]>
Commit | Line | Data |
---|---|---|
b7396789 XL |
1 | /** @file\r |
2 | OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI.\r | |
3 | The file implement these functions.\r | |
4 | \r | |
b5701a4c MC |
5 | Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>\r |
6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
b7396789 XL |
7 | \r |
8 | **/\r | |
9 | \r | |
8c30327d | 10 | #include "crypto/rand.h"\r |
b7396789 XL |
11 | #include <openssl/aes.h>\r |
12 | \r | |
13 | #include <Uefi.h>\r | |
b5701a4c | 14 | #include <Library/RngLib.h>\r |
b7396789 XL |
15 | \r |
16 | /**\r | |
17 | Calls RandomNumber64 to fill\r | |
18 | a buffer of arbitrary size with random bytes.\r | |
b5701a4c | 19 | This is a shim layer to RngLib.\r |
b7396789 XL |
20 | \r |
21 | @param[in] Length Size of the buffer, in bytes, to fill with.\r | |
22 | @param[out] RandBuffer Pointer to the buffer to store the random result.\r | |
23 | \r | |
b5701a4c MC |
24 | @retval TRUE Random bytes generation succeeded.\r |
25 | @retval FALSE Failed to request random bytes.\r | |
b7396789 XL |
26 | \r |
27 | **/\r | |
28 | STATIC\r | |
29 | BOOLEAN\r | |
30 | EFIAPI\r | |
31 | RandGetBytes (\r | |
7c342378 MK |
32 | IN UINTN Length,\r |
33 | OUT UINT8 *RandBuffer\r | |
b7396789 XL |
34 | )\r |
35 | {\r | |
7c342378 MK |
36 | BOOLEAN Ret;\r |
37 | UINT64 TempRand;\r | |
b7396789 XL |
38 | \r |
39 | Ret = FALSE;\r | |
40 | \r | |
b5701a4c | 41 | if (RandBuffer == NULL) {\r |
7c342378 | 42 | DEBUG ((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n"));\r |
b5701a4c MC |
43 | ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later.\r |
44 | return Ret;\r | |
45 | }\r | |
46 | \r | |
b7396789 | 47 | while (Length > 0) {\r |
b5701a4c MC |
48 | // Use RngLib to get random number\r |
49 | Ret = GetRandomNumber64 (&TempRand);\r | |
50 | \r | |
b7396789 XL |
51 | if (!Ret) {\r |
52 | return Ret;\r | |
53 | }\r | |
7c342378 | 54 | \r |
b7396789 | 55 | if (Length >= sizeof (TempRand)) {\r |
7c342378 MK |
56 | *((UINT64 *)RandBuffer) = TempRand;\r |
57 | RandBuffer += sizeof (UINT64);\r | |
58 | Length -= sizeof (TempRand);\r | |
59 | } else {\r | |
b7396789 XL |
60 | CopyMem (RandBuffer, &TempRand, Length);\r |
61 | Length = 0;\r | |
62 | }\r | |
63 | }\r | |
64 | \r | |
65 | return Ret;\r | |
66 | }\r | |
67 | \r | |
b7396789 XL |
68 | /*\r |
69 | * Add random bytes to the pool to acquire requested amount of entropy\r | |
70 | *\r | |
71 | * This function is platform specific and tries to acquire the requested\r | |
72 | * amount of entropy by polling platform specific entropy sources.\r | |
73 | *\r | |
74 | * This is OpenSSL required interface.\r | |
75 | */\r | |
b5701a4c MC |
76 | size_t\r |
77 | rand_pool_acquire_entropy (\r | |
7c342378 | 78 | RAND_POOL *pool\r |
b5701a4c | 79 | )\r |
b7396789 | 80 | {\r |
b5701a4c MC |
81 | BOOLEAN Ret;\r |
82 | size_t Bytes_needed;\r | |
7c342378 | 83 | unsigned char *Buffer;\r |
b7396789 | 84 | \r |
b5701a4c MC |
85 | Bytes_needed = rand_pool_bytes_needed (pool, 1 /*entropy_factor*/);\r |
86 | if (Bytes_needed > 0) {\r | |
87 | Buffer = rand_pool_add_begin (pool, Bytes_needed);\r | |
b7396789 | 88 | \r |
b5701a4c MC |
89 | if (Buffer != NULL) {\r |
90 | Ret = RandGetBytes (Bytes_needed, Buffer);\r | |
b7396789 | 91 | if (FALSE == Ret) {\r |
b5701a4c | 92 | rand_pool_add_end (pool, 0, 0);\r |
7c342378 | 93 | } else {\r |
b5701a4c | 94 | rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed);\r |
b7396789 XL |
95 | }\r |
96 | }\r | |
97 | }\r | |
98 | \r | |
b5701a4c | 99 | return rand_pool_entropy_available (pool);\r |
b7396789 XL |
100 | }\r |
101 | \r | |
102 | /*\r | |
103 | * Implementation for UEFI\r | |
104 | *\r | |
105 | * This is OpenSSL required interface.\r | |
106 | */\r | |
b5701a4c MC |
107 | int\r |
108 | rand_pool_add_nonce_data (\r | |
7c342378 | 109 | RAND_POOL *pool\r |
b5701a4c | 110 | )\r |
b7396789 | 111 | {\r |
7c342378 MK |
112 | UINT8 data[16];\r |
113 | \r | |
114 | RandGetBytes (sizeof (data), data);\r | |
b7396789 | 115 | \r |
7c342378 | 116 | return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);\r |
b7396789 XL |
117 | }\r |
118 | \r | |
119 | /*\r | |
120 | * Implementation for UEFI\r | |
121 | *\r | |
122 | * This is OpenSSL required interface.\r | |
123 | */\r | |
b5701a4c MC |
124 | int\r |
125 | rand_pool_add_additional_data (\r | |
7c342378 | 126 | RAND_POOL *pool\r |
b5701a4c | 127 | )\r |
b7396789 | 128 | {\r |
7c342378 MK |
129 | UINT8 data[16];\r |
130 | \r | |
131 | RandGetBytes (sizeof (data), data);\r | |
b7396789 | 132 | \r |
7c342378 | 133 | return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);\r |
b7396789 XL |
134 | }\r |
135 | \r | |
136 | /*\r | |
7aa8af45 | 137 | * Dummy Implementation for UEFI\r |
b7396789 XL |
138 | *\r |
139 | * This is OpenSSL required interface.\r | |
140 | */\r | |
b5701a4c MC |
141 | int\r |
142 | rand_pool_init (\r | |
143 | VOID\r | |
144 | )\r | |
b7396789 XL |
145 | {\r |
146 | return 1;\r | |
147 | }\r | |
148 | \r | |
149 | /*\r | |
7aa8af45 | 150 | * Dummy Implementation for UEFI\r |
b7396789 XL |
151 | *\r |
152 | * This is OpenSSL required interface.\r | |
153 | */\r | |
b5701a4c | 154 | VOID\r |
7c342378 | 155 | rand_pool_cleanup (\r |
b5701a4c MC |
156 | VOID\r |
157 | )\r | |
b7396789 XL |
158 | {\r |
159 | }\r | |
160 | \r | |
161 | /*\r | |
7aa8af45 | 162 | * Dummy Implementation for UEFI\r |
b7396789 XL |
163 | *\r |
164 | * This is OpenSSL required interface.\r | |
165 | */\r | |
b5701a4c MC |
166 | VOID\r |
167 | rand_pool_keep_random_devices_open (\r | |
7c342378 | 168 | int keep\r |
b5701a4c | 169 | )\r |
b7396789 XL |
170 | {\r |
171 | }\r |