public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Wenxing Hou" <wenxing.hou@intel.com>
To: devel@edk2.groups.io
Cc: Jiewen Yao <jiewen.yao@intel.com>, Yi Li <yi1.li@intel.com>
Subject: [edk2-devel] [PATCH v3 02/11] CryptoPkg: Add rand function for BaseCryptLibMbedTls
Date: Thu,  9 May 2024 14:26:51 +0800	[thread overview]
Message-ID: <20240509062700.2062-3-wenxing.hou@intel.com> (raw)
In-Reply-To: <20240509062700.2062-1-wenxing.hou@intel.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Add rand function for BaseCryptLibMbedTls.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Yi Li <yi1.li@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
---
 CryptoPkg/Include/Library/BaseCryptLib.h      |   2 +
 .../BaseCryptLibMbedTls/InternalCryptLib.h    |  16 +++
 .../BaseCryptLibMbedTls/Rand/CryptRand.c      | 114 ++++++++++++++++++
 .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c   | 114 ++++++++++++++++++
 4 files changed, 246 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c

diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index 86f784a1d2..111df8e78b 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -3139,6 +3139,8 @@ DhComputeKey (
   If Seed is NULL, then default seed is used.
   If this interface is not supported, then return FALSE.
 
+  RandomSeed has not been implemented in BaseCryptoLibMbedTls.
+
   @param[in]  Seed      Pointer to seed value.
                         If NULL, default seed is used.
   @param[in]  SeedSize  Size of seed value.
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
index 039aa32028..a30666cef4 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
@@ -22,4 +22,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 //
 #include <mbedtls/mbedtls_config.h>
 
+/**
+  The MbedTLS function f_rng, which MbedtlsRand implements.
+
+  @param[in]   RngState Not used, just for compatibility with mbedlts.
+  @param[out]  Output  Pointer to buffer to receive random value.
+  @param[in]   Len    Size of random bytes to generate.
+
+  @retval 0      Pseudorandom byte stream generated successfully.
+  @retval Non-0  Pseudorandom number generator fails to generate due to lack of entropy.
+**/
+INT32
+MbedtlsRand (
+  VOID   *RngState,
+  UINT8  *Output,
+  UINTN  Len
+  );
 #endif
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
new file mode 100644
index 0000000000..e01aabc0de
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
@@ -0,0 +1,114 @@
+/** @file
+  Pseudorandom Number Generator Wrapper Implementation over MbedTLS.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include <Library/RngLib.h>
+
+/**
+  Sets up the seed value for the pseudorandom number generator.
+
+  This function sets up the seed value for the pseudorandom number generator.
+  If Seed is not NULL, then the seed passed in is used.
+  If Seed is NULL, then default seed is used.
+
+  @param[in]  Seed      Pointer to seed value.
+                        If NULL, default seed is used.
+  @param[in]  SeedSize  Size of seed value.
+                        If Seed is NULL, this parameter is ignored.
+
+  @retval TRUE   Pseudorandom number generator has enough entropy for random generation.
+  @retval FALSE  Pseudorandom number generator does not have enough entropy for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+  IN  CONST  UINT8  *Seed  OPTIONAL,
+  IN  UINTN         SeedSize
+  )
+{
+  return TRUE;
+}
+
+/**
+  Generates a pseudorandom byte stream of the specified size.
+
+  If Output is NULL, then return FALSE.
+
+  @param[out]  Output  Pointer to buffer to receive random value.
+  @param[in]   Size    Size of random bytes to generate.
+
+  @retval TRUE   Pseudorandom byte stream generated successfully.
+  @retval FALSE  Pseudorandom number generator fails to generate due to lack of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+  OUT  UINT8  *Output,
+  IN   UINTN  Size
+  )
+{
+  BOOLEAN          Ret;
+  volatile UINT64  TempRand;
+
+  //
+  // Check input parameters.
+  //
+  if ((Output == NULL) || (Size > INT_MAX)) {
+    return FALSE;
+  }
+
+  Ret = FALSE;
+
+  while (Size > 0) {
+    // Use RngLib to get random number
+    Ret = GetRandomNumber64 ((UINT64 *)&TempRand);
+
+    if (!Ret) {
+      TempRand = 0;
+      return Ret;
+    }
+
+    if (Size >= sizeof (TempRand)) {
+      *((UINT64 *)Output) = TempRand;
+      Output             += sizeof (UINT64);
+      Size               -= sizeof (TempRand);
+    } else {
+      CopyMem (Output, (VOID *)&TempRand, Size);
+      Size = 0;
+    }
+  }
+
+  TempRand = 0;
+  return Ret;
+}
+
+/**
+  The MbedTLS function f_rng, which MbedtlsRand implements.
+
+  @param[in]   RngState Not used, just for compatibility with mbedlts.
+  @param[out]  Output  Pointer to buffer to receive random value.
+  @param[in]   Len    Size of random bytes to generate.
+
+  @retval 0      Pseudorandom byte stream generated successfully.
+  @retval Non-0  Pseudorandom number generator fails to generate due to lack of entropy.
+**/
+INT32
+MbedtlsRand (
+  VOID   *RngState,
+  UINT8  *Output,
+  UINTN  Len
+  )
+{
+  BOOLEAN  Result;
+
+  Result = RandomBytes (Output, Len);
+
+  return Result ? 0 : -1;
+}
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c
new file mode 100644
index 0000000000..e01aabc0de
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c
@@ -0,0 +1,114 @@
+/** @file
+  Pseudorandom Number Generator Wrapper Implementation over MbedTLS.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include <Library/RngLib.h>
+
+/**
+  Sets up the seed value for the pseudorandom number generator.
+
+  This function sets up the seed value for the pseudorandom number generator.
+  If Seed is not NULL, then the seed passed in is used.
+  If Seed is NULL, then default seed is used.
+
+  @param[in]  Seed      Pointer to seed value.
+                        If NULL, default seed is used.
+  @param[in]  SeedSize  Size of seed value.
+                        If Seed is NULL, this parameter is ignored.
+
+  @retval TRUE   Pseudorandom number generator has enough entropy for random generation.
+  @retval FALSE  Pseudorandom number generator does not have enough entropy for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+  IN  CONST  UINT8  *Seed  OPTIONAL,
+  IN  UINTN         SeedSize
+  )
+{
+  return TRUE;
+}
+
+/**
+  Generates a pseudorandom byte stream of the specified size.
+
+  If Output is NULL, then return FALSE.
+
+  @param[out]  Output  Pointer to buffer to receive random value.
+  @param[in]   Size    Size of random bytes to generate.
+
+  @retval TRUE   Pseudorandom byte stream generated successfully.
+  @retval FALSE  Pseudorandom number generator fails to generate due to lack of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+  OUT  UINT8  *Output,
+  IN   UINTN  Size
+  )
+{
+  BOOLEAN          Ret;
+  volatile UINT64  TempRand;
+
+  //
+  // Check input parameters.
+  //
+  if ((Output == NULL) || (Size > INT_MAX)) {
+    return FALSE;
+  }
+
+  Ret = FALSE;
+
+  while (Size > 0) {
+    // Use RngLib to get random number
+    Ret = GetRandomNumber64 ((UINT64 *)&TempRand);
+
+    if (!Ret) {
+      TempRand = 0;
+      return Ret;
+    }
+
+    if (Size >= sizeof (TempRand)) {
+      *((UINT64 *)Output) = TempRand;
+      Output             += sizeof (UINT64);
+      Size               -= sizeof (TempRand);
+    } else {
+      CopyMem (Output, (VOID *)&TempRand, Size);
+      Size = 0;
+    }
+  }
+
+  TempRand = 0;
+  return Ret;
+}
+
+/**
+  The MbedTLS function f_rng, which MbedtlsRand implements.
+
+  @param[in]   RngState Not used, just for compatibility with mbedlts.
+  @param[out]  Output  Pointer to buffer to receive random value.
+  @param[in]   Len    Size of random bytes to generate.
+
+  @retval 0      Pseudorandom byte stream generated successfully.
+  @retval Non-0  Pseudorandom number generator fails to generate due to lack of entropy.
+**/
+INT32
+MbedtlsRand (
+  VOID   *RngState,
+  UINT8  *Output,
+  UINTN  Len
+  )
+{
+  BOOLEAN  Result;
+
+  Result = RandomBytes (Output, Len);
+
+  return Result ? 0 : -1;
+}
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118733): https://edk2.groups.io/g/devel/message/118733
Mute This Topic: https://groups.io/mt/105996828/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



