From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 4335EAC0E27 for ; Fri, 17 May 2024 10:26:51 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=/u3r4RPa5rwgFwHpTMY0ghnn0AAxx6ouVzyrdYvaWR4=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1715941609; v=1; b=LrpiyjvBBXCqC1CorttCXpm8THTaTwer+x5Ar4q+qe+68n0O7eMdixb1VVdEccPYLOwUwpvJ H++kiqk/tIUtJEvQiWqqYVNfM4l9V8mfLWqyVkk9iH98OAnk6ntbRT8vlvJz0CCE9w3KPhKfyxq IIe3pa0yDzWxVFlFY8VDjJBdWflVjEqjIY9y+CyuD85Kt85Qa/3KH4124LAAiNxotvc/3/dpzad 8wVEojJvtBreSuHKCKrt7XnQZRMzSaSxGkEeLZCA01KjUeVz8W9DMbOpguHypGhUKTe7QWgGRbc ThGvMGOKy/l9HIUiXWJN64St1C9CNAAQNTz1vs6EiV3Uw== X-Received: by 127.0.0.2 with SMTP id BnOyYY7687511xj9By38fWxo; Fri, 17 May 2024 03:26:49 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.7]) by mx.groups.io with SMTP id smtpd.web10.36833.1715941605520178194 for ; Fri, 17 May 2024 03:26:48 -0700 X-CSE-ConnectionGUID: Xv+nAnNVTU2RgZOSTJxbKQ== X-CSE-MsgGUID: 02dSSXfUQH2Dh6080l7YJQ== X-IronPort-AV: E=McAfee;i="6600,9927,11074"; a="37488615" X-IronPort-AV: E=Sophos;i="6.08,167,1712646000"; d="scan'208";a="37488615" X-Received: from orviesa006.jf.intel.com ([10.64.159.146]) by fmvoesa101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 May 2024 03:26:49 -0700 X-CSE-ConnectionGUID: DDF6IfXjThOV+VDDRiRSSA== X-CSE-MsgGUID: S52kRoE1Q7+lsuMKp6nIvg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,167,1712646000"; d="scan'208";a="32171511" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by orviesa006.jf.intel.com with ESMTP; 17 May 2024 03:26:47 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Cc: Jiewen Yao , Yi Li , Jiewen Yao Subject: [edk2-devel] [PATCH v4 02/11] CryptoPkg: Add rand function for BaseCryptLibMbedTls Date: Fri, 17 May 2024 18:26:32 +0800 Message-Id: <20240517102641.4586-3-wenxing.hou@intel.com> In-Reply-To: <20240517102641.4586-1-wenxing.hou@intel.com> References: <20240517102641.4586-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 17 May 2024 03:26:48 -0700 Resent-From: wenxing.hou@intel.com Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 4E2rwBmyZbooVxyVdhuC6mhrx7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=LrpiyjvB; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Add rand function for BaseCryptLibMbedTls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou Reviewed-by: Yi Li Acked-by: Jiewen Yao --- CryptoPkg/Include/Library/BaseCryptLib.h | 2 + .../BaseCryptLibMbedTls/InternalCryptLib.h | 16 +++ .../BaseCryptLibMbedTls/Rand/CryptRand.c | 114 ++++++++++++++++++ .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c | 114 ++++++++++++++++++ 4 files changed, 246 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc= .c diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index 86f784a1d2..111df8e78b 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -3139,6 +3139,8 @@ DhComputeKey ( If Seed is NULL, then default seed is used.=0D If this interface is not supported, then return FALSE.=0D =0D + RandomSeed has not been implemented in BaseCryptoLibMbedTls.=0D +=0D @param[in] Seed Pointer to seed value.=0D If NULL, default seed is used.=0D @param[in] SeedSize Size of seed value.=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h b/Cry= ptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h index 039aa32028..a30666cef4 100644 --- a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h @@ -22,4 +22,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent //=0D #include =0D =0D +/**=0D + The MbedTLS function f_rng, which MbedtlsRand implements.=0D +=0D + @param[in] RngState Not used, just for compatibility with mbedlts.=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Len Size of random bytes to generate.=0D +=0D + @retval 0 Pseudorandom byte stream generated successfully.=0D + @retval Non-0 Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +**/=0D +INT32=0D +MbedtlsRand (=0D + VOID *RngState,=0D + UINT8 *Output,=0D + UINTN Len=0D + );=0D #endif=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c new file mode 100644 index 0000000000..e01aabc0de --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c @@ -0,0 +1,114 @@ +/** @file=0D + Pseudorandom Number Generator Wrapper Implementation over MbedTLS.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "InternalCryptLib.h"=0D +#include =0D +=0D +/**=0D + Sets up the seed value for the pseudorandom number generator.=0D +=0D + This function sets up the seed value for the pseudorandom number generat= or.=0D + If Seed is not NULL, then the seed passed in is used.=0D + If Seed is NULL, then default seed is used.=0D +=0D + @param[in] Seed Pointer to seed value.=0D + If NULL, default seed is used.=0D + @param[in] SeedSize Size of seed value.=0D + If Seed is NULL, this parameter is ignored.=0D +=0D + @retval TRUE Pseudorandom number generator has enough entropy for rand= om generation.=0D + @retval FALSE Pseudorandom number generator does not have enough entrop= y for random generation.