]>
Commit | Line | Data |
---|---|---|
7ce960e7 | 1 | /** @file\r |
2 | Pseudorandom Number Generator Wrapper Implementation over OpenSSL.\r | |
3 | \r | |
630f67dd | 4 | Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>\r |
2009f6b4 | 5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
7ce960e7 | 6 | \r |
7 | **/\r | |
8 | \r | |
9 | #include "InternalCryptLib.h"\r | |
10 | #include <openssl/rand.h>\r | |
38d91622 | 11 | #include <openssl/evp.h>\r |
7ce960e7 | 12 | #include <Library/PrintLib.h>\r |
13 | \r | |
14 | /**\r | |
15 | Sets up the seed value for the pseudorandom number generator.\r | |
16 | \r | |
17 | This function sets up the seed value for the pseudorandom number generator.\r | |
18 | If Seed is not NULL, then the seed passed in is used.\r | |
19 | If Seed is NULL, then default seed is used.\r | |
20 | \r | |
21 | @param[in] Seed Pointer to seed value.\r | |
22 | If NULL, default seed is used.\r | |
23 | @param[in] SeedSize Size of seed value.\r | |
24 | If Seed is NULL, this parameter is ignored.\r | |
25 | \r | |
26 | @retval TRUE Pseudorandom number generator has enough entropy for random generation.\r | |
27 | @retval FALSE Pseudorandom number generator does not have enough entropy for random generation.\r | |
28 | \r | |
29 | **/\r | |
30 | BOOLEAN\r | |
31 | EFIAPI\r | |
32 | RandomSeed (\r | |
33 | IN CONST UINT8 *Seed OPTIONAL,\r | |
34 | IN UINTN SeedSize\r | |
35 | )\r | |
36 | {\r | |
37 | CHAR8 DefaultSeed[128];\r | |
38 | \r | |
dda39f3a | 39 | if (SeedSize > INT_MAX) {\r |
40 | return FALSE;\r | |
41 | }\r | |
42 | \r | |
38d91622 LQ |
43 | //\r |
44 | // The software PRNG implementation built in OpenSSL depends on message digest algorithm.\r | |
45 | // Make sure SHA-1 digest algorithm is available here.\r | |
46 | //\r | |
47 | if (EVP_add_digest (EVP_sha1 ()) == 0) {\r | |
48 | return FALSE;\r | |
49 | }\r | |
50 | \r | |
7ce960e7 | 51 | //\r |
52 | // Seed the pseudorandom number generator with user-supplied value.\r | |
53 | // NOTE: A cryptographic PRNG must be seeded with unpredictable data.\r | |
54 | //\r | |
55 | if (Seed != NULL) {\r | |
7c342378 | 56 | RAND_seed (Seed, (UINT32)SeedSize);\r |
7ce960e7 | 57 | } else {\r |
58 | //\r | |
59 | // Retrieve current time.\r | |
60 | //\r | |
61 | AsciiSPrint (\r | |
62 | DefaultSeed,\r | |
63 | sizeof (DefaultSeed),\r | |
64 | "UEFI Crypto Library default seed (%ld)",\r | |
65 | AsmReadTsc ()\r | |
630f67dd | 66 | );\r |
7ce960e7 | 67 | \r |
68 | RAND_seed (DefaultSeed, sizeof (DefaultSeed));\r | |
69 | }\r | |
70 | \r | |
b3a18a1a | 71 | if (RAND_status () == 1) {\r |
72 | return TRUE;\r | |
73 | }\r | |
74 | \r | |
75 | return FALSE;\r | |
7ce960e7 | 76 | }\r |
77 | \r | |
78 | /**\r | |
79 | Generates a pseudorandom byte stream of the specified size.\r | |
80 | \r | |
81 | If Output is NULL, then return FALSE.\r | |
82 | \r | |
83 | @param[out] Output Pointer to buffer to receive random value.\r | |
2998af86 | 84 | @param[in] Size Size of random bytes to generate.\r |
7ce960e7 | 85 | \r |
86 | @retval TRUE Pseudorandom byte stream generated successfully.\r | |
87 | @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.\r | |
88 | \r | |
89 | **/\r | |
90 | BOOLEAN\r | |
91 | EFIAPI\r | |
92 | RandomBytes (\r | |
93 | OUT UINT8 *Output,\r | |
94 | IN UINTN Size\r | |
95 | )\r | |
96 | {\r | |
97 | //\r | |
98 | // Check input parameters.\r | |
99 | //\r | |
7c342378 | 100 | if ((Output == NULL) || (Size > INT_MAX)) {\r |
7ce960e7 | 101 | return FALSE;\r |
102 | }\r | |
103 | \r | |
104 | //\r | |
105 | // Generate random data.\r | |
106 | //\r | |
7c342378 | 107 | if (RAND_bytes (Output, (UINT32)Size) != 1) {\r |
7ce960e7 | 108 | return FALSE;\r |
109 | }\r | |
110 | \r | |
111 | return TRUE;\r | |
112 | }\r |