From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 6AD91D806DA for ; Thu, 9 May 2024 06:27:08 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=qiVu4Rbq2tRjr7mkA/pm1lH0WEFOY6q2owATwPepkpo=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1715236026; v=1; b=j7Neq8nau7imNgLFRa+lQ+ZXi0XjcD2itOwn0F2zvW34UTdEDq9OZm7kRLYx09Kts/KoMwyS 2KgYhjtRbeHPnMk6rg7JYQf8ckOtAbXD7URXV5AsypvwPeUOylrISOvQRBgWT1sGNBU+mfABQd5 NZaLeCF06M5WbIOE0lgdi1SRjXnCaORh9xvFt+qEmx56Ox1abzFzaPvAnEKjAddwT0jJnkBL+IC mTLc6Oap8bIH+V/9EiwyxJiaxkwHumE1zSPSP+hTH6g21xqPsnLR3h7/NXCgsUradgGMVT79A3A 0tQRCjx9jJe/WDghZ+pUeJDKqWE5jA5RMTp6pen0OvvvQ== X-Received: by 127.0.0.2 with SMTP id nQ4hYY7687511xsC71Aowa99; Wed, 08 May 2024 23:27:06 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.12]) by mx.groups.io with SMTP id smtpd.web10.3998.1715236024155799791 for ; Wed, 08 May 2024 23:27:06 -0700 X-CSE-ConnectionGUID: 6z+uzEkPTYSjlXhMU+gQLA== X-CSE-MsgGUID: rlewv8wYSZC5mKoSyXm9Fw== X-IronPort-AV: E=McAfee;i="6600,9927,11067"; a="14946395" X-IronPort-AV: E=Sophos;i="6.08,147,1712646000"; d="scan'208";a="14946395" X-Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 May 2024 23:27:06 -0700 X-CSE-ConnectionGUID: czrYTTjnQHSd/EZso9dZPQ== X-CSE-MsgGUID: ix7CzLovSEOZgcOoIVYxBQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,147,1712646000"; d="scan'208";a="60305897" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by fmviesa001.fm.intel.com with ESMTP; 08 May 2024 23:27:05 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Cc: Jiewen Yao , Yi Li Subject: [edk2-devel] [PATCH v3 02/11] CryptoPkg: Add rand function for BaseCryptLibMbedTls Date: Thu, 9 May 2024 14:26:51 +0800 Message-Id: <20240509062700.2062-3-wenxing.hou@intel.com> In-Reply-To: <20240509062700.2062-1-wenxing.hou@intel.com> References: <20240509062700.2062-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 08 May 2024 23:27:06 -0700 Resent-From: wenxing.hou@intel.com Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Dak767XxBeKL3urzGjjAbPf5x7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=j7Neq8na; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Add rand function for BaseCryptLibMbedTls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/Include/Library/BaseCryptLib.h | 2 + .../BaseCryptLibMbedTls/InternalCryptLib.h | 16 +++ .../BaseCryptLibMbedTls/Rand/CryptRand.c | 114 ++++++++++++++++++ .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c | 114 ++++++++++++++++++ 4 files changed, 246 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc= .c diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index 86f784a1d2..111df8e78b 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -3139,6 +3139,8 @@ DhComputeKey ( If Seed is NULL, then default seed is used.=0D If this interface is not supported, then return FALSE.=0D =0D + RandomSeed has not been implemented in BaseCryptoLibMbedTls.=0D +=0D @param[in] Seed Pointer to seed value.=0D If NULL, default seed is used.=0D @param[in] SeedSize Size of seed value.=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h b/Cry= ptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h index 039aa32028..a30666cef4 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h @@ -22,4 +22,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent //=0D #include =0D =0D +/**=0D + The MbedTLS function f_rng, which MbedtlsRand implements.=0D +=0D + @param[in] RngState Not used, just for compatibility with mbedlts.=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Len Size of random bytes to generate.=0D +=0D + @retval 0 Pseudorandom byte stream generated successfully.=0D + @retval Non-0 Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +**/=0D +INT32=0D +MbedtlsRand (=0D + VOID *RngState,=0D + UINT8 *Output,=0D + UINTN Len=0D + );=0D #endif=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c new file mode 100644 index 0000000000..e01aabc0de --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c @@ -0,0 +1,114 @@ +/** @file=0D + Pseudorandom Number Generator Wrapper Implementation over MbedTLS.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "InternalCryptLib.h"=0D +#include =0D +=0D +/**=0D + Sets up the seed value for the pseudorandom number generator.=0D +=0D + This function sets up the seed value for the pseudorandom number generat= or.=0D + If Seed is not NULL, then the seed passed in is used.=0D + If Seed is NULL, then default seed is used.=0D +=0D + @param[in] Seed Pointer to seed value.=0D + If NULL, default seed is used.=0D + @param[in] SeedSize Size of seed value.=0D + If Seed is NULL, this parameter is ignored.=0D +=0D + @retval TRUE Pseudorandom number generator has enough entropy for rand= om generation.=0D + @retval FALSE Pseudorandom number generator does not have enough entrop= y for random generation.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +RandomSeed (=0D + IN CONST UINT8 *Seed OPTIONAL,=0D + IN UINTN SeedSize=0D + )=0D +{=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a pseudorandom byte stream of the specified size.