From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web10.6394.1597309811215339460 for ; Thu, 13 Aug 2020 02:10:11 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=KGHEewdS; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: liming.gao@intel.com) IronPort-SDR: FDSqZZdDiib0PP3JLh72oZ7+Vxg8srju0ZNwUoqlBYIQn08r6jd0ENMGSdh4g2UZdUChO8CYYe RcjxPfcT7Z4Q== X-IronPort-AV: E=McAfee;i="6000,8403,9711"; a="151831823" X-IronPort-AV: E=Sophos;i="5.76,307,1592895600"; d="scan'208";a="151831823" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Aug 2020 02:10:10 -0700 IronPort-SDR: i0x1n9xPJMDBVwX/x3NtZ6ar1mlYHcqWS8g9TNpmNYJ96xNl42cTt2SKeBDRXdbcWNrp3iwWCt CoynEEbwpeBQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.76,307,1592895600"; d="scan'208";a="295368005" Received: from fmsmsx602-2.cps.intel.com (HELO fmsmsx602.amr.corp.intel.com) ([10.18.84.212]) by orsmga006.jf.intel.com with ESMTP; 13 Aug 2020 02:10:09 -0700 Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 13 Aug 2020 02:10:09 -0700 Received: from fmsmsx102.amr.corp.intel.com (10.18.124.200) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Thu, 13 Aug 2020 02:10:09 -0700 Received: from FMSEDG001.ED.cps.intel.com (10.1.192.133) by FMSMSX102.amr.corp.intel.com (10.18.124.200) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 13 Aug 2020 02:10:08 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.174) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 13 Aug 2020 02:10:08 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jBj/DrSWxQ63O+5rz3x1u3UNzUF7k4Om4sO4xa5/LvnZhY7iBe1eFnnstvTa5yRa8TwA26fuuwlcLHHWpjvL2ZJgwNxUgm2Z+sDSSBE+w/WyHkC37uhs9WemU4S9B+0JkhfOp9JsA6Yhw0tyG1WOi3NBQIq7TbfKtCRha09sut/OocFSSt16xuhw7gBu6/oIdEmj5+CIUZLE7HQ0UVyyjGbIVqzCyfxsAtKpnMZHHm4V2A9bPU4M8GS6q9rCiea1MC/xHDVZGIfriK6sEOl1mfbsyMzr4lcF+EMJypliEx+4fFOOylGnAVf/fOduRCuXpRJOqfZMYV9UJxcvJwROQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kzyJMVd3MkI63aISi0CxceiWJ+FH16v+izsl5VVH6Fw=; b=hXorrxxbpL9jmrx9CUk+7dlhqfyIX3TLQRPN+VgAtKAZuIIrJ/Gi3TJgYroIJQ7upPILEt+Xt7d698hVk+Pez9+1OlWnKf8wfk65ESpByvBuk5/XoNqIi+Ed2N/nzpA8ECyafbjwl3ZYTo5YzpQ+5/kKt8QV/Oegc2GNqQmEazpC1r30ia67yhcrIF8oibcu5mLG/QEWJrg8nPF1bvl6SeLoBBoAGKoPKMcGDFe50HueIFXsXIJ5tRtE4KWFHXqztSVk2fDS7/9M2Rya402kwABzOx8jYK63AnvgTMSFocWyRLA16Q9KRPWQ2luz/GDgD1Q2hk8zYXZ8UNDilaqXJA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kzyJMVd3MkI63aISi0CxceiWJ+FH16v+izsl5VVH6Fw=; b=KGHEewdSJ47T2GSHGV/Ggkk604S2m2ZmvOfFkAq2EAG+j0KE4TIrB4ixh9M+RXNMcBXSVaQayJa65FnwpwmaEG9heGGKIGElThNPYPG5/h38FdA028HZmpBRmNuaszZknnIZzUfGKf/z5D0BuBXEZdx1WYoMlwsfcMvjGEGm4FQ= Received: from CY4PR11MB1526.namprd11.prod.outlook.com (2603:10b6:910:7::10) by CY4PR11MB1944.namprd11.prod.outlook.com (2603:10b6:903:121::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.19; Thu, 13 Aug 2020 09:10:07 +0000 Received: from CY4PR11MB1526.namprd11.prod.outlook.com ([fe80::f8c4:711:84e3:4c97]) by CY4PR11MB1526.namprd11.prod.outlook.com ([fe80::f8c4:711:84e3:4c97%4]) with mapi id 15.20.3261.025; Thu, 13 Aug 2020 09:10:07 +0000 From: "Liming Gao" To: "matthewfcarlson@gmail.com" , "devel@edk2.groups.io" CC: Ard Biesheuvel , "Kinney, Michael D" , "Liu, Zhiguang" , "Gao, Liming" Subject: Re: [PATCH v6 2/5] MdePkg: BaseRngLibDxe: Add RngLib that uses RngDxe Thread-Topic: [PATCH v6 2/5] MdePkg: BaseRngLibDxe: Add RngLib that uses RngDxe Thread-Index: AQHWcPoPsUeEFHk98029PCyU+EDh5Kk1v5yQ Date: Thu, 13 Aug 2020 09:10:07 +0000 Message-ID: References: <20200812224338.287-1-matthewfcarlson@gmail.com> <20200812224338.287-3-matthewfcarlson@gmail.com> In-Reply-To: <20200812224338.287-3-matthewfcarlson@gmail.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.198.147.194] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a7ea21cb-5e04-45ec-a9f3-08d83f68ac51 x-ms-traffictypediagnostic: CY4PR11MB1944: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: roKgCBtAv342j5a88TYhhvjsye4bFZ/HNO11APoAFpT7PXlLbXspa781gjD2ApTU33Ciw9qjByWJD/0Fvbuq2oZj/c+A3cwCsV0Edq6q4tBUngblYY09+m/3GQ9AL58KtSIFjdui51FrV+OkFg9FY4IUtlJzts6HULy8Bgt6GigD16f1HcKx0xfvtf9398SqLBlw8q+jm6btxGoawGo5L9/xPvGKYVJUtp4qjw5K+sHpkNtp0O43rMhuO/JIdKyR/fXiTq6jSW86Bi4HHl114v6qbWm2rBDLwRB1byeGj1lLOcndcJsNQwXNyIAiSHc45tPxbDeJPbrvriEn1m2GaQ9OkcUnqwQg+VEfWYRH0FAuDfLMOIIy+Z+CLpjdA5cOOJyU19+6yUNgzd9ck1Nbvw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR11MB1526.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(396003)(39860400002)(346002)(376002)(136003)(366004)(4326008)(186003)(55016002)(26005)(33656002)(316002)(19627235002)(9686003)(966005)(2906002)(54906003)(53546011)(110136005)(86362001)(6506007)(8936002)(5660300002)(66446008)(66556008)(64756008)(66476007)(83080400001)(45080400002)(71200400001)(52536014)(478600001)(83380400001)(66946007)(7696005)(107886003)(76116006)(8676002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: qkEpzTGdx3o6uDiMUZNqSNcgqmeelreDLa0fXLT5ob5aTnNfU8ZYPtJkVq78ZQtBIK1VTStCPgt8IE/a5AM7mPm1pH4bGZbnDW+BXi24cpeRbmh0gRuBKOUXIyajI0m1pEwLSnOZ2J9id2FtOnhK1MDWkw7WEe3G3Bh+urpwCF8VnOJISgYwXLlkyovFW+AFZ0xAP1HScvln0cSZbKoq2xb2fMgFAgY8V3XezTwGwtSPh8KXw00Jk9/UK4fEdwMzUNMB8KxbqJbZuFVqK98KteqWCbxdgARF4ErfgYMf23Z6HauetQrep4wawv7zFHUBoxGQRyULJ5T9H3tzapkLmbxHZ55xjKUj1ZYqxlcKFRZjiLtSFvW9grb8cE3ON31T+OqC8DB8m/B2AEq92Q3NVkgstfbzaFmaJ9TniUgsSLzHm/Cdu/ib4UXxost4714T5Dr9QMvaDNW1LJGDNbByVbkbpstSOS5okSxhpbplQr3r2wn+8+pWC+BYeLcYlmTec7tNyjf92FTsD2ArE6Zm/0TIrPYPlLQuPSzFXk2xZFiuFhHM9Ur3ECgU7lH7FQVUEQ5tH74JLHD1ywZ16S+x3nfKBrUm9t5f9jRZu5N5/Mm8sFl9XHhlc6yuXx4uJhQipCAWBaAT9W5EnadzvuYRcQ== MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CY4PR11MB1526.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: a7ea21cb-5e04-45ec-a9f3-08d83f68ac51 X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Aug 2020 09:10:07.1897 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 7jaT3pEOm2CAN0pLETnQ7z/vZBoSmT5AbUth1md6NioCxZifCReErRGI+8+cWTwhAh71Pt2pvTXlHRPJsKW7Kg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB1944 Return-Path: liming.gao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable Matthew: Based on the naming rule for the libraries in MdePkg, this new library in= stance name should be DxeRngLib or DxeRngLibRngProtocol. Thanks Liming -----Original Message----- From: matthewfcarlson@gmail.com =20 Sent: 2020=1B$BG/=1B(B8=1B$B7n=1B(B13=1B$BF|=1B(B 6:44 To: devel@edk2.groups.io Cc: Ard Biesheuvel ; Kinney, Michael D ; Gao, Liming ; Liu, Zhiguang ; Matthew Carlson Subject: [PATCH v6 2/5] MdePkg: BaseRngLibDxe: Add RngLib that uses RngDxe From: Matthew Carlson This adds a RngLib that uses the RngProtocol to provide randomness. This means that the RngLib is meant to be used with DXE_DRIVERS. Ref: https://github.com/tianocore/edk2/pull/845 Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1871 Cc: Ard Biesheuvel Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Signed-off-by: Matthew Carlson --- MdePkg/Library/BaseRngLibDxe/RngDxeLib.c | 200 ++++++++++++++++++++ MdePkg/Library/BaseRngLibDxe/BaseRngLibDxe.inf | 38 ++++ MdePkg/MdePkg.dsc | 4 +- 3 files changed, 241 insertions(+), 1 deletion(-) diff --git a/MdePkg/Library/BaseRngLibDxe/RngDxeLib.c b/MdePkg/Library/Base= RngLibDxe/RngDxeLib.c new file mode 100644 index 000000000000..8ee29329de13 --- /dev/null +++ b/MdePkg/Library/BaseRngLibDxe/RngDxeLib.c @@ -0,0 +1,200 @@ +/** @file + Provides an implementation of the library class RngLib that uses the Rng = protocol. + +Copyright (c) Microsoft Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ +#include +#include +#include +#include +#include + +/** +Routine Description: + + Generates a random number via the NIST + 800-9A algorithm. Refer to + http://csrc.nist.gov/groups/STM/cavp/documents/drbg/DRBGVS.pdf + for more information. + + Arguments: + + Buffer -- Buffer to receive the random number. + BufferSize -- Number of bytes in Buffer. + +Return Value: + + EFI_SUCCESS or underlying failure code. + +**/ +EFI_STATUS +EFIAPI +GenerateRandomNumberViaNist800Algorithm( + OUT UINT8* Buffer, + IN UINTN BufferSize + ) +{ + EFI_STATUS Status; + EFI_RNG_PROTOCOL* RngProtocol; + + RngProtocol =3D NULL; + + if (Buffer =3D=3D NULL) { + DEBUG((DEBUG_ERROR, "[%a] Buffer =3D=3D NULL.\n", __FUNCTION__)); + return EFI_INVALID_PARAMETER; + } + + Status =3D gBS->LocateProtocol(&gEfiRngProtocolGuid, NULL, (VOID **)&Rng= Protocol); + if (EFI_ERROR(Status) || RngProtocol =3D=3D NULL) { + DEBUG((DEBUG_ERROR, "[%a] Could not locate RNG prototocol, Status = =3D %r\n", __FUNCTION__, Status)); + return Status; + } + + Status =3D RngProtocol->GetRNG(RngProtocol, &gEfiRngAlgorithmSp80090Ctr2= 56Guid, BufferSize, Buffer); + DEBUG((DEBUG_INFO, "[%a] GetRNG algorithm CTR-256 - Status =3D %r\n", __= FUNCTION__, Status)); + if(!EFI_ERROR(Status)) { + return Status; + } + + Status =3D RngProtocol->GetRNG(RngProtocol, &gEfiRngAlgorithmSp80090Hmac= 256Guid, BufferSize, Buffer); + DEBUG((DEBUG_INFO, "[%a] GetRNG algorithm HMAC-256 - Status =3D %r\n", _= _FUNCTION__, Status)); + if(!EFI_ERROR(Status)) { + return Status; + } + + Status =3D RngProtocol->GetRNG(RngProtocol, &gEfiRngAlgorithmSp80090Hash= 256Guid, BufferSize, Buffer); + DEBUG((DEBUG_INFO, "[%a] GetRNG algorithm Hash-256 - Status =3D %r\n", _= _FUNCTION__, Status)); + if(!EFI_ERROR(Status)) { + return Status; + } + // If we get to this point, we have failed + DEBUG((DEBUG_ERROR, "[%a] GetRNG() failed, staus =3D %r\n", __FUNCTION__= , Status)); + + return Status; +}// GenerateRandomNumberViaNist800Algorithm() + + +/** + Generates a 16-bit random number. + + if Rand is NULL, return FALSE. + + @param[out] Rand Buffer pointer to store the 16-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +GetRandomNumber16 ( + OUT UINT16 *Rand + ) +{ + EFI_STATUS Status; + + if (Rand =3D=3D NULL) + { + return FALSE; + } + + Status =3D GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, 2); + if (EFI_ERROR(Status)) + { + return FALSE; + } + return TRUE; +} + +/** + Generates a 32-bit random number. + + if Rand is NULL, return FALSE. + + @param[out] Rand Buffer pointer to store the 32-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +GetRandomNumber32 ( + OUT UINT32 *Rand + ) +{ + EFI_STATUS Status; + + if (Rand =3D=3D NULL) { + return FALSE; + } + + Status =3D GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, 4); + if (EFI_ERROR(Status)) { + return FALSE; + } + return TRUE; +} + +/** + Generates a 64-bit random number. + + if Rand is NULL, return FALSE. + + @param[out] Rand Buffer pointer to store the 64-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +GetRandomNumber64 ( + OUT UINT64 *Rand + ) +{ + EFI_STATUS Status; + + if (Rand =3D=3D NULL) + { + return FALSE; + } + + Status =3D GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, 8); + if (EFI_ERROR(Status)) { + return FALSE; + } + return TRUE; +} + +/** + Generates a 128-bit random number. + + if Rand is NULL, return FALSE. + + @param[out] Rand Buffer pointer to store the 128-bit random value. + + @retval TRUE Random number generated successfully. + @retval FALSE Failed to generate the random number. + +**/ +BOOLEAN +EFIAPI +GetRandomNumber128 ( + OUT UINT64 *Rand + ) +{ + EFI_STATUS Status; + + if (Rand =3D=3D NULL) { + return FALSE; + } + + Status =3D GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, 16); + if (EFI_ERROR(Status)) { + return FALSE; + } + return TRUE; +} diff --git a/MdePkg/Library/BaseRngLibDxe/BaseRngLibDxe.inf b/MdePkg/Librar= y/BaseRngLibDxe/BaseRngLibDxe.inf new file mode 100644 index 000000000000..819a106b1376 --- /dev/null +++ b/MdePkg/Library/BaseRngLibDxe/BaseRngLibDxe.inf @@ -0,0 +1,38 @@ +# @file +# Provides implementation of the library class RngLib that uses the RngPro= tocol +# +# @copyright +# Copyright (c) Microsoft Corporation. All rights reserved. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# MU_CHANGE: New file +## + +[Defines] + INF_VERSION =3D 0x00010017 + BASE_NAME =3D BaseRngLibDxe + FILE_GUID =3D FF9F84C5-A33E-44E3-9BB5-0D654B2D4149 + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D RngLib|DXE_DRIVER UEFI_APPLICATION UEFI_DRIVER + +[Packages] + MdePkg/MdePkg.dec + +[Sources] + RngDxeLib.c + +[LibraryClasses] + DebugLib + UefiBootServicesTableLib + +[Protocols] + gEfiRngProtocolGuid ## CONSUMES + +[Depex] + gEfiRngProtocolGuid + +[Guids] + gEfiRngAlgorithmSp80090Ctr256Guid ## CONSUMES + gEfiRngAlgorithmSp80090Hash256Guid ## CONSUMES + gEfiRngAlgorithmSp80090Hmac256Guid ## CONSUMES diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc index d7ba3a730909..837a0047400e 100644 --- a/MdePkg/MdePkg.dsc +++ b/MdePkg/MdePkg.dsc @@ -62,8 +62,10 @@ MdePkg/Library/BasePostCodeLibPort80/BasePostCodeLibPort80.inf MdePkg/Library/BasePrintLib/BasePrintLib.inf MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.i= nf - MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf + MdePkg/Library/BaseRngLibDxe/BaseRngLibDxe.inf MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf + MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf + MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf --=20 2.27.0.windows.1