From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-io0-x22f.google.com (mail-io0-x22f.google.com [IPv6:2607:f8b0:4001:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 471971A1F22 for ; Sat, 17 Sep 2016 00:19:01 -0700 (PDT) Received: by mail-io0-x22f.google.com with SMTP id m79so47782356ioo.3 for ; Sat, 17 Sep 2016 00:19:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=qp3T2TuGAcWGlZ91rcXjNQRKb1Ln7QlcION7qRnf7DY=; b=ez7DeanoIT6N6lv9iDNPbvrpjx/bmxWPUTZMVY361OYO+PNDlHZe14chLZGwb0gUMm mJnPDFyDAxFCg2aN2+dKDh+oUUfSFkpolQLQ3mCIB8B3duGPXfdToP6X/ANOuoy1TC8W /stJaGY6Zu9X/mW7yee1MMXPBr82Tu4jWtLjc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=qp3T2TuGAcWGlZ91rcXjNQRKb1Ln7QlcION7qRnf7DY=; b=mjhnpnDwtP4w5ui2t8c7RfD+9FY4kxLcsYKhlbXo1ThH/pbgGP518gB4nO88XwIVga dmYKu6u0PdCQ0hjz1RHQpY/VTnYi0fdLp06ziepAmew3dIa3v647awFdTus2VxT7KmFM tJpdcrJ7q3x78hltRVQOZSwlH22xnYg/rAVnhN6hhPngHmwSEquPGXKhhKKoupEtsFbc Hx+jsCm8dWvQTXON3Tmu+ZFSdpLl3coEhR1eQEQd+EBinrRlkTYNyDtq5JKB5DUQ8xLq 3+tK/nPgfk6BvXUG6GRQw0rKwE2jwRYSxBJJphbJtKDWh3ufrpG1GysmnM7r60RgVoUK JOBA== X-Gm-Message-State: AE9vXwMFcCeR04e3jAqJoL0SygcxY4xSOPhyoDMH0xeX8626zyVfBym/9de8eA/9NJNRcHgaRQCtSYe+VDjXebH3 X-Received: by 10.107.35.209 with SMTP id j200mr6250689ioj.26.1474096740506; Sat, 17 Sep 2016 00:19:00 -0700 (PDT) MIME-Version: 1.0 Received: by 10.36.204.195 with HTTP; Sat, 17 Sep 2016 00:19:00 -0700 (PDT) In-Reply-To: References: From: Ard Biesheuvel Date: Sat, 17 Sep 2016 08:19:00 +0100 Message-ID: To: "Palmer, Thomas" Cc: "edk2-devel@lists.01.org" , "Gibbons, Pat" Subject: Re: RNG algo question X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Sep 2016 07:19:01 -0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 16 September 2016 at 22:33, Palmer, Thomas wrote= : > > EDK2 community > > Why is the RngGetRNG sending requests for "gEfiRngAlgorithmRaw" to "RdR= andGenerateEntropy", which does AES operations on RDRAND output, whereas t= he requests for "gEfiRngAlgorithmSp80090Ctr256Guid" get sent to RdRandGetBy= tes which simply reads the rdrand source without modification. > > Shouldn't the processing be switched, so that "Raw" goes to RdRandGetByte= s and "gEfiRngAlgorithmSp80090Ctr256Guid" goes to RdRandGenerateEntropy? I= did not see anything in the UEFI 2.5 spec indicating why this was the case= . > The RDRAND instruction does not give you raw entropy, but the output of a DRBG. So the 'raw' entropy is being emulated by taking multiple rounds of RDRAND output and shuffling it around to make it 'raw' >>From the top of RngDxe.c: RNG Algoritnms defined in UEFI 2.4: - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID - Supported (RDRAND implements a hardware NIST SP800-90 AES-CTR-256 based DRBG) - EFI_RNG_ALGORITHM_RAW - Supported (Structuring RDRAND invocation can be guaranteed as high-quality entropy source)