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +RandomSeed (=0D + IN CONST UINT8 *Seed OPTIONAL,=0D + IN UINTN SeedSize=0D + )=0D +{=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a pseudorandom byte stream of the specified size.=0D +=0D + If Output is NULL, then return FALSE.=0D +=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Size Size of random bytes to generate.=0D +=0D + @retval TRUE Pseudorandom byte stream generated successfully.=0D + @retval FALSE Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +RandomBytes (=0D + OUT UINT8 *Output,=0D + IN UINTN Size=0D + )=0D +{=0D + BOOLEAN Ret;=0D + volatile UINT64 TempRand;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if ((Output =3D=3D NULL) || (Size > INT_MAX)) {=0D + return FALSE;=0D + }=0D +=0D + Ret =3D FALSE;=0D +=0D + while (Size > 0) {=0D + // Use RngLib to get random number=0D + Ret =3D GetRandomNumber64 ((UINT64 *)&TempRand);=0D +=0D + if (!Ret) {=0D + TempRand =3D 0;=0D + return Ret;=0D + }=0D +=0D + if (Size >=3D sizeof (TempRand)) {=0D + *((UINT64 *)Output) =3D TempRand;=0D + Output +=3D sizeof (UINT64);=0D + Size -=3D sizeof (TempRand);=0D + } else {=0D + CopyMem (Output, (VOID *)&TempRand, Size);=0D + Size =3D 0;=0D + }=0D + }=0D +=0D + TempRand =3D 0;=0D + return Ret;=0D +}=0D +=0D +/**=0D + The MbedTLS function f_rng, which MbedtlsRand implements.=0D +=0D + @param[in] RngState Not used, just for compatibility with mbedlts.=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Len Size of random bytes to generate.=0D +=0D + @retval 0 Pseudorandom byte stream generated successfully.=0D + @retval Non-0 Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +**/=0D +INT32=0D +MbedtlsRand (=0D + VOID *RngState,=0D + UINT8 *Output,=0D + UINTN Len=0D + )=0D +{=0D + BOOLEAN Result;=0D +=0D + Result =3D RandomBytes (Output, Len);=0D +=0D + return Result ? 0 : -1;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c b/Cr= yptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c new file mode 100644 index 0000000000..e01aabc0de --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c @@ -0,0 +1,114 @@ +/** @file=0D + Pseudorandom Number Generator Wrapper Implementation over MbedTLS.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "InternalCryptLib.h"=0D +#include =0D +=0D +/**=0D + Sets up the seed value for the pseudorandom number generator.=0D +=0D + This function sets up the seed value for the pseudorandom number generat= or.=0D + If Seed is not NULL, then the seed passed in is used.=0D + If Seed is NULL, then default seed is used.=0D +=0D + @param[in] Seed Pointer to seed value.=0D + If NULL, default seed is used.=0D + @param[in] SeedSize Size of seed value.=0D + If Seed is NULL, this parameter is ignored.=0D +=0D + @retval TRUE Pseudorandom number generator has enough entropy for rand= om generation.=0D + @retval FALSE Pseudorandom number generator does not have enough entrop= y for random generation.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +RandomSeed (=0D + IN CONST UINT8 *Seed OPTIONAL,=0D + IN UINTN SeedSize=0D + )=0D +{=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Generates a pseudorandom byte stream of the specified size.=0D +=0D + If Output is NULL, then return FALSE.=0D +=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Size Size of random bytes to generate.=0D +=0D + @retval TRUE Pseudorandom byte stream generated successfully.=0D + @retval FALSE Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +RandomBytes (=0D + OUT UINT8 *Output,=0D + IN UINTN Size=0D + )=0D +{=0D + BOOLEAN Ret;=0D + volatile UINT64 TempRand;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if ((Output =3D=3D NULL) || (Size > INT_MAX)) {=0D + return FALSE;=0D + }=0D +=0D + Ret =3D FALSE;=0D +=0D + while (Size > 0) {=0D + // Use RngLib to get random number=0D + Ret =3D GetRandomNumber64 ((UINT64 *)&TempRand);=0D +=0D + if (!Ret) {=0D + TempRand =3D 0;=0D + return Ret;=0D + }=0D +=0D + if (Size >=3D sizeof (TempRand)) {=0D + *((UINT64 *)Output) =3D TempRand;=0D + Output +=3D sizeof (UINT64);=0D + Size -=3D sizeof (TempRand);=0D + } else {=0D + CopyMem (Output, (VOID *)&TempRand, Size);=0D + Size =3D 0;=0D + }=0D + }=0D +=0D + TempRand =3D 0;=0D + return Ret;=0D +}=0D +=0D +/**=0D + The MbedTLS function f_rng, which MbedtlsRand implements.=0D +=0D + @param[in] RngState Not used, just for compatibility with mbedlts.=0D + @param[out] Output Pointer to buffer to receive random value.=0D + @param[in] Len Size of random bytes to generate.=0D +=0D + @retval 0 Pseudorandom byte stream generated successfully.=0D + @retval Non-0 Pseudorandom number generator fails to generate due to la= ck of entropy.=0D +**/=0D +INT32=0D +MbedtlsRand (=0D + VOID *RngState,=0D + UINT8 *Output,=0D + UINTN Len=0D + )=0D +{=0D + BOOLEAN Result;=0D +=0D + Result =3D RandomBytes (Output, Len);=0D +=0D + return Result ? 0 : -1;=0D +}=0D --=20 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119029): https://edk2.groups.io/g/devel/message/119029 Mute This Topic: https://groups.io/mt/106151216/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-