]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI.\r | |
3 | The file implement these functions.\r | |
4 | \r | |
5 | Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>\r | |
6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
7 | \r | |
8 | **/\r | |
9 | \r | |
10 | #include "crypto/rand.h"\r | |
11 | #include <openssl/aes.h>\r | |
12 | \r | |
13 | #include <Uefi.h>\r | |
14 | #include <Library/RngLib.h>\r | |
15 | \r | |
16 | /**\r | |
17 | Calls RandomNumber64 to fill\r | |
18 | a buffer of arbitrary size with random bytes.\r | |
19 | This is a shim layer to RngLib.\r | |
20 | \r | |
21 | @param[in] Length Size of the buffer, in bytes, to fill with.\r | |
22 | @param[out] RandBuffer Pointer to the buffer to store the random result.\r | |
23 | \r | |
24 | @retval TRUE Random bytes generation succeeded.\r | |
25 | @retval FALSE Failed to request random bytes.\r | |
26 | \r | |
27 | **/\r | |
28 | STATIC\r | |
29 | BOOLEAN\r | |
30 | EFIAPI\r | |
31 | RandGetBytes (\r | |
32 | IN UINTN Length,\r | |
33 | OUT UINT8 *RandBuffer\r | |
34 | )\r | |
35 | {\r | |
36 | BOOLEAN Ret;\r | |
37 | UINT64 TempRand;\r | |
38 | \r | |
39 | Ret = FALSE;\r | |
40 | \r | |
41 | if (RandBuffer == NULL) {\r | |
42 | DEBUG ((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n"));\r | |
43 | ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later.\r | |
44 | return Ret;\r | |
45 | }\r | |
46 | \r | |
47 | while (Length > 0) {\r | |
48 | // Use RngLib to get random number\r | |
49 | Ret = GetRandomNumber64 (&TempRand);\r | |
50 | \r | |
51 | if (!Ret) {\r | |
52 | return Ret;\r | |
53 | }\r | |
54 | \r | |
55 | if (Length >= sizeof (TempRand)) {\r | |
56 | *((UINT64 *)RandBuffer) = TempRand;\r | |
57 | RandBuffer += sizeof (UINT64);\r | |
58 | Length -= sizeof (TempRand);\r | |
59 | } else {\r | |
60 | CopyMem (RandBuffer, &TempRand, Length);\r | |
61 | Length = 0;\r | |
62 | }\r | |
63 | }\r | |
64 | \r | |
65 | return Ret;\r | |
66 | }\r | |
67 | \r | |
68 | /*\r | |
69 | * Add random bytes to the pool to acquire requested amount of entropy\r | |
70 | *\r | |
71 | * This function is platform specific and tries to acquire the requested\r | |
72 | * amount of entropy by polling platform specific entropy sources.\r | |
73 | *\r | |
74 | * This is OpenSSL required interface.\r | |
75 | */\r | |
76 | size_t\r | |
77 | rand_pool_acquire_entropy (\r | |
78 | RAND_POOL *pool\r | |
79 | )\r | |
80 | {\r | |
81 | BOOLEAN Ret;\r | |
82 | size_t Bytes_needed;\r | |
83 | unsigned char *Buffer;\r | |
84 | \r | |
85 | Bytes_needed = rand_pool_bytes_needed (pool, 1 /*entropy_factor*/);\r | |
86 | if (Bytes_needed > 0) {\r | |
87 | Buffer = rand_pool_add_begin (pool, Bytes_needed);\r | |
88 | \r | |
89 | if (Buffer != NULL) {\r | |
90 | Ret = RandGetBytes (Bytes_needed, Buffer);\r | |
91 | if (FALSE == Ret) {\r | |
92 | rand_pool_add_end (pool, 0, 0);\r | |
93 | } else {\r | |
94 | rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed);\r | |
95 | }\r | |
96 | }\r | |
97 | }\r | |
98 | \r | |
99 | return rand_pool_entropy_available (pool);\r | |
100 | }\r | |
101 | \r | |
102 | /*\r | |
103 | * Implementation for UEFI\r | |
104 | *\r | |
105 | * This is OpenSSL required interface.\r | |
106 | */\r | |
107 | int\r | |
108 | rand_pool_add_nonce_data (\r | |
109 | RAND_POOL *pool\r | |
110 | )\r | |
111 | {\r | |
112 | UINT8 data[16];\r | |
113 | \r | |
114 | RandGetBytes (sizeof (data), data);\r | |
115 | \r | |
116 | return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);\r | |
117 | }\r | |
118 | \r | |
119 | /*\r | |
120 | * Implementation for UEFI\r | |
121 | *\r | |
122 | * This is OpenSSL required interface.\r | |
123 | */\r | |
124 | int\r | |
125 | rand_pool_add_additional_data (\r | |
126 | RAND_POOL *pool\r | |
127 | )\r | |
128 | {\r | |
129 | UINT8 data[16];\r | |
130 | \r | |
131 | RandGetBytes (sizeof (data), data);\r | |
132 | \r | |
133 | return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);\r | |
134 | }\r | |
135 | \r | |
136 | /*\r | |
137 | * Dummy Implementation for UEFI\r | |
138 | *\r | |
139 | * This is OpenSSL required interface.\r | |
140 | */\r | |
141 | int\r | |
142 | rand_pool_init (\r | |
143 | VOID\r | |
144 | )\r | |
145 | {\r | |
146 | return 1;\r | |
147 | }\r | |
148 | \r | |
149 | /*\r | |
150 | * Dummy Implementation for UEFI\r | |
151 | *\r | |
152 | * This is OpenSSL required interface.\r | |
153 | */\r | |
154 | VOID\r | |
155 | rand_pool_cleanup (\r | |
156 | VOID\r | |
157 | )\r | |
158 | {\r | |
159 | }\r | |
160 | \r | |
161 | /*\r | |
162 | * Dummy Implementation for UEFI\r | |
163 | *\r | |
164 | * This is OpenSSL required interface.\r | |
165 | */\r | |
166 | VOID\r | |
167 | rand_pool_keep_random_devices_open (\r | |
168 | int keep\r | |
169 | )\r | |
170 | {\r | |
171 | }\r |