public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
	"matthewfcarlson@gmail.com" <matthewfcarlson@gmail.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>,
	"Wang, Jian J" <jian.j.wang@intel.com>,
	"Lu, XiaoyuX" <xiaoyux.lu@intel.com>
Subject: Re: [edk2-devel] [PATCH v8 5/5] CryptoPkg: OpensslLib: Use RngLib to generate entropy in rand_pool
Date: Wed, 19 Aug 2020 23:29:50 +0000	[thread overview]
Message-ID: <CY4PR11MB1288E8ED7BD4DACEC464C4968C5D0@CY4PR11MB1288.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20200819193712.1629-6-matthewfcarlson@gmail.com>

Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>



> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Matthew
> Carlson
> Sent: Thursday, August 20, 2020 3:37 AM
> To: devel@edk2.groups.io
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>; Yao, Jiewen
> <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Matthew
> Carlson <matthewfcarlson@gmail.com>
> Subject: [edk2-devel] [PATCH v8 5/5] CryptoPkg: OpensslLib: Use RngLib to
> generate entropy in rand_pool
> 
> From: Matthew Carlson <macarl@microsoft.com>
> 
> Ref: https://github.com/tianocore/edk2/pull/845
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
> 
> Changes OpenSSL to no longer depend on TimerLib and instead use RngLib.
> This allows platforms to decide for themsevles what sort of entropy source
> they provide to OpenSSL and TlsLib.
> 
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> 
> Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
> Signed-off-by: Matthew Carlson <matthewfcarlson@gmail.com>
> ---
>  CryptoPkg/Library/OpensslLib/rand_pool.c           | 265 +++++---------------
>  CryptoPkg/Library/OpensslLib/rand_pool_noise.c     |  29 ---
>  CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c |  43 ----
>  CryptoPkg/CryptoPkg.dsc                            |   1 +
>  CryptoPkg/Library/OpensslLib/OpensslLib.inf        |  15 +-
>  CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf  |  15 +-
>  CryptoPkg/Library/OpensslLib/rand_pool_noise.h     |  29 ---
>  7 files changed, 63 insertions(+), 334 deletions(-)
> 
> diff --git a/CryptoPkg/Library/OpensslLib/rand_pool.c
> b/CryptoPkg/Library/OpensslLib/rand_pool.c
> index 9e0179b03490..490b9e2f4692 100644
> --- a/CryptoPkg/Library/OpensslLib/rand_pool.c
> +++ b/CryptoPkg/Library/OpensslLib/rand_pool.c
> @@ -2,8 +2,8 @@
>    OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI.
> 
>    The file implement these functions.
> 
> 
> 
> -Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> 
> -SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> +  Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> 
> +  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> 
> 
>  **/
> 
> 
> 
> @@ -11,53 +11,18 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>  #include <openssl/aes.h>
> 
> 
> 
>  #include <Uefi.h>
> 
> -#include <Library/TimerLib.h>
> 
> -
> 
> -#include "rand_pool_noise.h"
> 
> -
> 
> -/**
> 
> -  Get some randomness from low-order bits of GetPerformanceCounter results.
> 
> -  And combine them to the 64-bit value
> 
> -
> 
> -  @param[out] Rand    Buffer pointer to store the 64-bit random value.
> 
> -
> 
> -  @retval TRUE        Random number generated successfully.
> 
> -  @retval FALSE       Failed to generate.
> 
> -**/
> 
> -STATIC
> 
> -BOOLEAN
> 
> -EFIAPI
> 
> -GetRandNoise64FromPerformanceCounter(
> 
> -  OUT UINT64      *Rand
> 
> -  )
> 
> -{
> 
> -  UINT32 Index;
> 
> -  UINT32 *RandPtr;
> 
> -
> 
> -  if (NULL == Rand) {
> 
> -    return FALSE;
> 
> -  }
> 
> -
> 
> -  RandPtr = (UINT32 *) Rand;
> 
> -
> 
> -  for (Index = 0; Index < 2; Index ++) {
> 
> -    *RandPtr = (UINT32) (GetPerformanceCounter () & 0xFF);
> 
> -    MicroSecondDelay (10);
> 
> -    RandPtr++;
> 
> -  }
> 
> -
> 
> -  return TRUE;
> 
> -}
> 
> +#include <Library/RngLib.h>
> 
> 
> 
>  /**
> 
>    Calls RandomNumber64 to fill
> 
>    a buffer of arbitrary size with random bytes.
