summaryrefslogtreecommitdiff
path: root/CryptoPkg
diff options
context:
space:
mode:
authortye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>2012-05-10 07:58:02 +0000
committertye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>2012-05-10 07:58:02 +0000
commit7ce960e7129f6eedd2fd426f6d64f1f33cbe1154 (patch)
tree27b095599c015901ee2b656e59d91060c4d5e0a8 /CryptoPkg
parent4e33001c6ead8d8696cd22e1c194ab9c02dc8792 (diff)
downloadedk2-platforms-7ce960e7129f6eedd2fd426f6d64f1f33cbe1154.tar.xz
Use current time value as default random seed in BaseCryptLib.
Signed-off by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Sun Rui <rui.sun@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13300 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'CryptoPkg')
-rw-r--r--CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf15
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c101
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c101
-rw-r--r--CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf13
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf13
5 files changed, 239 insertions, 4 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index c21ee01c4b..84faecd873 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -1,7 +1,7 @@
## @file
# Cryptographic Library Instance for DXE_DRIVER.
#
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -37,7 +37,6 @@
Cipher/CryptAes.c
Cipher/CryptTdes.c
Cipher/CryptArc4.c
- Rand/CryptRand.c
Pk/CryptRsa.c
Pk/CryptPkcs7.c
Pk/CryptDh.c
@@ -68,6 +67,17 @@
SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
+ Rand/CryptRandTsc.c
+
+[Sources.X64]
+ Rand/CryptRandTsc.c
+
+[Sources.IPF]
+ Rand/CryptRandItc.c
+
+[Sources.ARM]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
@@ -79,6 +89,7 @@
DebugLib
OpensslLib
IntrinsicLib
+ PrintLib
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c
new file mode 100644
index 0000000000..881141cd08
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c
@@ -0,0 +1,101 @@
+/** @file
+ Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+#include <openssl/rand.h>
+#include <Library/PrintLib.h>
+
+/**
+ Sets up the seed value for the pseudorandom number generator.
+
+ This function sets up the seed value for the pseudorandom number generator.
+ If Seed is not NULL, then the seed passed in is used.
+ If Seed is NULL, then default seed is used.
+
+ @param[in] Seed Pointer to seed value.
+ If NULL, default seed is used.
+ @param[in] SeedSize Size of seed value.
+ If Seed is NULL, this parameter is ignored.
+
+ @retval TRUE Pseudorandom number generator has enough entropy for random generation.
+ @retval FALSE Pseudorandom number generator does not have enough entropy for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+ IN CONST UINT8 *Seed OPTIONAL,
+ IN UINTN SeedSize
+ )
+{
+ CHAR8 DefaultSeed[128];
+
+ //
+ // Seed the pseudorandom number generator with user-supplied value.
+ // NOTE: A cryptographic PRNG must be seeded with unpredictable data.
+ //
+ if (Seed != NULL) {
+ RAND_seed (Seed, (UINT32) SeedSize);
+ } else {
+ //
+ // Retrieve current time.
+ //
+ AsciiSPrint (
+ DefaultSeed,
+ sizeof (DefaultSeed),
+ "UEFI Crypto Library default seed (%ld)",
+ AsmReadItc ()
+ );
+
+ RAND_seed (DefaultSeed, sizeof (DefaultSeed));
+ }
+
+ return TRUE;
+}
+
+/**
+ Generates a pseudorandom byte stream of the specified size.
+
+ If Output is NULL, then return FALSE.
+
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Size Size of randome bytes to generate.
+
+ @retval TRUE Pseudorandom byte stream generated successfully.
+ @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+ OUT UINT8 *Output,
+ IN UINTN Size
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Output == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Generate random data.
+ //
+ if (RAND_bytes (Output, (UINT32) Size) != 1) {
+ return FALSE;
+ }
+
+ return TRUE;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c
new file mode 100644
index 0000000000..bb8783d354
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c
@@ -0,0 +1,101 @@
+/** @file
+ Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+#include <openssl/rand.h>
+#include <Library/PrintLib.h>
+
+/**
+ Sets up the seed value for the pseudorandom number generator.
+
+ This function sets up the seed value for the pseudorandom number generator.
+ If Seed is not NULL, then the seed passed in is used.
+ If Seed is NULL, then default seed is used.
+
+ @param[in] Seed Pointer to seed value.
+ If NULL, default seed is used.
+ @param[in] SeedSize Size of seed value.
+ If Seed is NULL, this parameter is ignored.
+
+ @retval TRUE Pseudorandom number generator has enough entropy for random generation.
+ @retval FALSE Pseudorandom number generator does not have enough entropy for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+ IN CONST UINT8 *Seed OPTIONAL,
+ IN UINTN SeedSize
+ )
+{
+ CHAR8 DefaultSeed[128];
+
+ //
+ // Seed the pseudorandom number generator with user-supplied value.
+ // NOTE: A cryptographic PRNG must be seeded with unpredictable data.
+ //
+ if (Seed != NULL) {
+ RAND_seed (Seed, (UINT32) SeedSize);
+ } else {
+ //
+ // Retrieve current time.
+ //
+ AsciiSPrint (
+ DefaultSeed,
+ sizeof (DefaultSeed),
+ "UEFI Crypto Library default seed (%ld)",
+ AsmReadTsc ()
+ );
+
+ RAND_seed (DefaultSeed, sizeof (DefaultSeed));
+ }
+
+ return TRUE;
+}
+
+/**
+ Generates a pseudorandom byte stream of the specified size.
+
+ If Output is NULL, then return FALSE.
+
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Size Size of randome bytes to generate.
+
+ @retval TRUE Pseudorandom byte stream generated successfully.
+ @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+ OUT UINT8 *Output,
+ IN UINTN Size
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Output == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Generate random data.
+ //
+ if (RAND_bytes (Output, (UINT32) Size) != 1) {
+ return FALSE;
+ }
+
+ return TRUE;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 99b4295c04..87f3b93fb9 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -31,7 +31,6 @@
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
- Rand/CryptRand.c
Pk/CryptRsa.c
Pk/CryptPkcs7.c
Pk/CryptX509.c
@@ -60,6 +59,17 @@
SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
+ Rand/CryptRandTsc.c
+
+[Sources.X64]
+ Rand/CryptRandTsc.c
+
+[Sources.IPF]
+ Rand/CryptRandItc.c
+
+[Sources.ARM]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
@@ -73,6 +83,7 @@
DebugLib
OpensslLib
IntrinsicLib
+ PrintLib
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index a6eea164a1..03ed82f687 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -31,7 +31,6 @@
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
- Rand/CryptRand.c
Pk/CryptRsa.c
Pk/CryptPkcs7.c
Pk/CryptX509.c
@@ -60,6 +59,17 @@
SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
+ Rand/CryptRandTsc.c
+
+[Sources.X64]
+ Rand/CryptRandTsc.c
+
+[Sources.IPF]
+ Rand/CryptRandItc.c
+
+[Sources.ARM]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
@@ -71,6 +81,7 @@
MemoryAllocationLib
OpensslLib
IntrinsicLib
+ PrintLib
#
# Remove these [BuildOptions] after this library is cleaned up