[mirror_edk2.git] / CryptoPkg / Library / OpensslLib / rand_pool.c

/** @file\r
  OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI.\r
  The file implement these functions.\r
\r
  Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "crypto/rand.h"\r
#include <openssl/aes.h>\r
\r
#include <Uefi.h>\r
#include <Library/RngLib.h>\r
\r
/**\r
  Calls RandomNumber64 to fill\r
  a buffer of arbitrary size with random bytes.\r
  This is a shim layer to RngLib.\r
\r
  @param[in]   Length        Size of the buffer, in bytes,  to fill with.\r
  @param[out]  RandBuffer    Pointer to the buffer to store the random result.\r
\r
  @retval TRUE        Random bytes generation succeeded.\r
  @retval FALSE       Failed to request random bytes.\r
\r
**/\r
STATIC\r
BOOLEAN\r
EFIAPI\r
RandGetBytes (\r
  IN UINTN         Length,\r
  OUT UINT8       *RandBuffer\r
  )\r
{\r
  BOOLEAN     Ret;\r
  UINT64      TempRand;\r
\r
  Ret = FALSE;\r
\r
  if (RandBuffer == NULL) {\r
    DEBUG((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n"));\r
    ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later.\r
    return Ret;\r
  }\r
\r
\r
  while (Length > 0) {\r
    // Use RngLib to get random number\r
    Ret = GetRandomNumber64 (&TempRand);\r
\r
    if (!Ret) {\r
      return Ret;\r
    }\r
    if (Length >= sizeof (TempRand)) {\r
      *((UINT64*) RandBuffer) = TempRand;\r
      RandBuffer += sizeof (UINT64);\r
      Length -= sizeof (TempRand);\r
    }\r
    else {\r
      CopyMem (RandBuffer, &TempRand, Length);\r
      Length = 0;\r
    }\r
  }\r
\r
  return Ret;\r
}\r
\r
/*\r
 * Add random bytes to the pool to acquire requested amount of entropy\r
 *\r
 * This function is platform specific and tries to acquire the requested\r
 * amount of entropy by polling platform specific entropy sources.\r
 *\r
 * This is OpenSSL required interface.\r
 */\r
size_t\r
rand_pool_acquire_entropy (\r
  RAND_POOL *pool\r
  )\r
{\r
  BOOLEAN        Ret;\r
  size_t         Bytes_needed;\r
  unsigned char *Buffer;\r
\r
  Bytes_needed = rand_pool_bytes_needed (pool, 1 /*entropy_factor*/);\r
  if (Bytes_needed > 0) {\r
    Buffer = rand_pool_add_begin (pool, Bytes_needed);\r
\r
    if (Buffer != NULL) {\r
      Ret = RandGetBytes (Bytes_needed, Buffer);\r
      if (FALSE == Ret) {\r
        rand_pool_add_end (pool, 0, 0);\r
      }\r
      else {\r
        rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed);\r
      }\r
    }\r
  }\r
\r
  return rand_pool_entropy_available (pool);\r
}\r
\r
/*\r
 * Implementation for UEFI\r
 *\r
 * This is OpenSSL required interface.\r
 */\r
int\r
rand_pool_add_nonce_data (\r
  RAND_POOL *pool\r
  )\r
{\r
  UINT8 data[16];\r
  RandGetBytes (sizeof(data), data);\r
\r
  return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0);\r
}\r
\r
/*\r
 * Implementation for UEFI\r
 *\r
 * This is OpenSSL required interface.\r
 */\r
int\r
rand_pool_add_additional_data (\r
  RAND_POOL *pool\r
  )\r
{\r
  UINT8 data[16];\r
  RandGetBytes (sizeof(data), data);\r
\r
  return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0);\r
}\r
\r
/*\r
 * Dummy Implementation for UEFI\r
 *\r
 * This is OpenSSL required interface.\r
 */\r
int\r
rand_pool_init (\r
  VOID\r
  )\r
{\r
  return 1;\r
}\r
\r
/*\r
 * Dummy Implementation for UEFI\r
 *\r
 * This is OpenSSL required interface.\r
 */\r
VOID\r
rand_pool_cleanup(\r
  VOID\r
  )\r
{\r
}\r
\r
/*\r
 * Dummy Implementation for UEFI\r
 *\r
 * This is OpenSSL required interface.\r
 */\r
VOID\r
rand_pool_keep_random_devices_open (\r
  int keep\r
  )\r
{\r
}\r
Commit	Line	Data
b7396789 XL	1	/** @file\r
	2	OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI.\r
	3	The file implement these functions.\r
	4	\r
b5701a4c MC	5	Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>\r
b5701a4c MC	6	SPDX-License-Identifier: BSD-2-Clause-Patent\r
b7396789 XL	7	\r
	8	**/\r
	9	\r
8c30327d	10	#include "crypto/rand.h"\r
b7396789 XL	11	#include <openssl/aes.h>\r
	12	\r
	13	#include <Uefi.h>\r
b5701a4c	14	#include <Library/RngLib.h>\r
b7396789 XL	15	\r
	16	/**\r
	17	Calls RandomNumber64 to fill\r
