[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / Rand / CryptRand.c

/** @file\r
  Pseudorandom Number Generator Wrapper Implementation over OpenSSL.\r
\r
Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "InternalCryptLib.h"\r
#include <openssl/rand.h>\r
#include <openssl/evp.h>\r
\r
//\r
// Default seed for UEFI Crypto Library\r
//\r
CONST UINT8  DefaultSeed[] = "UEFI Crypto Library default seed";\r
\r
/**\r
  Sets up the seed value for the pseudorandom number generator.\r
\r
  This function sets up the seed value for the pseudorandom number generator.\r
  If Seed is not NULL, then the seed passed in is used.\r
  If Seed is NULL, then default seed is used.\r
\r
  @param[in]  Seed      Pointer to seed value.\r
                        If NULL, default seed is used.\r
  @param[in]  SeedSize  Size of seed value.\r
                        If Seed is NULL, this parameter is ignored.\r
\r
  @retval TRUE   Pseudorandom number generator has enough entropy for random generation.\r
  @retval FALSE  Pseudorandom number generator does not have enough entropy for random generation.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
RandomSeed (\r
  IN  CONST  UINT8  *Seed  OPTIONAL,\r
  IN  UINTN         SeedSize\r
  )\r
{\r
  if (SeedSize > INT_MAX) {\r
    return FALSE;\r
  }\r
\r
  //\r
  // The software PRNG implementation built in OpenSSL depends on message digest algorithm.\r
  // Make sure SHA-1 digest algorithm is available here.\r
  //\r
  if (EVP_add_digest (EVP_sha1 ()) == 0) {\r
    return FALSE;\r
  }\r
\r
  //\r
  // Seed the pseudorandom number generator with user-supplied value.\r
  // NOTE: A cryptographic PRNG must be seeded with unpredictable data.\r
  //\r
  if (Seed != NULL) {\r
    RAND_seed (Seed, (UINT32) SeedSize);\r
  } else {\r
    RAND_seed (DefaultSeed, sizeof (DefaultSeed));\r
  }\r
\r
  if (RAND_status () == 1) {\r
    return TRUE;\r
  }\r
\r
  return FALSE;\r
}\r
\r
/**\r
  Generates a pseudorandom byte stream of the specified size.\r
\r
  If Output is NULL, then return FALSE.\r
\r
  @param[out]  Output  Pointer to buffer to receive random value.\r
  @param[in]   Size    Size of random bytes to generate.\r
\r
  @retval TRUE   Pseudorandom byte stream generated successfully.\r
  @retval FALSE  Pseudorandom number generator fails to generate due to lack of entropy.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
RandomBytes (\r
  OUT  UINT8  *Output,\r
  IN   UINTN  Size\r
  )\r
{\r
  //\r
  // Check input parameters.\r
  //\r
  if (Output == NULL || Size > INT_MAX) {\r
    return FALSE;\r
  }\r
\r
  //\r
  // Generate random data.\r
  //\r
  if (RAND_bytes (Output, (UINT32) Size) != 1) {\r
    return FALSE;\r
  }\r
\r
  return TRUE;\r
}\r
Commit	Line	Data
a8c44645	1	/** @file\r
	2	Pseudorandom Number Generator Wrapper Implementation over OpenSSL.\r
	3	\r
38d91622	4	Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>\r
2009f6b4	5	SPDX-License-Identifier: BSD-2-Clause-Patent\r
a8c44645	6	\r
	7	**/\r
	8	\r
	9	#include "InternalCryptLib.h"\r
	10	#include <openssl/rand.h>\r
38d91622	11	#include <openssl/evp.h>\r
a8c44645	12	\r
	13	//\r
	14	// Default seed for UEFI Crypto Library\r
	15	//\r
	16	CONST UINT8 DefaultSeed[] = "UEFI Crypto Library default seed";\r
	17	\r
	18	/**\r
	19	Sets up the seed value for the pseudorandom number generator.\r
	20	\r
	21	This function sets up the seed value for the pseudorandom number generator.\r
	22	If Seed is not NULL, then the seed passed in is used.\r
	23	If Seed is NULL, then default seed is used.\r
	24	\r
	25	@param[in] Seed Pointer to seed value.\r
	26	If NULL, default seed is used.\r
	27	@param[in] SeedSize Size of seed value.\r
	28	If Seed is NULL, this parameter is ignored.\r
	29	\r
	30	@retval TRUE Pseudorandom number generator has enough entropy for random generation.\r
	31	@retval FALSE Pseudorandom number generator does not have enough entropy for random generation.\r
	32	\r
	33	**/\r
	34	BOOLEAN\r
	35	EFIAPI\r
	36	RandomSeed (\r
	37	IN CONST UINT8 *Seed OPTIONAL,\r
	38	IN UINTN SeedSize\r
	39	)\r
	40	{\r
dda39f3a	41	if (SeedSize > INT_MAX) {\r
	42	return FALSE;\r
	43	}\r
	44	\r
38d91622 LQ	45	//\r
	46	// The software PRNG implementation built in OpenSSL depends on message digest algorithm.\r
	47	// Make sure SHA-1 digest algorithm is available here.\r
	48	//\r
	49	if (EVP_add_digest (EVP_sha1 ()) == 0) {\r
	50	return FALSE;\r
	51	}\r
	52	\r
a8c44645	53	//\r
	54	// Seed the pseudorandom number generator with user-supplied value.\r
	55	// NOTE: A cryptographic PRNG must be seeded with unpredictable data.\r
	56	//\r
	57	if (Seed != NULL) {\r
	58	RAND_seed (Seed, (UINT32) SeedSize);\r
	59	} else {\r
	60	RAND_seed (DefaultSeed, sizeof (DefaultSeed));\r
	61	}\r
	62	\r
b3a18a1a	63	if (RAND_status () == 1) {\r
	64	return TRUE;\r
	65	}\r
	66	\r
	67	return FALSE;\r
a8c44645	68	}\r
	69	\r
	70	/**\r
	71	Generates a pseudorandom byte stream of the specified size.\r
	72	\r
16d2c32c	73	If Output is NULL, then return FALSE.\r
a8c44645	74	\r
a8c44645	75	@param[out] Output Pointer to buffer to receive random value.\r
2998af86	76	@param[in] Size Size of random bytes to generate.\r
a8c44645	77	\r
	78	@retval TRUE Pseudorandom byte stream generated successfully.\r
	79	@retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.\r
	80	\r
	81	**/\r
	82	BOOLEAN\r
	83	EFIAPI\r
	84	RandomBytes (\r
	85	OUT UINT8 *Output,\r
	86	IN UINTN Size\r
	87	)\r
	88	{\r
16d2c32c	89	//\r
	90	// Check input parameters.\r
	91	//\r
dda39f3a	92	if (Output == NULL \|\| Size > INT_MAX) {\r
16d2c32c	93	return FALSE;\r
16d2c32c	94	}\r
a8c44645	95	\r
	96	//\r
	97	// Generate random data.\r
	98	//\r
	99	if (RAND_bytes (Output, (UINT32) Size) != 1) {\r
	100	return FALSE;\r
	101	}\r
	102	\r
	103	return TRUE;\r
	104	}\r