Re: [edk2-devel] [PATCH RESEND v1 0/9] Add DrbgLib

["Michael D Kinney" <michael.d.kinney@intel.com>]

Hi Pierre,

Can you add to the Patch #0 Summary and the BZ the difference
between the existing RngLib and this new DrbgLib?

Would you recommend one be implement on top of the other?

Really glad to see test vectors were used to verify correctness.
Can you consider adding formal unit tests using the UnitTestFrameworkPkg
with those test vectors so a unit test failure would be generated if
maintenance is performed in the future that changes the behavior?

Thanks,

Mike

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of PierreGondois
> Sent: Wednesday, June 29, 2022 12:19 PM
> To: devel@edk2.groups.io
> Cc: Sami Mujawar <sami.mujawar@arm.com>; Leif Lindholm <quic_llindhol@quicinc.com>; Ard Biesheuvel <ardb+tianocore@kernel.org>;
> Rebecca Cran <rebecca@bsdio.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming <gaoliming@byosoft.com.cn>; Yao,
> Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>
> Subject: [edk2-devel] [PATCH RESEND v1 0/9] Add DrbgLib
> 
> From: Pierre Gondois <pierre.gondois@arm.com>
> 
> Bugzilla: Bug 3971 (https://bugzilla.tianocore.org/show_bug.cgi?id=3971)
> 
> Add support for a Deterministic Random Bits Generator (Drbg). The
> specifications used are the following:
> 
> - [1] NIST Special Publication 800-90A Revision 1, June 2015, Recommendation
> 	  for Random Number Generation Using Deterministic Random Bit Generators.
> 	  (https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final)
> - [2] NIST Special Publication 800-90B, Recommendation for the Entropy
> 	  Sources Used for Random Bit Generation.
> 	  (https://csrc.nist.gov/publications/detail/sp/800-90b/final)
> - [3] (Second Draft) NIST Special Publication 800-90C, Recommendation for
> 	  Random Bit Generator (RBG) Constructions.
> 	  (https://csrc.nist.gov/publications/detail/sp/800-90c/draft)
> - [4] NIST Special Publication 800-57 Part 1 Revision 5, May 2020,
> 	  Recommendation for Key Management:Part 1 - General.
> 
> The test vectors available in the CTR_DRBG_AES256 sections of
> https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/CTR_DRBG_noDF.pdf
> were used for validation.
> 
> This patch-set can seen at:
> https://github.com/PierreARM/edk2/tree/Arm_Drbg_v1
> 
> This patch has the following dependency:
> - [PATCH v3 00/22] Add Raw algorithm support using Arm FW-TRNG interface
>   https://edk2.groups.io/g/devel/message/90845
> - [PATCH v1 0/7] Add AesLib and ArmAesLib
>   https://edk2.groups.io/g/devel/message/90878
> 
> Pierre Gondois (9):
>   MdePkg/DrbgLib: Drbg library interface definition
>   MdePkg/DrbgLib: Add NULL instance of Drbg Library
>   MdePkg/DrbgLib: Add BitStream implementation
>   MdePkg/DrbgLib: Add Get_entropy_input() implementation
>   MdePkg/DrbgLib: Add common wrappers
>   MdePkg/DrbgLib: Add Ctr Drbg mechanism functions
>   MdePkg/DrbgLib: Add Drbg mechanism functions and module
>   ArmVirtPkg: Kvmtool: Add AesLib/DrbgLib for RngDxe
>   SecurityPkg/RngDxe: Use DrbgLib in RngDxe for Arm
> 
>  ArmVirtPkg/ArmVirtKvmTool.dsc                 |    2 +
>  MdePkg/Include/Library/DrbgLib.h              |  172 +++
>  MdePkg/Library/DrbgLib/BitStream.c            | 1114 +++++++++++++++++
>  MdePkg/Library/DrbgLib/BitStream.h            |  366 ++++++
>  MdePkg/Library/DrbgLib/Common.c               |  249 ++++
>  MdePkg/Library/DrbgLib/Common.h               |   74 ++
>  MdePkg/Library/DrbgLib/CtrDrbg.c              |  899 +++++++++++++
>  MdePkg/Library/DrbgLib/CtrDrbg.h              |  100 ++
>  MdePkg/Library/DrbgLib/DrbgLib.c              |  628 ++++++++++
>  MdePkg/Library/DrbgLib/DrbgLib.inf            |   39 +
>  MdePkg/Library/DrbgLib/DrbgLibInternal.h      |  310 +++++
>  MdePkg/Library/DrbgLib/GetEntropyInput.c      |   72 ++
>  MdePkg/Library/DrbgLib/GetEntropyInput.h      |   48 +
>  MdePkg/Library/DrbgLibNull/DrbgLib.c          |  165 +++
>  MdePkg/Library/DrbgLibNull/DrbgLibNull.inf    |   21 +
>  MdePkg/MdePkg.dec                             |    4 +
>  MdePkg/MdePkg.dsc                             |    2 +
>  .../RandomNumberGenerator/RngDxe/ArmRngDxe.c  |   75 +-
>  .../RandomNumberGenerator/RngDxe/RngDxe.inf   |    1 +
>  SecurityPkg/SecurityPkg.dsc                   |    2 +
>  20 files changed, 4342 insertions(+), 1 deletion(-)
>  create mode 100644 MdePkg/Include/Library/DrbgLib.h
>  create mode 100644 MdePkg/Library/DrbgLib/BitStream.c
>  create mode 100644 MdePkg/Library/DrbgLib/BitStream.h
>  create mode 100644 MdePkg/Library/DrbgLib/Common.c
>  create mode 100644 MdePkg/Library/DrbgLib/Common.h
>  create mode 100644 MdePkg/Library/DrbgLib/CtrDrbg.c
>  create mode 100644 MdePkg/Library/DrbgLib/CtrDrbg.h
>  create mode 100644 MdePkg/Library/DrbgLib/DrbgLib.c
>  create mode 100644 MdePkg/Library/DrbgLib/DrbgLib.inf
>  create mode 100644 MdePkg/Library/DrbgLib/DrbgLibInternal.h
>  create mode 100644 MdePkg/Library/DrbgLib/GetEntropyInput.c
>  create mode 100644 MdePkg/Library/DrbgLib/GetEntropyInput.h
>  create mode 100644 MdePkg/Library/DrbgLibNull/DrbgLib.c
>  create mode 100644 MdePkg/Library/DrbgLibNull/DrbgLibNull.inf
> 
> --
> 2.25.1
> 
> 
> 
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#90898): https://edk2.groups.io/g/devel/message/90898
> Mute This Topic: https://groups.io/mt/92072283/1643496
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub [michael.d.kinney@intel.com]
> -=-=-=-=-=-=
>