From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 2764A7803DA for ; Mon, 13 May 2024 15:53:29 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=tougZrHc28Qzs8gDWHWA74vkaaaG7k2h9o0Oae7lm6s=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:User-Agent:Subject:To:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1715615607; v=1; b=sOkTffP1xUZjbxnBGj/uIGxrKLYBnNoKO251j3op8aFg5kn8QwqHcRy6WE/HqXOHRaI7Iq11 FEqTC7JClltww/nxA8QVY9FCHae6iL34OR8JXrPc/sKJIj5kq7KkgEYxST9+Ka3Ce3djIGQaIcg QK7eMKwsEqQcerQDyJrVqUXXygOpLZ0pKl3vExmlRg/bFwB5I+UljbLANKQqCivID9H+nSbY+1A BLq5aZyBrCQ+TXeTNdd+CvRLKfcBRiTWV6+8+jSZTHTg8J+JkW66dyjuA1Icvbvc995QOc9zbiU Aoh+kDRV43uHIi8GUkj4WPlaG4dd9/uHmfktGrb7ODnRw== X-Received: by 127.0.0.2 with SMTP id uST7YY7687511xmkCcv4O1M0; Mon, 13 May 2024 08:53:27 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.64227.1715615606350533837 for ; Mon, 13 May 2024 08:53:26 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3D872DA7; Mon, 13 May 2024 08:53:51 -0700 (PDT) X-Received: from [192.168.1.13] (usa-sjc-mx-foss1.foss.arm.com [172.31.20.19]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 300E73F641; Mon, 13 May 2024 08:53:25 -0700 (PDT) Message-ID: Date: Mon, 13 May 2024 17:53:18 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] [PATCH v2 07/13] SecurityPkg: RngDxe: Remove incorrect limitation on GetRng To: "Yao, Jiewen" , Doug Flick , "devel@edk2.groups.io" References: <28887.1715375548214810238@groups.io> From: "PierreGondois" In-Reply-To: Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 13 May 2024 08:53:26 -0700 Resent-From: pierre.gondois@arm.com Reply-To: devel@edk2.groups.io,pierre.gondois@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: aQwASeuN5ADUDilLgjRJI1S6x7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=sOkTffP1; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io Hello, The patch looks good to me: Reviewed-by: Pierre Gondois Regards, Pierre On 5/11/24 02:24, Yao, Jiewen wrote: > Thanks to confirm that. >=20 > I am OK on what you have said. >=20 > Since the ARM part is added by Pierre Gondois pierre.gondois@arm.com , I will let him comment if there is any concern= on the change for ARM. >=20 > Thank you >=20 > Yao, Jiewen >=20 > *From:* Doug Flick via groups.io > *Sent:* Saturday, May 11, 2024 5:12 AM > *To:* Yao, Jiewen ; devel@edk2.groups.io > *Subject:* Re: [edk2-devel] [PATCH v2 07/13] SecurityPkg: RngDxe: Remove = incorrect limitation on GetRng >=20 > So, I'm trying to consult with some RNG experts because I'm by no means a= n expert and anything I say should be taken with huge grain of salt. When I= get the experts take, I'll share it. >=20 > Basically, the way I read this code is that it by no means tries to enfor= ce any entropy requirement outside of what you ask for. >=20 > My understanding is the 256 Bit Entropy requirements comes from when you = are using a DRNG algorithm such as: >=20 > |#define EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID \| >=20 > |{0xa7af67cb, 0x603b, 0x4d42,\| >=20 > |{0xba, 0x21, 0x70, 0xbf, 0xb6, 0x29, 0x3f, 0x96}}| >=20 > || >=20 > |#define EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID \| >=20 > |{0xc5149b43, 0xae85, 0x4f53,\| >=20 > |{0x99, 0x82, 0xb9, 0x43, 0x35, 0xd3, 0xa9, 0xe7}}| >=20 > || >=20 > |#define EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID \| >=20 > |{0x44f0de6e, 0x4d8c, 0x4045, \| >=20 > |{0xa8, 0xc7, 0x4d, 0xd1, 0x68, 0x85, 0x6b, 0x9e}}| >=20 > "When a Deterministic Random Bit Generator (DRBG) is used on the outp= ut of a (raw) entropy source, its security level must be at least 256 bits.= " >=20 > https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#random-numbe= r-generator-protocol >=20 > That is, the seed of these algorithms must be at a minimum 256 bits from = your entropy source. >=20 > Now when you call for instance EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID >=20 > On an INTEL CPU it uses the Intel RDRAND Instruction >=20 > https://github.com/tianocore/edk2/blob/4b6ee06a090d956f80b4a92fb9bf03098a= 372f39/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c#L108C45-L108C= 51 >=20 > Which from what I can tell the generator takes pairs of 256-bit raw entro= py samples generated by the hardware entropy source and applies them to an = Advanced Encryption Standard (AES) (in CBC-MAC mode) conditioner which redu= ces them to a single 256-bit conditioned entropy sample. >=20 > https://en.wikipedia.org/wiki/RDRAND >=20 > https://www.intel.com/content/www/us/en/developer/articles/guide/intel-di= gital-random-number-generator-drng-software-implementation-guide.html >=20 > Which means, if you are implementing these algorithms in software, you mu= st comply with the 256 bit entropy requirement for your source. However in = our case the CPU is performing that requirement for us. >=20 > Again I'm no expert. So if an expert is reading this and I'm completely w= rong please let me know :) >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118869): https://edk2.groups.io/g/devel/message/118869 Mute This Topic: https://groups.io/mt/105996584/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-