From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web12.105659.1597910956086423817 for ; Thu, 20 Aug 2020 01:09:16 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ard.biesheuvel@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B1A871FB; Thu, 20 Aug 2020 01:09:15 -0700 (PDT) Received: from [192.168.2.12] (unknown [172.31.20.19]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BFB233F6CF; Thu, 20 Aug 2020 01:09:14 -0700 (PDT) Subject: Re: [PATCH v8 2/5] MdePkg: BaseRngLibDxe: Add RngLib that uses RngDxe To: matthewfcarlson@gmail.com, devel@edk2.groups.io Cc: Michael D Kinney , Liming Gao , Zhiguang Liu References: <20200819193712.1629-1-matthewfcarlson@gmail.com> <20200819193712.1629-3-matthewfcarlson@gmail.com> From: "Ard Biesheuvel" Message-ID: Date: Thu, 20 Aug 2020 10:09:09 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 MIME-Version: 1.0 In-Reply-To: <20200819193712.1629-3-matthewfcarlson@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 8/19/20 9:37 PM, matthewfcarlson@gmail.com wrote: > From: Matthew Carlson > > This adds a RngLib that uses the RngProtocol to provide randomness. > This means that the RngLib is meant to be used with DXE_DRIVERS. > > Ref: https://github.com/tianocore/edk2/pull/845 > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871 > > Cc: Ard Biesheuvel > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Zhiguang Liu > Signed-off-by: Matthew Carlson > --- > MdePkg/Library/DxeRngLib/DxeRngLib.c | 206 ++++++++++++++++++++ > MdePkg/Library/DxeRngLib/DxeRngLib.inf | 38 ++++ > MdePkg/Library/DxeRngLib/DxeRngLib.uni | 15 ++ > MdePkg/MdePkg.dsc | 4 +- > 4 files changed, 262 insertions(+), 1 deletion(-) > > diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.c b/MdePkg/Library/DxeRngLib/DxeRngLib.c > new file mode 100644 > index 000000000000..0bd6585357b5 > --- /dev/null > +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.c > @@ -0,0 +1,206 @@ > +/** @file > + Provides an implementation of the library class RngLib that uses the Rng protocol. > + > + Copyright (c) Microsoft Corporation. All rights reserved. > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > +#include > +#include > +#include > +#include > +#include > + > +/** > +Routine Description: > + > + Generates a random number via the NIST > + 800-9A algorithm. Refer to > + http://csrc.nist.gov/groups/STM/cavp/documents/drbg/DRBGVS.pdf > + for more information. > + > + Arguments: > + > + Buffer -- Buffer to receive the random number. > + BufferSize -- Number of bytes in Buffer. > + > +Return Value: > + > + EFI_SUCCESS or underlying failure code. > + > +**/ > +STATIC > +EFI_STATUS > +GenerateRandomNumberViaNist800Algorithm ( > + OUT UINT8 *Buffer, > + IN UINTN BufferSize > + ) > +{ > + EFI_STATUS Status; > + EFI_RNG_PROTOCOL *RngProtocol; Align * with variable name please > + > + RngProtocol = NULL; > + > + if (Buffer == NULL) { > + DEBUG((DEBUG_ERROR, "[%a] Buffer == NULL.\n", __FUNCTION__)); Space before ( Also, drop the [] around %a for consistency with other code. > + return EFI_INVALID_PARAMETER; > + } > + > + Status = gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID **)&RngProtocol); > + if (EFI_ERROR (Status) || RngProtocol == NULL) { > + DEBUG((DEBUG_ERROR, "%a: Could not locate RNG prototocol, Status = %r\n", __FUNCTION__, Status)); Space before ( > + return Status; > + } > + > + Status = RngProtocol->GetRNG (RngProtocol, &gEfiRngAlgorithmSp80090Ctr256Guid, BufferSize, Buffer); > + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm CTR-256 - Status = %r\n", __FUNCTION__, Status)); Same here > + if(!EFI_ERROR(Status)) { Space after if I think I mentioned this the last time around: please make sure that you adhere to the coding style, and fix *all* occurrences, not just the ones that were pointed out to you. > + return Status; > + } > + > + Status = RngProtocol->GetRNG (RngProtocol, &gEfiRngAlgorithmSp80090Hmac256Guid, BufferSize, Buffer); > + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm HMAC-256 - Status = %r\n", __FUNCTION__, Status)); > + if(!EFI_ERROR(Status)) { > + return Status; > + } > + > + Status = RngProtocol->GetRNG (RngProtocol, &gEfiRngAlgorithmSp80090Hash256Guid, BufferSize, Buffer); > + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm Hash-256 - Status = %r\n", __FUNCTION__, Status)); > + if (!EFI_ERROR(Status)) { > + return Status; > + } > + // If all the other methods have failed, use the default method from the RngProtocol > + Status = RngProtocol->GetRNG (RngProtocol, NULL, BufferSize, Buffer); > + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm Hash-256 - Status = %r\n", __FUNCTION__, Status)); > + if (!EFI_ERROR(Status)) { > + return Status; > + } > + // If we get to this point, we have failed > + DEBUG((DEBUG_ERROR, "%a: GetRNG() failed, staus = %r\n", __FUNCTION__, Status)); > + > + return Status; > +}// GenerateRandomNumberViaNist800Algorithm() > + > + > +/** > + Generates a 16-bit random number. > + > + if Rand is NULL, return FALSE. > + > + @param[out] Rand Buffer pointer to store the 16-bit random value. > + > + @retval TRUE Random number generated successfully. > + @retval FALSE Failed to generate the random number. > + > +**/ > +BOOLEAN > +EFIAPI > +GetRandomNumber16 ( > + OUT UINT16 *Rand > + ) > +{ > + EFI_STATUS Status; > + > + if (Rand == NULL) > + { Opening brace should be on the previous line. > + return FALSE; > + } > + > + Status = GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, 2); > + if (EFI_ERROR (Status)) > + { Same here > + return FALSE; > + } > + return TRUE; > +} > + > +/** > + Generates a 32-bit random number. > + > + if Rand is NULL, return FALSE. > + > + @param[out] Rand Buffer pointer to store the 32-bit random value. > + > + @retval TRUE Random number generated successfully. > + @retval FALSE Failed to generate the random number. > + > +**/ > +BOOLEAN > +EFIAPI > +GetRandomNumber32 ( > + OUT UINT32 *Rand > + ) > +{ > + EFI_STATUS Status; > + > + if (Rand == NULL) { > + return FALSE; > + } > + > + Status = GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, 4); > + if (EFI_ERROR (Status)) { > + return FALSE; > + } > + return TRUE; > +} > + > +/** > + Generates a 64-bit random number. > + > + if Rand is NULL, return FALSE. > + > + @param[out] Rand Buffer pointer to store the 64-bit random value. > + > + @retval TRUE Random number generated successfully. > + @retval FALSE Failed to generate the random number. > + > +**/ > +BOOLEAN > +EFIAPI > +GetRandomNumber64 ( > + OUT UINT64 *Rand > + ) > +{ > + EFI_STATUS Status; > + > + if (Rand == NULL) > + { > + return FALSE; > + } > + > + Status = GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, 8); > + if (EFI_ERROR (Status)) { > + return FALSE; > + } > + return TRUE; > +} > + > +/** > + Generates a 128-bit random number. > + > + if Rand is NULL, return FALSE. > + > + @param[out] Rand Buffer pointer to store the 128-bit random value. > + > + @retval TRUE Random number generated successfully. > + @retval FALSE Failed to generate the random number. > + > +**/ > +BOOLEAN > +EFIAPI > +GetRandomNumber128 ( > + OUT UINT64 *Rand > + ) > +{ > + EFI_STATUS Status; > + > + if (Rand == NULL) { > + return FALSE; > + } > + > + Status = GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand, 16); > + if (EFI_ERROR (Status)) { > + return FALSE; > + } > + return TRUE; > +} > diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.inf b/MdePkg/Library/DxeRngLib/DxeRngLib.inf > new file mode 100644 > index 000000000000..f4838aa05b7e > --- /dev/null > +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.inf > @@ -0,0 +1,38 @@ > +# @file > +# Provides implementation of the library class RngLib that uses the RngProtocol > +# > +# @copyright > +# Copyright (c) Microsoft Corporation. All rights reserved. > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION = 0x00010017 Please use 1.27 (or 0x00001001B) for new modules. > + BASE_NAME = DxeRngLib > + MODULE_UNI_FILE = DxeRngLib.uni > + FILE_GUID = FF9F84C5-A33E-44E3-9BB5-0D654B2D4149 > + MODULE_TYPE = DXE_DRIVER > + VERSION_STRING = 1.0 > + LIBRARY_CLASS = RngLib|DXE_DRIVER UEFI_APPLICATION UEFI_DRIVER > + > +[Packages] > + MdePkg/MdePkg.dec > + > +[Sources] > + DxeRngLib.c > + > +[LibraryClasses] > + DebugLib > + UefiBootServicesTableLib > + > +[Protocols] > + gEfiRngProtocolGuid ## CONSUMES > + > +[Depex] > + gEfiRngProtocolGuid > + > +[Guids] > + gEfiRngAlgorithmSp80090Ctr256Guid > + gEfiRngAlgorithmSp80090Hash256Guid > + gEfiRngAlgorithmSp80090Hmac256Guid > diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.uni b/MdePkg/Library/DxeRngLib/DxeRngLib.uni > new file mode 100644 > index 000000000000..c904e54b6fb0 > --- /dev/null > +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.uni > @@ -0,0 +1,15 @@ > +// @file > +// Instance of RNG (Random Number Generator) Library. > +// > +// RngLib that uses the Rng Protocol to provide random numbers. > +// > +// Copyright (c) Microsoft Corporation. > +// > +// SPDX-License-Identifier: BSD-2-Clause-Patent > +// > + > + > +#string STR_MODULE_ABSTRACT #language en-US "Instance of RNG Library" > + > +#string STR_MODULE_DESCRIPTION #language en-US "BaseRng Library that uses the Rng Protocol to provide random numbers" > + > diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc > index d7ba3a730909..2c3b7966b086 100644 > --- a/MdePkg/MdePkg.dsc > +++ b/MdePkg/MdePkg.dsc > @@ -62,8 +62,10 @@ > MdePkg/Library/BasePostCodeLibPort80/BasePostCodeLibPort80.inf > MdePkg/Library/BasePrintLib/BasePrintLib.inf > MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf > - MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf > + MdePkg/Library/DxeRngLib/DxeRngLib.inf > MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf > + MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf > + > MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf > MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf > MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf >