diff options
author | tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524> | 2012-05-10 07:58:02 +0000 |
---|---|---|
committer | tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524> | 2012-05-10 07:58:02 +0000 |
commit | 7ce960e7129f6eedd2fd426f6d64f1f33cbe1154 (patch) | |
tree | 27b095599c015901ee2b656e59d91060c4d5e0a8 /CryptoPkg | |
parent | 4e33001c6ead8d8696cd22e1c194ab9c02dc8792 (diff) | |
download | edk2-platforms-7ce960e7129f6eedd2fd426f6d64f1f33cbe1154.tar.xz |
Use current time value as default random seed in BaseCryptLib.
Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Sun Rui <rui.sun@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13300 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'CryptoPkg')
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 15 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c | 101 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c | 101 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 13 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 13 |
5 files changed, 239 insertions, 4 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf index c21ee01c4b..84faecd873 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -1,7 +1,7 @@ ## @file
# Cryptographic Library Instance for DXE_DRIVER.
#
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -37,7 +37,6 @@ Cipher/CryptAes.c
Cipher/CryptTdes.c
Cipher/CryptArc4.c
- Rand/CryptRand.c
Pk/CryptRsa.c
Pk/CryptPkcs7.c
Pk/CryptDh.c
@@ -68,6 +67,17 @@ SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
+ Rand/CryptRandTsc.c
+
+[Sources.X64]
+ Rand/CryptRandTsc.c
+
+[Sources.IPF]
+ Rand/CryptRandItc.c
+
+[Sources.ARM]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
@@ -79,6 +89,7 @@ DebugLib
OpensslLib
IntrinsicLib
+ PrintLib
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c new file mode 100644 index 0000000000..881141cd08 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c @@ -0,0 +1,101 @@ +/** @file
+ Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+#include <openssl/rand.h>
+#include <Library/PrintLib.h>
+
+/**
+ Sets up the seed value for the pseudorandom number generator.
+
+ This function sets up the seed value for the pseudorandom number generator.
+ If Seed is not NULL, then the seed passed in is used.
+ If Seed is NULL, then default seed is used.
+
+ @param[in] Seed Pointer to seed value.
+ If NULL, default seed is used.
+ @param[in] SeedSize Size of seed value.
+ If Seed is NULL, this parameter is ignored.
+
+ @retval TRUE Pseudorandom number generator has enough entropy for random generation.
+ @retval FALSE Pseudorandom number generator does not have enough entropy for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+ IN CONST UINT8 *Seed OPTIONAL,
+ IN UINTN SeedSize
+ )
+{
+ CHAR8 DefaultSeed[128];
+
+ //
+ // Seed the pseudorandom number generator with user-supplied value.
+ // NOTE: A cryptographic PRNG must be seeded with unpredictable data.
+ //
+ if (Seed != NULL) {
+ RAND_seed (Seed, (UINT32) SeedSize);
+ } else {
+ //
+ // Retrieve current time.
+ //
+ AsciiSPrint (
+ DefaultSeed,
+ sizeof (DefaultSeed),
+ "UEFI Crypto Library default seed (%ld)",
+ AsmReadItc ()
+ );
+
+ RAND_seed (DefaultSeed, sizeof (DefaultSeed));
+ }
+
+ return TRUE;
+}
+
+/**
+ Generates a pseudorandom byte stream of the specified size.
+
+ If Output is NULL, then return FALSE.
+
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Size Size of randome bytes to generate.
+
+ @retval TRUE Pseudorandom byte stream generated successfully.
+ @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+ OUT UINT8 *Output,
+ IN UINTN Size
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Output == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Generate random data.
+ //
+ if (RAND_bytes (Output, (UINT32) Size) != 1) {
+ return FALSE;
+ }
+
+ return TRUE;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c new file mode 100644 index 0000000000..bb8783d354 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c @@ -0,0 +1,101 @@ +/** @file
+ Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+#include <openssl/rand.h>
+#include <Library/PrintLib.h>
+
+/**
+ Sets up the seed value for the pseudorandom number generator.
+
+ This function sets up the seed value for the pseudorandom number generator.
+ If Seed is not NULL, then the seed passed in is used.
+ If Seed is NULL, then default seed is used.
+
+ @param[in] Seed Pointer to seed value.
+ If NULL, default seed is used.
+ @param[in] SeedSize Size of seed value.
+ If Seed is NULL, this parameter is ignored.
+
+ @retval TRUE Pseudorandom number generator has enough entropy for random generation.
+ @retval FALSE Pseudorandom number generator does not have enough entropy for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+ IN CONST UINT8 *Seed OPTIONAL,
+ IN UINTN SeedSize
+ )
+{
+ CHAR8 DefaultSeed[128];
+
+ //
+ // Seed the pseudorandom number generator with user-supplied value.
+ // NOTE: A cryptographic PRNG must be seeded with unpredictable data.
+ //
+ if (Seed != NULL) {
+ RAND_seed (Seed, (UINT32) SeedSize);
+ } else {
+ //
+ // Retrieve current time.
+ //
+ AsciiSPrint (
+ DefaultSeed,
+ sizeof (DefaultSeed),
+ "UEFI Crypto Library default seed (%ld)",
+ AsmReadTsc ()
+ );
+
+ RAND_seed (DefaultSeed, sizeof (DefaultSeed));
+ }
+
+ return TRUE;
+}
+
+/**
+ Generates a pseudorandom byte stream of the specified size.
+
+ If Output is NULL, then return FALSE.
+
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Size Size of randome bytes to generate.
+
+ @retval TRUE Pseudorandom byte stream generated successfully.
+ @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+ OUT UINT8 *Output,
+ IN UINTN Size
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Output == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Generate random data.
+ //
+ if (RAND_bytes (Output, (UINT32) Size) != 1) {
+ return FALSE;
+ }
+
+ return TRUE;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf index 99b4295c04..87f3b93fb9 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -31,7 +31,6 @@ Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
- Rand/CryptRand.c
Pk/CryptRsa.c
Pk/CryptPkcs7.c
Pk/CryptX509.c
@@ -60,6 +59,17 @@ SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
+ Rand/CryptRandTsc.c
+
+[Sources.X64]
+ Rand/CryptRandTsc.c
+
+[Sources.IPF]
+ Rand/CryptRandItc.c
+
+[Sources.ARM]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
@@ -73,6 +83,7 @@ DebugLib
OpensslLib
IntrinsicLib
+ PrintLib
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf index a6eea164a1..03ed82f687 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -31,7 +31,6 @@ Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
- Rand/CryptRand.c
Pk/CryptRsa.c
Pk/CryptPkcs7.c
Pk/CryptX509.c
@@ -60,6 +59,17 @@ SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
+ Rand/CryptRandTsc.c
+
+[Sources.X64]
+ Rand/CryptRandTsc.c
+
+[Sources.IPF]
+ Rand/CryptRandItc.c
+
+[Sources.ARM]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
@@ -71,6 +81,7 @@ MemoryAllocationLib
OpensslLib
IntrinsicLib
+ PrintLib
#
# Remove these [BuildOptions] after this library is cleaned up
|