> 
> +  This is a shim layer to RngLib.
> 
> 
> 
>    @param[in]   Length        Size of the buffer, in bytes,  to fill with.
> 
>    @param[out]  RandBuffer    Pointer to the buffer to store the random result.
> 
> 
> 
> -  @retval EFI_SUCCESS        Random bytes generation succeeded.
> 
> -  @retval EFI_NOT_READY      Failed to request random bytes.
> 
> +  @retval TRUE        Random bytes generation succeeded.
> 
> +  @retval FALSE       Failed to request random bytes.
> 
> 
> 
>  **/
> 
>  STATIC
> 
> @@ -65,7 +30,7 @@ BOOLEAN
>  EFIAPI
> 
>  RandGetBytes (
> 
>    IN UINTN         Length,
> 
> -  OUT UINT8        *RandBuffer
> 
> +  OUT UINT8       *RandBuffer
> 
>    )
> 
>  {
> 
>    BOOLEAN     Ret;
> 
> @@ -73,17 +38,17 @@ RandGetBytes (
> 
> 
>    Ret = FALSE;
> 
> 
> 
> +  if (RandBuffer == NULL) {
> 
> +    DEBUG((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No
> random numbers are generated and your system is not secure\n"));
> 
> +    ASSERT (RandBuffer != NULL); // Since we can't generate random numbers,
> we should assert. Otherwise we will just blow up later.
> 
> +    return Ret;
> 
> +  }
> 
> +
> 
> +
> 
>    while (Length > 0) {
> 
> -    //
> 
> -    // Get random noise from platform.
> 
> -    // If it failed, fallback to PerformanceCounter
> 
> -    // If you really care about security, you must override
> 
> -    // GetRandomNoise64FromPlatform.
> 
> -    //
> 
> -    Ret = GetRandomNoise64 (&TempRand);
> 
> -    if (Ret == FALSE) {
> 
> -      Ret = GetRandNoise64FromPerformanceCounter (&TempRand);
> 
> -    }
> 
> +    // Use RngLib to get random number
> 
> +    Ret = GetRandomNumber64 (&TempRand);
> 
> +
> 
>      if (!Ret) {
> 
>        return Ret;
> 
>      }
> 
> @@ -91,7 +56,8 @@ RandGetBytes (
>        *((UINT64*) RandBuffer) = TempRand;
> 
>        RandBuffer += sizeof (UINT64);
> 
>        Length -= sizeof (TempRand);
> 
> -    } else {
> 
> +    }
> 
> +    else {
> 
>        CopyMem (RandBuffer, &TempRand, Length);
> 
>        Length = 0;
> 
>      }
> 
> @@ -100,125 +66,6 @@ RandGetBytes (
>    return Ret;
> 
>  }
> 
> 
> 
> -/**
> 
> -  Creates a 128bit random value that is fully forward and backward prediction
> resistant,
> 
> -  suitable for seeding a NIST SP800-90 Compliant.
> 
> -  This function takes multiple random numbers from PerformanceCounter to
> ensure reseeding
> 
> -  and performs AES-CBC-MAC over the data to compute the seed value.
> 
> -
> 
> -  @param[out]  SeedBuffer    Pointer to a 128bit buffer to store the random
> seed.
> 
> -
> 
> -  @retval TRUE        Random seed generation succeeded.
> 
> -  @retval FALSE      Failed to request random bytes.
> 
> -
> 
> -**/
> 
> -STATIC
> 
> -BOOLEAN
> 
> -EFIAPI
> 
> -RandGetSeed128 (
> 
> -  OUT UINT8        *SeedBuffer
> 
> -  )
> 
> -{
> 
> -  BOOLEAN     Ret;
> 
> -  UINT8       RandByte[16];
> 
> -  UINT8       Key[16];
> 
> -  UINT8       Ffv[16];
> 
> -  UINT8       Xored[16];
> 
> -  UINT32      Index;
> 
> -  UINT32      Index2;
> 
> -  AES_KEY     AESKey;
> 
> -
> 
> -  //
> 
> -  // Chose an arbitrary key and zero the feed_forward_value (FFV)
> 
> -  //
> 
> -  for (Index = 0; Index < 16; Index++) {
> 
> -    Key[Index] = (UINT8) Index;
> 
> -    Ffv[Index] = 0;
> 
> -  }
> 
> -
> 
> -  AES_set_encrypt_key (Key, 16 * 8, &AESKey);
> 
> -
> 
> -  //
> 
> -  // Perform CBC_MAC over 32 * 128 bit values, with 10us gaps between 128 bit
> value
> 
> -  // The 10us gaps will ensure multiple reseeds within the system time with a
> large
> 
> -  // design margin.
> 
> -  //
> 
> -  for (Index = 0; Index < 32; Index++) {
> 
> -    MicroSecondDelay (10);
> 
> -    Ret = RandGetBytes (16, RandByte);
> 
> -    if (!Ret) {
> 
> -      return Ret;
> 
> -    }
> 
> -
> 
> -    //
> 
> -    // Perform XOR operations on two 128-bit value.
> 
> -    //
> 
> -    for (Index2 = 0; Index2 < 16; Index2++) {
> 
> -      Xored[Index2] = RandByte[Index2] ^ Ffv[Index2];
> 
> -    }
> 
> -
> 
> -    AES_encrypt (Xored, Ffv, &AESKey);
> 
> -  }
> 
> -
> 
> -  for (Index = 0; Index < 16; Index++) {
> 
> -    SeedBuffer[Index] = Ffv[Index];
> 
> -  }
> 
> -
> 
> -  return Ret;
> 
> -}
> 
> -
> 
> -/**
> 
> -  Generate high-quality entropy source.
> 
> -
> 
> -  @param[in]   Length        Size of the buffer, in bytes, to fill with.
> 
> -  @param[out]  Entropy       Pointer to the buffer to store the entropy data.
> 
> -
> 
> -  @retval EFI_SUCCESS        Entropy generation succeeded.
> 
> -  @retval EFI_NOT_READY      Failed to request random data.
> 
> -
> 
> -**/
> 
> -STATIC
> 
> -BOOLEAN
> 
> -EFIAPI
> 
> -RandGenerateEntropy (
> 
> -  IN UINTN         Length,
> 
> -  OUT UINT8        *Entropy
> 
> -  )
> 
> -{
> 
> -  BOOLEAN     Ret;
> 
> -  UINTN       BlockCount;
> 
> -  UINT8       Seed[16];
> 
> -  UINT8       *Ptr;
> 
> -
> 
> -  BlockCount = Length / 16;
> 
> -  Ptr        = (UINT8 *) Entropy;
> 
> -
> 
> -  //
> 
> -  // Generate high-quality seed for DRBG Entropy
> 
> -  //
> 
> -  while (BlockCount > 0) {
> 
> -    Ret = RandGetSeed128 (Seed);
> 
> -    if (!Ret) {
> 
> -      return Ret;
> 
> -    }
> 
> -    CopyMem (Ptr, Seed, 16);
> 
> -
> 
> -    BlockCount--;
> 
> -    Ptr = Ptr + 16;
> 
> -  }
> 
> -
> 
> -  //
> 
> -  // Populate the remained data as request.
> 
> -  //
> 
> -  Ret = RandGetSeed128 (Seed);
> 
> -  if (!Ret) {
> 
> -    return Ret;
> 
> -  }
> 
> -  CopyMem (Ptr, Seed, (Length % 16));
> 
> -
> 
> -  return Ret;
> 
> -}
> 
> -
> 
>  /*
> 
>   * Add random bytes to the pool to acquire requested amount of entropy
> 
>   *
> 
> @@ -227,27 +74,31 @@ RandGenerateEntropy (
>   *
> 
>   * This is OpenSSL required interface.
> 
>   */
> 
> -size_t rand_pool_acquire_entropy(RAND_POOL *pool)
> 
> +size_t
> 
> +rand_pool_acquire_entropy (
> 
> +  RAND_POOL *pool
> 
> +  )
> 
>  {
> 
> -  BOOLEAN  Ret;
> 
> -  size_t bytes_needed;
> 
> -  unsigned char * buffer;
> 
> +  BOOLEAN        Ret;
> 
> +  size_t         bytes_needed;
> 
> +  unsigned char *buffer;
> 
> 
> 
> -  bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
> 
> +  bytes_needed = rand_pool_bytes_needed (pool, 1 /*entropy_factor*/);
> 
>    if (bytes_needed > 0) {
> 
> -    buffer = rand_pool_add_begin(pool, bytes_needed);
> 
> +    buffer = rand_pool_add_begin (pool, bytes_needed);
> 
> 
> 
>      if (buffer != NULL) {
> 
> -      Ret = RandGenerateEntropy(bytes_needed, buffer);
> 
> +      Ret = RandGetBytes (bytes_needed, buffer);
> 
>        if (FALSE == Ret) {
> 
> -        rand_pool_add_end(pool, 0, 0);
> 
> -      } else {
> 
> -        rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed);
> 
> +        rand_pool_add_end (pool, 0, 0);
> 
> +      }
> 
> +      else {
> 
> +        rand_pool_add_end (pool, bytes_needed, 8 * bytes_needed);
> 
>        }
> 
>      }
> 
>    }
> 
> 
> 
> -  return rand_pool_entropy_available(pool);
> 
> +  return rand_pool_entropy_available (pool);
> 
>  }
> 
> 
> 
>  /*
> 
> @@ -255,17 +106,15 @@ size_t rand_pool_acquire_entropy(RAND_POOL
> *pool)
>   *
> 
>   * This is OpenSSL required interface.
> 
>   */
> 
> -int rand_pool_add_nonce_data(RAND_POOL *pool)
> 
> +int
> 
> +rand_pool_add_nonce_data (
> 
> +  RAND_POOL *pool
> 
> +  )
> 
>  {
> 
> -  struct {
> 
> -    UINT64  Rand;
> 
> -    UINT64  TimerValue;
> 
> -  } data = { 0 };
> 
> +  UINT8 data[16];
> 
> +  RandGetBytes (sizeof(data), data);
> 
> 
> 
> -  RandGetBytes(8, (UINT8 *)&(data.Rand));
> 
> -  data.TimerValue = GetPerformanceCounter();
> 
> -
> 
> -  return rand_pool_add(pool, (unsigned char*)&data, sizeof(data), 0);
> 
> +  return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0);
> 
>  }
> 
> 
> 
>  /*
> 
> @@ -273,17 +122,15 @@ int rand_pool_add_nonce_data(RAND_POOL *pool)
>   *
> 
>   * This is OpenSSL required interface.
> 
>   */
> 
> -int rand_pool_add_additional_data(RAND_POOL *pool)
> 
> +int
> 
> +rand_pool_add_additional_data (
> 
> +  RAND_POOL *pool
> 
> +  )
> 
>  {
> 
> -  struct {
> 
> -    UINT64  Rand;
> 
> -    UINT64  TimerValue;
> 
> -  } data = { 0 };
> 
> -
> 
> -  RandGetBytes(8, (UINT8 *)&(data.Rand));
> 
> -  data.TimerValue = GetPerformanceCounter();
> 
> +  UINT8 data[16];
> 
> +  RandGetBytes (sizeof(data), data);
> 
> 
> 
> -  return rand_pool_add(pool, (unsigned char*)&data, sizeof(data), 0);
> 
> +  return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0);
> 
>  }
> 
> 
> 
>  /*
> 
> @@ -291,7 +138,10 @@ int rand_pool_add_additional_data(RAND_POOL *pool)
>   *
> 
>   * This is OpenSSL required interface.
> 
>   */
> 
> -int rand_pool_init(void)
> 
> +int
> 
> +rand_pool_init (
> 
> +  VOID
> 
> +  )
> 
>  {
> 
>    return 1;
> 
>  }
> 
> @@ -301,7 +151,10 @@ int rand_pool_init(void)
>   *
> 
>   * This is OpenSSL required interface.
> 
>   */
> 
> -void rand_pool_cleanup(void)
> 
> +VOID
> 
> +rand_pool_cleanup(
> 
> +  VOID
> 
> +  )
> 
>  {
> 
>  }
> 
> 
> 
> @@ -310,7 +163,9 @@ void rand_pool_cleanup(void)
>   *
> 
>   * This is OpenSSL required interface.
> 
>   */
> 
> -void rand_pool_keep_random_devices_open(int keep)
> 
> +VOID
> 
> +rand_pool_keep_random_devices_open (
> 
> +  int keep
> 
> +  )
> 
>  {
> 
>  }
> 
> -
> 
> diff --git a/CryptoPkg/Library/OpensslLib/rand_pool_noise.c
> b/CryptoPkg/Library/OpensslLib/rand_pool_noise.c
> deleted file mode 100644
> index 212834e27acc..000000000000
> --- a/CryptoPkg/Library/OpensslLib/rand_pool_noise.c
> +++ /dev/null
> @@ -1,29 +0,0 @@
> -/** @file
> 
> -  Provide rand noise source.