	18	a buffer of arbitrary size with random bytes.\r
b5701a4c	19	This is a shim layer to RngLib.\r
b7396789 XL	20	\r
	21	@param[in] Length Size of the buffer, in bytes, to fill with.\r
	22	@param[out] RandBuffer Pointer to the buffer to store the random result.\r
	23	\r
b5701a4c MC	24	@retval TRUE Random bytes generation succeeded.\r
b5701a4c MC	25	@retval FALSE Failed to request random bytes.\r
b7396789 XL	26	\r
	27	**/\r
	28	STATIC\r
	29	BOOLEAN\r
	30	EFIAPI\r
	31	RandGetBytes (\r
	32	IN UINTN Length,\r
b5701a4c	33	OUT UINT8 *RandBuffer\r
b7396789 XL	34	)\r
	35	{\r
	36	BOOLEAN Ret;\r
	37	UINT64 TempRand;\r
	38	\r
	39	Ret = FALSE;\r
	40	\r
b5701a4c MC	41	if (RandBuffer == NULL) {\r
	42	DEBUG((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n"));\r
	43	ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later.\r
	44	return Ret;\r
	45	}\r
	46	\r
	47	\r
b7396789	48	while (Length > 0) {\r
b5701a4c MC	49	// Use RngLib to get random number\r
	50	Ret = GetRandomNumber64 (&TempRand);\r
	51	\r
b7396789 XL	52	if (!Ret) {\r
	53	return Ret;\r
	54	}\r
	55	if (Length >= sizeof (TempRand)) {\r
	56	((UINT64) RandBuffer) = TempRand;\r
	57	RandBuffer += sizeof (UINT64);\r
	58	Length -= sizeof (TempRand);\r
b5701a4c MC	59	}\r
b5701a4c MC	60	else {\r
b7396789 XL	61	CopyMem (RandBuffer, &TempRand, Length);\r
	62	Length = 0;\r
	63	}\r
	64	}\r
	65	\r
	66	return Ret;\r
	67	}\r
	68	\r
b7396789 XL	69	/*\r
	70	* Add random bytes to the pool to acquire requested amount of entropy\r
	71	*\r
	72	* This function is platform specific and tries to acquire the requested\r
	73	* amount of entropy by polling platform specific entropy sources.\r
	74	*\r
	75	* This is OpenSSL required interface.\r
	76	*/\r
b5701a4c MC	77	size_t\r
	78	rand_pool_acquire_entropy (\r
	79	RAND_POOL *pool\r
	80	)\r
b7396789	81	{\r
b5701a4c MC	82	BOOLEAN Ret;\r
	83	size_t Bytes_needed;\r
	84	unsigned char *Buffer;\r
b7396789	85	\r
b5701a4c MC	86	Bytes_needed = rand_pool_bytes_needed (pool, 1 /entropy_factor/);\r
	87	if (Bytes_needed > 0) {\r
	88	Buffer = rand_pool_add_begin (pool, Bytes_needed);\r
b7396789	89	\r
b5701a4c MC	90	if (Buffer != NULL) {\r
b5701a4c MC	91	Ret = RandGetBytes (Bytes_needed, Buffer);\r
b7396789	92	if (FALSE == Ret) {\r
b5701a4c MC	93	rand_pool_add_end (pool, 0, 0);\r
	94	}\r
	95	else {\r
	96	rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed);\r
b7396789 XL	97	}\r
	98	}\r
	99	}\r
	100	\r
b5701a4c	101	return rand_pool_entropy_available (pool);\r
b7396789 XL	102	}\r
	103	\r
	104	/*\r
	105	* Implementation for UEFI\r
	106	*\r
	107	* This is OpenSSL required interface.\r
	108	*/\r
b5701a4c MC	109	int\r
	110	rand_pool_add_nonce_data (\r
	111	RAND_POOL *pool\r
	112	)\r
b7396789	113	{\r
b5701a4c MC	114	UINT8 data[16];\r
b5701a4c MC	115	RandGetBytes (sizeof(data), data);\r
b7396789	116	\r
b5701a4c	117	return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0);\r
b7396789 XL	118	}\r
	119	\r
	120	/*\r
	121	* Implementation for UEFI\r
	122	*\r
	123	* This is OpenSSL required interface.\r
	124	*/\r
b5701a4c MC	125	int\r
	126	rand_pool_add_additional_data (\r
	127	RAND_POOL *pool\r
	128	)\r
b7396789	129	{\r
b5701a4c MC	130	UINT8 data[16];\r
b5701a4c MC	131	RandGetBytes (sizeof(data), data);\r
b7396789	132	\r
b5701a4c	133	return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0);\r
b7396789 XL	134	}\r
	135	\r
	136	/*\r
7aa8af45	137	* Dummy Implementation for UEFI\r
b7396789 XL	138	*\r
	139	* This is OpenSSL required interface.\r
	140	*/\r
b5701a4c MC	141	int\r
	142	rand_pool_init (\r
	143	VOID\r
	144	)\r
b7396789 XL	145	{\r
	146	return 1;\r
	147	}\r
	148	\r
	149	/*\r
7aa8af45	150	* Dummy Implementation for UEFI\r
b7396789 XL	151	*\r
	152	* This is OpenSSL required interface.\r
	153	*/\r
b5701a4c MC	154	VOID\r
	155	rand_pool_cleanup(\r
	156	VOID\r
	157	)\r
b7396789 XL	158	{\r
	159	}\r
	160	\r
	161	/*\r
7aa8af45	162	* Dummy Implementation for UEFI\r
b7396789 XL	163	*\r
	164	* This is OpenSSL required interface.\r
	165	*/\r
b5701a4c MC	166	VOID\r
	167	rand_pool_keep_random_devices_open (\r
	168	int keep\r
	169	)\r
b7396789 XL	170	{\r
b7396789 XL	171	}\r