=0D +=0D + If Output is NULL, then return FALSE.=0D +=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Size Size of random bytes to generate.=0D +=0D + @retval TRUE Pseudorandom byte stream generated successfully.=0D + @retval FALSE Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +RandomBytes (=0D + OUT UINT8 *Output,=0D + IN UINTN Size=0D + )=0D +{=0D + BOOLEAN Ret;=0D + volatile UINT64 TempRand;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if ((Output =3D=3D NULL) || (Size > INT_MAX)) {=0D + return FALSE;=0D + }=0D +=0D + Ret =3D FALSE;=0D +=0D + while (Size > 0) {=0D + // Use RngLib to get random number=0D + Ret =3D GetRandomNumber64 ((UINT64 *)&TempRand);=0D +=0D + if (!Ret) {=0D + TempRand =3D 0;=0D + return Ret;=0D + }=0D +=0D + if (Size >=3D sizeof (TempRand)) {=0D + *((UINT64 *)Output) =3D TempRand;=0D + Output +=3D sizeof (UINT64);=0D + Size -=3D sizeof (TempRand);=0D + } else {=0D + CopyMem (Output, (VOID *)&TempRand, Size);=0D + Size =3D 0;=0D + }=0D + }=0D +=0D + TempRand =3D 0;=0D + return Ret;=0D +}=0D +=0D +/**=0D + The MbedTLS function f_rng, which MbedtlsRand implements.=0D +=0D + @param[in] RngState Not used, just for compatibility with mbedlts.=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Len Size of random bytes to generate.=0D +=0D + @retval 0 Pseudorandom byte stream generated successfully.=0D + @retval Non-0 Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +**/=0D +INT32=0D +MbedtlsRand (=0D + VOID *RngState,=0D + UINT8 *Output,=0D + UINTN Len=0D + )=0D +{=0D + BOOLEAN Result;=0D +=0D + Result =3D RandomBytes (Output, Len);=0D +=0D + return Result ? 0 : -1;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c b/Cr= yptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c new file mode 100644 index 0000000000..e01aabc0de --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c @@ -0,0 +1,114 @@ +/** @file=0D + Pseudorandom Number Generator Wrapper Implementation over MbedTLS.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "InternalCryptLib.h"=0D +#include =0D +=0D +/**=0D + Sets up the seed value for the pseudorandom number generator.=0D +=0D + This function sets up the seed value for the pseudorandom number generat= or.=0D + If Seed is not NULL, then the seed passed in is used.=0D + If Seed is NULL, then default seed is used.=0D +=0D + @param[in] Seed Pointer to seed value.=0D + If NULL, default seed is used.=0D + @param[in] SeedSize Size of seed value.=0D + If Seed is NULL, this parameter is ignored.=0D +=0D + @retval TRUE Pseudorandom number generator has enough entropy for rand= om generation.=0D + @retval FALSE Pseudorandom number generator does not have enough entrop= y for random generation.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +RandomSeed (=0D + IN CONST UINT8 *Seed OPTIONAL,=0D + IN UINTN SeedSize=0D + )=0D +{=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a pseudorandom byte stream of the specified size.=0D +=0D + If Output is NULL, then return FALSE.=0D +=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Size Size of random bytes to generate.=0D +=0D + @retval TRUE Pseudorandom byte stream generated successfully.=0D + @retval FALSE Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +RandomBytes (=0D + OUT UINT8 *Output,=0D + IN UINTN Size=0D + )=0D +{=0D + BOOLEAN Ret;=0D + volatile UINT64 TempRand;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if ((Output =3D=3D NULL) || (Size > INT_MAX)) {=0D + return FALSE;=0D + }=0D +=0D + Ret =3D FALSE;=0D +=0D + while (Size > 0) {=0D + // Use RngLib to get random number=0D + Ret =3D GetRandomNumber64 ((UINT64 *)&TempRand);=0D +=0D + if (!Ret) {=0D + TempRand =3D 0;=0D + return Ret;=0D + }=0D +=0D + if (Size >=3D sizeof (TempRand)) {=0D + *((UINT64 *)Output) =3D TempRand;=0D + Output +=3D sizeof (UINT64);=0D + Size -=3D sizeof (TempRand);=0D + } else {=0D + CopyMem (Output, (VOID *)&TempRand, Size);=0D + Size =3D 0;=0D + }=0D + }=0D +=0D + TempRand =3D 0;=0D + return Ret;=0D +}=0D +=0D +/**=0D + The MbedTLS function f_rng, which MbedtlsRand implements.=0D +=0D + @param[in] RngState Not used, just for compatibility with mbedlts.=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Len Size of random bytes to generate.=0D +=0D + @retval 0 Pseudorandom byte stream generated successfully.=0D + @retval Non-0 Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +**/=0D +INT32=0D +MbedtlsRand (=0D + VOID *RngState,=0D + UINT8 *Output,=0D + UINTN Len=0D + )=0D +{=0D + BOOLEAN Result;=0D +=0D + Result =3D RandomBytes (Output, Len);=0D +=0D + return Result ? 0 : -1;=0D +}=0D --=20 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118733): https://edk2.groups.io/g/devel/message/118733 Mute This Topic: https://groups.io/mt/105996828/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-