> 
> -
> 
> -Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> 
> -SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> -
> 
> -**/
> 
> -
> 
> -#include <Library/BaseLib.h>
> 
> -
> 
> -/**
> 
> -  Get 64-bit noise source
> 
> -
> 
> -  @param[out] Rand         Buffer pointer to store 64-bit noise source
> 
> -
> 
> -  @retval FALSE            Failed to generate
> 
> -**/
> 
> -BOOLEAN
> 
> -EFIAPI
> 
> -GetRandomNoise64 (
> 
> -  OUT UINT64         *Rand
> 
> -  )
> 
> -{
> 
> -  //
> 
> -  // Return FALSE will fallback to use PerformanceCounter to
> 
> -  // generate noise.
> 
> -  //
> 
> -  return FALSE;
> 
> -}
> 
> diff --git a/CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c
> b/CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c
> deleted file mode 100644
> index 4158106231fd..000000000000
> --- a/CryptoPkg/Library/OpensslLib/rand_pool_noise_tsc.c
> +++ /dev/null
> @@ -1,43 +0,0 @@
> -/** @file
> 
> -  Provide rand noise source.
> 
> -
> 
> -Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> 
> -SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> -
> 
> -**/
> 
> -
> 
> -#include <Library/BaseLib.h>
> 
> -#include <Library/DebugLib.h>
> 
> -#include <Library/TimerLib.h>
> 
> -
> 
> -/**
> 
> -  Get 64-bit noise source
> 
> -
> 
> -  @param[out] Rand         Buffer pointer to store 64-bit noise source
> 
> -
> 
> -  @retval TRUE             Get randomness successfully.
> 
> -  @retval FALSE            Failed to generate
> 
> -**/
> 
> -BOOLEAN
> 
> -EFIAPI
> 
> -GetRandomNoise64 (
> 
> -  OUT UINT64         *Rand
> 
> -  )
> 
> -{
> 
> -  UINT32 Index;
> 
> -  UINT32 *RandPtr;
> 
> -
> 
> -  if (NULL == Rand) {
> 
> -    return FALSE;
> 
> -  }
> 
> -
> 
> -  RandPtr = (UINT32 *)Rand;
> 
> -
> 
> -  for (Index = 0; Index < 2; Index ++) {
> 
> -    *RandPtr = (UINT32) ((AsmReadTsc ()) & 0xFF);
> 
> -    RandPtr++;
> 
> -    MicroSecondDelay (10);
> 
> -  }
> 
> -
> 
> -  return TRUE;
> 
> -}
> 
> diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
> index 1af78468a19c..0490eeb7e22f 100644
> --- a/CryptoPkg/CryptoPkg.dsc
> +++ b/CryptoPkg/CryptoPkg.dsc
> @@ -60,6 +60,7 @@
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> 
>    TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
> 
>    HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> 
> +  RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> 
> 
> 
>  [LibraryClasses.ARM, LibraryClasses.AARCH64]
> 
>    #
> 
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index cc27b8c57cb3..b00bb74ce67e 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -571,22 +571,9 @@
>    $(OPENSSL_PATH)/ssl/statem/statem_local.h
> 
>  # Autogenerated files list ends here
> 
>    buildinf.h
> 
> -  rand_pool_noise.h
> 
>    ossl_store.c
> 
>    rand_pool.c
> 
> 
> 
> -[Sources.Ia32]
> 
> -  rand_pool_noise_tsc.c
> 
> -
> 
> -[Sources.X64]
> 
> -  rand_pool_noise_tsc.c
> 
> -
> 
> -[Sources.ARM]
> 
> -  rand_pool_noise.c
> 
> -
> 
> -[Sources.AARCH64]
> 
> -  rand_pool_noise.c
> 
> -
> 
>  [Packages]
> 
>    MdePkg/MdePkg.dec
> 
>    CryptoPkg/CryptoPkg.dec
> 
> @@ -594,7 +581,7 @@
>  [LibraryClasses]
> 
>    BaseLib
> 
>    DebugLib
> 
> -  TimerLib
> 
> +  RngLib
> 
>    PrintLib
> 
> 
> 
>  [LibraryClasses.ARM]
> 
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index 616ccd9f62d1..3557711bd85a 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -520,22 +520,9 @@
>    $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h
> 
>  # Autogenerated files list ends here
> 
>    buildinf.h
> 
> -  rand_pool_noise.h
> 
>    ossl_store.c
> 
>    rand_pool.c
> 
> 
> 
> -[Sources.Ia32]
> 
> -  rand_pool_noise_tsc.c
> 
> -
> 
> -[Sources.X64]
> 
> -  rand_pool_noise_tsc.c
> 
> -
> 
> -[Sources.ARM]
> 
> -  rand_pool_noise.c
> 
> -
> 
> -[Sources.AARCH64]
> 
> -  rand_pool_noise.c
> 
> -
> 
>  [Packages]
> 
>    MdePkg/MdePkg.dec
> 
>    CryptoPkg/CryptoPkg.dec
> 
> @@ -543,7 +530,7 @@
>  [LibraryClasses]
> 
>    BaseLib
> 
>    DebugLib
> 
> -  TimerLib
> 
> +  RngLib
> 
>    PrintLib
> 
> 
> 
>  [LibraryClasses.ARM]
> 
> diff --git a/CryptoPkg/Library/OpensslLib/rand_pool_noise.h
> b/CryptoPkg/Library/OpensslLib/rand_pool_noise.h
> deleted file mode 100644
> index 75acc686a9f1..000000000000
> --- a/CryptoPkg/Library/OpensslLib/rand_pool_noise.h
> +++ /dev/null
> @@ -1,29 +0,0 @@
> -/** @file
> 
> -  Provide rand noise source.
> 
> -
> 
> -Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> 
> -SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> -
> 
> -**/
> 
> -
> 
> -#ifndef __RAND_POOL_NOISE_H__
> 
> -#define __RAND_POOL_NOISE_H__
> 
> -
> 
> -#include <Uefi/UefiBaseType.h>
> 
> -
> 
> -/**
> 
> -   Get 64-bit noise source.
> 
> -
> 
> -   @param[out] Rand         Buffer pointer to store 64-bit noise source
> 
> -
> 
> -   @retval TRUE             Get randomness successfully.
> 
> -   @retval FALSE            Failed to generate
> 
> -**/
> 
> -BOOLEAN
> 
> -EFIAPI
> 
> -GetRandomNoise64 (
> 
> -  OUT UINT64         *Rand
> 
> -  );
> 
> -
> 
> -
> 
> -#endif // __RAND_POOL_NOISE_H__
> 
> --
> 2.28.0.windows.1
> 
> 
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> 
> View/Reply Online (#64470): https://edk2.groups.io/g/devel/message/64470
> Mute This Topic: https://groups.io/mt/76294219/1772286
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub  [jiewen.yao@intel.com]
> -=-=-=-=-=-=


      reply	other threads:[~2020-08-19 23:29 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-19 19:37 [PATCH v8 0/5] Use RngLib instead of TimerLib for OpensslLib Matthew Carlson
2020-08-19 19:37 ` [PATCH v8 1/5] MdePkg: TimerRngLib: Added RngLib that uses TimerLib Matthew Carlson
2020-08-20  8:05   ` Ard Biesheuvel
2020-08-20 15:21   ` Michael D Kinney
2020-08-20 16:18     ` Matthew Carlson
2020-08-19 19:37 ` [PATCH v8 2/5] MdePkg: BaseRngLibDxe: Add RngLib that uses RngDxe Matthew Carlson
2020-08-20  8:09   ` Ard Biesheuvel
2020-08-19 19:37 ` [PATCH v8 3/5] OvmfPkg: Add RngLib based on TimerLib for Crypto Matthew Carlson
2020-08-19 19:37 ` [PATCH v8 4/5] ArmVirtPkg: Add RngLib based on TimerLib for CryptoPkg Matthew Carlson
2020-08-19 19:37 ` [PATCH v8 5/5] CryptoPkg: OpensslLib: Use RngLib to generate entropy in rand_pool Matthew Carlson
2020-08-19 23:29   ` Yao, Jiewen [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CY4PR11MB1288E8ED7BD4DACEC464C4968C5D0@CY4PR11MB1288.namprd11.prod.outlook.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox