]>
Commit | Line | Data |
---|---|---|
a8c44645 | 1 | /** @file\r |
2 | Pseudorandom Number Generator Wrapper Implementation over OpenSSL.\r | |
3 | \r | |
38d91622 | 4 | Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>\r |
2009f6b4 | 5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
a8c44645 | 6 | \r |
7 | **/\r | |
8 | \r | |
9 | #include "InternalCryptLib.h"\r | |
10 | #include <openssl/rand.h>\r | |
38d91622 | 11 | #include <openssl/evp.h>\r |
a8c44645 | 12 | \r |
13 | //\r | |
14 | // Default seed for UEFI Crypto Library\r | |
15 | //\r | |
16 | CONST UINT8 DefaultSeed[] = "UEFI Crypto Library default seed";\r | |
17 | \r | |
18 | /**\r | |
19 | Sets up the seed value for the pseudorandom number generator.\r | |
20 | \r | |
21 | This function sets up the seed value for the pseudorandom number generator.\r | |
22 | If Seed is not NULL, then the seed passed in is used.\r | |
23 | If Seed is NULL, then default seed is used.\r | |
24 | \r | |
25 | @param[in] Seed Pointer to seed value.\r | |
26 | If NULL, default seed is used.\r | |
27 | @param[in] SeedSize Size of seed value.\r | |
28 | If Seed is NULL, this parameter is ignored.\r | |
29 | \r | |
30 | @retval TRUE Pseudorandom number generator has enough entropy for random generation.\r | |
31 | @retval FALSE Pseudorandom number generator does not have enough entropy for random generation.\r | |
32 | \r | |
33 | **/\r | |
34 | BOOLEAN\r | |
35 | EFIAPI\r | |
36 | RandomSeed (\r | |
37 | IN CONST UINT8 *Seed OPTIONAL,\r | |
38 | IN UINTN SeedSize\r | |
39 | )\r | |
40 | {\r | |
dda39f3a | 41 | if (SeedSize > INT_MAX) {\r |
42 | return FALSE;\r | |
43 | }\r | |
44 | \r | |
38d91622 LQ |
45 | //\r |
46 | // The software PRNG implementation built in OpenSSL depends on message digest algorithm.\r | |
47 | // Make sure SHA-1 digest algorithm is available here.\r | |
48 | //\r | |
49 | if (EVP_add_digest (EVP_sha1 ()) == 0) {\r | |
50 | return FALSE;\r | |
51 | }\r | |
52 | \r | |
a8c44645 | 53 | //\r |
54 | // Seed the pseudorandom number generator with user-supplied value.\r | |
55 | // NOTE: A cryptographic PRNG must be seeded with unpredictable data.\r | |
56 | //\r | |
57 | if (Seed != NULL) {\r | |
58 | RAND_seed (Seed, (UINT32) SeedSize);\r | |
59 | } else {\r | |
60 | RAND_seed (DefaultSeed, sizeof (DefaultSeed));\r | |
61 | }\r | |
62 | \r | |
b3a18a1a | 63 | if (RAND_status () == 1) {\r |
64 | return TRUE;\r | |
65 | }\r | |
66 | \r | |
67 | return FALSE;\r | |
a8c44645 | 68 | }\r |
69 | \r | |
70 | /**\r | |
71 | Generates a pseudorandom byte stream of the specified size.\r | |
72 | \r | |
16d2c32c | 73 | If Output is NULL, then return FALSE.\r |
a8c44645 | 74 | \r |
75 | @param[out] Output Pointer to buffer to receive random value.\r | |
2998af86 | 76 | @param[in] Size Size of random bytes to generate.\r |
a8c44645 | 77 | \r |
78 | @retval TRUE Pseudorandom byte stream generated successfully.\r | |
79 | @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.\r | |
80 | \r | |
81 | **/\r | |
82 | BOOLEAN\r | |
83 | EFIAPI\r | |
84 | RandomBytes (\r | |
85 | OUT UINT8 *Output,\r | |
86 | IN UINTN Size\r | |
87 | )\r | |
88 | {\r | |
16d2c32c | 89 | //\r |
90 | // Check input parameters.\r | |
91 | //\r | |
dda39f3a | 92 | if (Output == NULL || Size > INT_MAX) {\r |
16d2c32c | 93 | return FALSE;\r |
94 | }\r | |
a8c44645 | 95 | \r |
96 | //\r | |
97 | // Generate random data.\r | |
98 | //\r | |
99 | if (RAND_bytes (Output, (UINT32) Size) != 1) {\r | |
100 | return FALSE;\r | |
101 | }\r | |
102 | \r | |
103 | return TRUE;\r | |
104 | }\r |