]>
Commit | Line | Data |
---|---|---|
b7396789 XL |
1 | /** @file\r |
2 | OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI.\r | |
3 | The file implement these functions.\r | |
4 | \r | |
b5701a4c MC |
5 | Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>\r |
6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
b7396789 XL |
7 | \r |
8 | **/\r | |
9 | \r | |
8c30327d | 10 | #include "crypto/rand.h"\r |
b7396789 XL |
11 | #include <openssl/aes.h>\r |
12 | \r | |
13 | #include <Uefi.h>\r | |
b5701a4c | 14 | #include <Library/RngLib.h>\r |
b7396789 XL |
15 | \r |
16 | /**\r | |
17 | Calls RandomNumber64 to fill\r | |
18 | a buffer of arbitrary size with random bytes.\r | |
b5701a4c | 19 | This is a shim layer to RngLib.\r |
b7396789 XL |
20 | \r |
21 | @param[in] Length Size of the buffer, in bytes, to fill with.\r | |
22 | @param[out] RandBuffer Pointer to the buffer to store the random result.\r | |
23 | \r | |
b5701a4c MC |
24 | @retval TRUE Random bytes generation succeeded.\r |
25 | @retval FALSE Failed to request random bytes.\r | |
b7396789 XL |
26 | \r |
27 | **/\r | |
28 | STATIC\r | |
29 | BOOLEAN\r | |
30 | EFIAPI\r | |
31 | RandGetBytes (\r | |
32 | IN UINTN Length,\r | |
b5701a4c | 33 | OUT UINT8 *RandBuffer\r |
b7396789 XL |
34 | )\r |
35 | {\r | |
36 | BOOLEAN Ret;\r | |
37 | UINT64 TempRand;\r | |
38 | \r | |
39 | Ret = FALSE;\r | |
40 | \r | |
b5701a4c MC |
41 | if (RandBuffer == NULL) {\r |
42 | DEBUG((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n"));\r | |
43 | ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later.\r | |
44 | return Ret;\r | |
45 | }\r | |
46 | \r | |
47 | \r | |
b7396789 | 48 | while (Length > 0) {\r |
b5701a4c MC |
49 | // Use RngLib to get random number\r |
50 | Ret = GetRandomNumber64 (&TempRand);\r | |
51 | \r | |
b7396789 XL |
52 | if (!Ret) {\r |
53 | return Ret;\r | |
54 | }\r | |
55 | if (Length >= sizeof (TempRand)) {\r | |
56 | *((UINT64*) RandBuffer) = TempRand;\r | |
57 | RandBuffer += sizeof (UINT64);\r | |
58 | Length -= sizeof (TempRand);\r | |
b5701a4c MC |
59 | }\r |
60 | else {\r | |
b7396789 XL |
61 | CopyMem (RandBuffer, &TempRand, Length);\r |
62 | Length = 0;\r | |
63 | }\r | |
64 | }\r | |
65 | \r | |
66 | return Ret;\r | |
67 | }\r | |
68 | \r | |
b7396789 XL |
69 | /*\r |
70 | * Add random bytes to the pool to acquire requested amount of entropy\r | |
71 | *\r | |
72 | * This function is platform specific and tries to acquire the requested\r | |
73 | * amount of entropy by polling platform specific entropy sources.\r | |
74 | *\r | |
75 | * This is OpenSSL required interface.\r | |
76 | */\r | |
b5701a4c MC |
77 | size_t\r |
78 | rand_pool_acquire_entropy (\r | |
79 | RAND_POOL *pool\r | |
80 | )\r | |
b7396789 | 81 | {\r |
b5701a4c MC |
82 | BOOLEAN Ret;\r |
83 | size_t Bytes_needed;\r | |
84 | unsigned char *Buffer;\r | |
b7396789 | 85 | \r |
b5701a4c MC |
86 | Bytes_needed = rand_pool_bytes_needed (pool, 1 /*entropy_factor*/);\r |
87 | if (Bytes_needed > 0) {\r | |
88 | Buffer = rand_pool_add_begin (pool, Bytes_needed);\r | |
b7396789 | 89 | \r |
b5701a4c MC |
90 | if (Buffer != NULL) {\r |
91 | Ret = RandGetBytes (Bytes_needed, Buffer);\r | |
b7396789 | 92 | if (FALSE == Ret) {\r |
b5701a4c MC |
93 | rand_pool_add_end (pool, 0, 0);\r |
94 | }\r | |
95 | else {\r | |
96 | rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed);\r | |
b7396789 XL |
97 | }\r |
98 | }\r | |
99 | }\r | |
100 | \r | |
b5701a4c | 101 | return rand_pool_entropy_available (pool);\r |
b7396789 XL |
102 | }\r |
103 | \r | |
104 | /*\r | |
105 | * Implementation for UEFI\r | |
106 | *\r | |
107 | * This is OpenSSL required interface.\r | |
108 | */\r | |
b5701a4c MC |
109 | int\r |
110 | rand_pool_add_nonce_data (\r | |
111 | RAND_POOL *pool\r | |
112 | )\r | |
b7396789 | 113 | {\r |
b5701a4c MC |
114 | UINT8 data[16];\r |
115 | RandGetBytes (sizeof(data), data);\r | |
b7396789 | 116 | \r |
b5701a4c | 117 | return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0);\r |
b7396789 XL |
118 | }\r |
119 | \r | |
120 | /*\r | |
121 | * Implementation for UEFI\r | |
122 | *\r | |
123 | * This is OpenSSL required interface.\r | |
124 | */\r | |
b5701a4c MC |
125 | int\r |
126 | rand_pool_add_additional_data (\r | |
127 | RAND_POOL *pool\r | |
128 | )\r | |
b7396789 | 129 | {\r |
b5701a4c MC |
130 | UINT8 data[16];\r |
131 | RandGetBytes (sizeof(data), data);\r | |
b7396789 | 132 | \r |
b5701a4c | 133 | return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0);\r |
b7396789 XL |
134 | }\r |
135 | \r | |
136 | /*\r | |
7aa8af45 | 137 | * Dummy Implementation for UEFI\r |
b7396789 XL |
138 | *\r |
139 | * This is OpenSSL required interface.\r | |
140 | */\r | |
b5701a4c MC |
141 | int\r |
142 | rand_pool_init (\r | |
143 | VOID\r | |
144 | )\r | |
b7396789 XL |
145 | {\r |
146 | return 1;\r | |
147 | }\r | |
148 | \r | |
149 | /*\r | |
7aa8af45 | 150 | * Dummy Implementation for UEFI\r |
b7396789 XL |
151 | *\r |
152 | * This is OpenSSL required interface.\r | |
153 | */\r | |
b5701a4c MC |
154 | VOID\r |
155 | rand_pool_cleanup(\r | |
156 | VOID\r | |
157 | )\r | |
b7396789 XL |
158 | {\r |
159 | }\r | |
160 | \r | |
161 | /*\r | |
7aa8af45 | 162 | * Dummy Implementation for UEFI\r |
b7396789 XL |
163 | *\r |
164 | * This is OpenSSL required interface.\r | |
165 | */\r | |
b5701a4c MC |
166 | VOID\r |
167 | rand_pool_keep_random_devices_open (\r | |
168 | int keep\r | |
169 | )\r | |
b7396789 XL |
170 | {\r |
171 | }\r |