44E3-9BB5-0D654B2D4149=0D + MODULE_TYPE =3D DXE_DRIVER=0D + VERSION_STRING =3D 1.0=0D + LIBRARY_CLASS =3D RngLib|DXE_DRIVER UEFI_APPLICATION UEFI_DRIVER=0D +=0D +[Packages]=0D + MdePkg/MdePkg.dec=0D +=0D +[Sources]=0D + DxeRngLib.c=0D +=0D +[LibraryClasses]=0D + DebugLib=0D + UefiBootServicesTableLib=0D +=0D +[Protocols]=0D + gEfiRngProtocolGuid ## CONSUMES=0D +=0D +[Depex]=0D + gEfiRngProtocolGuid=0D +=0D +[Guids]=0D + gEfiRngAlgorithmSp80090Ctr256Guid=0D + gEfiRngAlgorithmSp80090Hash256Guid=0D + gEfiRngAlgorithmSp80090Hmac256Guid=0D diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.uni b/MdePkg/Library/DxeRng= Lib/DxeRngLib.uni new file mode 100644 index 000000000000..c904e54b6fb0 --- /dev/null +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.uni @@ -0,0 +1,15 @@ +// @file=0D +// Instance of RNG (Random Number Generator) Library.=0D +//=0D +// RngLib that uses the Rng Protocol to provide random numbers.=0D +//=0D +// Copyright (c) Microsoft Corporation.=0D +//=0D +// SPDX-License-Identifier: BSD-2-Clause-Patent=0D +//=0D +=0D +=0D +#string STR_MODULE_ABSTRACT #language en-US "Instance of RNG Library"= =0D +=0D +#string STR_MODULE_DESCRIPTION #language en-US "BaseRng Library that uses= the Rng Protocol to provide random numbers"=0D +=0D diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc index d7ba3a730909..2c3b7966b086 100644 --- a/MdePkg/MdePkg.dsc +++ b/MdePkg/MdePkg.dsc @@ -62,8 +62,10 @@ MdePkg/Library/BasePostCodeLibPort80/BasePostCodeLibPort80.inf=0D MdePkg/Library/BasePrintLib/BasePrintLib.inf=0D MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.i= nf=0D - MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf=0D + MdePkg/Library/DxeRngLib/DxeRngLib.inf=0D MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf=0D + MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf=0D +=0D MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf=0D MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf=0D MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf=0D --=20 2.28.0.windows.1