  parent reply	other threads:[~2024-05-09  6:27 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-09  6:26 [edk2-devel] [PATCH v3 00/11] Add more crypt APIs based on Mbedtls Wenxing Hou
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 01/11] CryptoPkg: Add AeadAesGcm " Wenxing Hou
2024-05-09  6:26 ` Wenxing Hou [this message]
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 03/11] CryptoPkg: Add Pem APIs " Wenxing Hou
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 04/11] CryptoPkg: Add X509 functions " Wenxing Hou
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 05/11] CryptoPkg: Add Pkcs7 related " Wenxing Hou
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 06/11] CryptoPkg: Add Pkcs5 " Wenxing Hou
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 07/11] CryptoPkg: Add more RSA related " Wenxing Hou
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 08/11] CryptoPkg: Add AuthenticodeVerify " Wenxing Hou
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 09/11] CryptoPkg: Add ImageTimestampVerify " Wenxing Hou
2024-05-09  6:26 ` [edk2-devel] [PATCH v3 10/11] CryptoPkg: Update *.inf in BaseCryptLibMbedTls Wenxing Hou
2024-05-09  6:27 ` [edk2-devel] [PATCH v3 11/11] Add SHA3/SM3 functions with openssl for Mbedtls Wenxing Hou
2024-05-09  6:54 ` [edk2-devel] [PATCH v3 00/11] Add more crypt APIs based on Mbedtls Li, Yi
2024-05-09  8:29   ` Wenxing Hou
2024-05-09  8:33     ` Li, Yi
2024-05-09  8:56       ` Yao, Jiewen
2024-05-09  8:58       ` 回复: " gaoliming via groups.io
2024-05-09  9:34         ` Wenxing Hou
2024-05-09 12:35           ` 回复: [edk2-devel][edk2-stable202405] " gaoliming via groups.io
2024-05-09 22:11             ` Wenxing Hou

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240509062700.2062-3-wenxing.hou@intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox