From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+118869+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 2764A7803DA
	for <rebecca@openfw.io>; Mon, 13 May 2024 15:53:29 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=tougZrHc28Qzs8gDWHWA74vkaaaG7k2h9o0Oae7lm6s=;
 c=relaxed/simple; d=groups.io;
 h=Message-ID:Date:MIME-Version:User-Agent:Subject:To:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20240206; t=1715615607; v=1;
 b=sOkTffP1xUZjbxnBGj/uIGxrKLYBnNoKO251j3op8aFg5kn8QwqHcRy6WE/HqXOHRaI7Iq11
 FEqTC7JClltww/nxA8QVY9FCHae6iL34OR8JXrPc/sKJIj5kq7KkgEYxST9+Ka3Ce3djIGQaIcg
 QK7eMKwsEqQcerQDyJrVqUXXygOpLZ0pKl3vExmlRg/bFwB5I+UljbLANKQqCivID9H+nSbY+1A
 BLq5aZyBrCQ+TXeTNdd+CvRLKfcBRiTWV6+8+jSZTHTg8J+JkW66dyjuA1Icvbvc995QOc9zbiU
 Aoh+kDRV43uHIi8GUkj4WPlaG4dd9/uHmfktGrb7ODnRw==
X-Received: by 127.0.0.2 with SMTP id uST7YY7687511xmkCcv4O1M0; Mon, 13 May 2024 08:53:27 -0700
X-Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web10.64227.1715615606350533837
 for <devel@edk2.groups.io>;
 Mon, 13 May 2024 08:53:26 -0700
X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3D872DA7;
	Mon, 13 May 2024 08:53:51 -0700 (PDT)
X-Received: from [192.168.1.13] (usa-sjc-mx-foss1.foss.arm.com [172.31.20.19])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 300E73F641;
	Mon, 13 May 2024 08:53:25 -0700 (PDT)
Message-ID: <a1171241-5678-4f5f-803d-73aad72909f7@arm.com>
Date: Mon, 13 May 2024 17:53:18 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [edk2-devel] [PATCH v2 07/13] SecurityPkg: RngDxe: Remove incorrect limitation on GetRng
To: "Yao, Jiewen" <jiewen.yao@intel.com>, Doug Flick
 <dougflick@microsoft.com>, "devel@edk2.groups.io" <devel@edk2.groups.io>
References: <MW4PR11MB5872BA0D8F4C0584A45E8D408CE72@MW4PR11MB5872.namprd11.prod.outlook.com>
 <28887.1715375548214810238@groups.io>
 <MW4PR11MB5872E62FE762D1275C9E0A5B8CE02@MW4PR11MB5872.namprd11.prod.outlook.com>
From: "PierreGondois" <pierre.gondois@arm.com>
In-Reply-To: <MW4PR11MB5872E62FE762D1275C9E0A5B8CE02@MW4PR11MB5872.namprd11.prod.outlook.com>
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Mon, 13 May 2024 08:53:26 -0700
Resent-From: pierre.gondois@arm.com
Reply-To: devel@edk2.groups.io,pierre.gondois@arm.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: aQwASeuN5ADUDilLgjRJI1S6x7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240206 header.b=sOkTffP1;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io

Hello,
The patch looks good to me:
Reviewed-by: Pierre Gondois <pierre.gondois@arm.com>

Regards,
Pierre

On 5/11/24 02:24, Yao, Jiewen wrote:
> Thanks to confirm that.
>=20
> I am OK on what you have said.
>=20
> Since the ARM part is added by Pierre Gondois pierre.gondois@arm.com <mai=
lto:pierre.gondois@arm.com>, I will let him comment if there is any concern=
 on the change for ARM.
>=20
> Thank you
>=20
> Yao, Jiewen
>=20
> *From:* Doug Flick via groups.io <dougflick=3Dmicrosoft.com@groups.io>
> *Sent:* Saturday, May 11, 2024 5:12 AM
> *To:* Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> *Subject:* Re: [edk2-devel] [PATCH v2 07/13] SecurityPkg: RngDxe: Remove =
incorrect limitation on GetRng
>=20
> So, I'm trying to consult with some RNG experts because I'm by no means a=
n expert and anything I say should be taken with huge grain of salt. When I=
 get the experts take, I'll share it.
>=20
> Basically, the way I read this code is that it by no means tries to enfor=
ce any entropy requirement outside of what you ask for.
>=20
> My understanding is the 256 Bit Entropy requirements comes from when you =
are using a DRNG algorithm such as:
>=20
> |#define EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID \|
>=20
> |{0xa7af67cb, 0x603b, 0x4d42,\|
>=20
> |{0xba, 0x21, 0x70, 0xbf, 0xb6, 0x29, 0x3f, 0x96}}|
>=20
> ||
>=20
> |#define EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID \|
>=20
> |{0xc5149b43, 0xae85, 0x4f53,\|
>=20
> |{0x99, 0x82, 0xb9, 0x43, 0x35, 0xd3, 0xa9, 0xe7}}|
>=20
> ||
>=20
> |#define EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID \|
>=20
> |{0x44f0de6e, 0x4d8c, 0x4045, \|
>=20
> |{0xa8, 0xc7, 0x4d, 0xd1, 0x68, 0x85, 0x6b, 0x9e}}|
>=20
>     "When a Deterministic Random Bit Generator (DRBG) is used on the outp=
ut of a (raw) entropy source, its security level must be at least 256 bits.=
"
>=20
> https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#random-numbe=
r-generator-protocol <https://uefi.org/specs/UEFI/2.10/37_Secure_Technologi=
es.html#random-number-generator-protocol>
>=20
> That is, the seed of these algorithms must be at a minimum 256 bits from =
your entropy source.
>=20
> Now when you call for instance EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID
>=20
> On an INTEL CPU it uses the Intel RDRAND Instruction
>=20
> https://github.com/tianocore/edk2/blob/4b6ee06a090d956f80b4a92fb9bf03098a=
372f39/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c#L108C45-L108C=
51 <https://github.com/tianocore/edk2/blob/4b6ee06a090d956f80b4a92fb9bf0309=
8a372f39/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c#L108C45-L10=
8C51>
>=20
> Which from what I can tell the generator takes pairs of 256-bit raw entro=
py samples generated by the hardware entropy source and applies them to an =
Advanced Encryption Standard (AES) (in CBC-MAC mode) conditioner which redu=
ces them to a single 256-bit conditioned entropy sample.
>=20
> https://en.wikipedia.org/wiki/RDRAND <https://en.wikipedia.org/wiki/RDRAN=
D>
>=20
> https://www.intel.com/content/www/us/en/developer/articles/guide/intel-di=
gital-random-number-generator-drng-software-implementation-guide.html <http=
s://www.intel.com/content/www/us/en/developer/articles/guide/intel-digital-=
random-number-generator-drng-software-implementation-guide.html>
>=20
> Which means, if you are implementing these algorithms in software, you mu=
st comply with the 256 bit entropy requirement for your source. However in =
our case the CPU is performing that requirement for us.
>=20
> Again I'm no expert. So if an expert is reading this and I'm completely w=
rong please let me know :)
>=20


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118869): https://edk2.groups.io/g/devel/message/118869
Mute This Topic: https://groups.io/mt/105996584/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-