[mirror_edk2.git] / SecurityPkg / RandomNumberGenerator / RngDxe / Rand / RngDxe.c

/** @file\r
  RNG Driver to produce the UEFI Random Number Generator protocol.\r
\r
  The driver will use the new RDRAND instruction to produce high-quality, high-performance\r
  entropy and random number.\r
\r
  RNG Algorithms defined in UEFI 2.4:\r
   - EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID  - Supported\r
     (RDRAND implements a hardware NIST SP800-90 AES-CTR-256 based DRBG)\r
   - EFI_RNG_ALGORITHM_RAW                    - Supported\r
     (Structuring RDRAND invocation can be guaranteed as high-quality entropy source)\r
   - EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID - Unsupported\r
   - EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID - Unsupported\r
   - EFI_RNG_ALGORITHM_X9_31_3DES_GUID        - Unsupported\r
   - EFI_RNG_ALGORITHM_X9_31_AES_GUID         - Unsupported\r
\r
  Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>\r
  (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "RdRand.h"\r
#include "RngDxeInternals.h"\r
\r
/**\r
  Produces and returns an RNG value using either the default or specified RNG algorithm.\r
\r
  @param[in]  This                    A pointer to the EFI_RNG_PROTOCOL instance.\r
  @param[in]  RNGAlgorithm            A pointer to the EFI_RNG_ALGORITHM that identifies the RNG\r
                                      algorithm to use. May be NULL in which case the function will\r
                                      use its default RNG algorithm.\r
  @param[in]  RNGValueLength          The length in bytes of the memory buffer pointed to by\r
                                      RNGValue. The driver shall return exactly this numbers of bytes.\r
  @param[out] RNGValue                A caller-allocated memory buffer filled by the driver with the\r
                                      resulting RNG value.\r
\r
  @retval EFI_SUCCESS                 The RNG value was returned successfully.\r
  @retval EFI_UNSUPPORTED             The algorithm specified by RNGAlgorithm is not supported by\r
                                      this driver.\r
  @retval EFI_DEVICE_ERROR            An RNG value could not be retrieved due to a hardware or\r
                                      firmware error.\r
  @retval EFI_NOT_READY               There is not enough random data available to satisfy the length\r
                                      requested by RNGValueLength.\r
  @retval EFI_INVALID_PARAMETER       RNGValue is NULL or RNGValueLength is zero.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
RngGetRNG (\r
  IN EFI_RNG_PROTOCOL   *This,\r
  IN EFI_RNG_ALGORITHM  *RNGAlgorithm  OPTIONAL,\r
  IN UINTN              RNGValueLength,\r
  OUT UINT8             *RNGValue\r
  )\r
{\r
  EFI_STATUS  Status;\r
\r
  if ((RNGValueLength == 0) || (RNGValue == NULL)) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  Status = EFI_UNSUPPORTED;\r
  if (RNGAlgorithm == NULL) {\r
    //\r
    // Use the default RNG algorithm if RNGAlgorithm is NULL.\r
    //\r
    RNGAlgorithm = &gEfiRngAlgorithmSp80090Ctr256Guid;\r
  }\r
\r
  //\r
  // NIST SP800-90-AES-CTR-256 supported by RDRAND\r
  //\r
  if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmSp80090Ctr256Guid)) {\r
    Status = RngGetBytes (RNGValueLength, RNGValue);\r
    return Status;\r
  }\r
\r
  //\r
  // The "raw" algorithm is intended to provide entropy directly\r
  //\r
  if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) {\r
    //\r
    // When a DRBG is used on the output of a entropy source,\r
    // its security level must be at least 256 bits according to UEFI Spec.\r
    //\r
    if (RNGValueLength < 32) {\r
      return EFI_INVALID_PARAMETER;\r
    }\r
\r
    Status = RdRandGenerateEntropy (RNGValueLength, RNGValue);\r
    return Status;\r
  }\r
\r
  //\r
  // Other algorithms were unsupported by this driver.\r
  //\r
  return Status;\r
}\r
\r
/**\r
  Returns information about the random number generation implementation.\r
\r
  @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.\r
                                      On output with a return code of EFI_SUCCESS, the size\r
                                      in bytes of the data returned in RNGAlgorithmList. On output\r
                                      with a return code of EFI_BUFFER_TOO_SMALL,\r
                                      the size of RNGAlgorithmList required to obtain the list.\r
  @param[out] RNGAlgorithmList        A caller-allocated memory buffer filled by the driver\r
                                      with one EFI_RNG_ALGORITHM element for each supported\r
                                      RNG algorithm. The list must not change across multiple\r
                                      calls to the same driver. The first algorithm in the list\r
                                      is the default algorithm for the driver.\r
\r
  @retval EFI_SUCCESS                 The RNG algorithm list was returned successfully.\r
  @retval EFI_BUFFER_TOO_SMALL        The buffer RNGAlgorithmList is too small to hold the result.\r
\r
**/\r
UINTN\r
EFIAPI\r
ArchGetSupportedRngAlgorithms (\r
  IN OUT UINTN              *RNGAlgorithmListSize,\r
  OUT    EFI_RNG_ALGORITHM  *RNGAlgorithmList\r
  )\r
{\r
  UINTN              RequiredSize;\r
  EFI_RNG_ALGORITHM  *CpuRngSupportedAlgorithm;\r
\r
  RequiredSize = 2 * sizeof (EFI_RNG_ALGORITHM);\r
\r
  if (*RNGAlgorithmListSize < RequiredSize) {\r
    *RNGAlgorithmListSize = RequiredSize;\r
    return EFI_BUFFER_TOO_SMALL;\r
  }\r
\r
  CpuRngSupportedAlgorithm = PcdGetPtr (PcdCpuRngSupportedAlgorithm);\r
\r
  CopyMem (&RNGAlgorithmList[0], CpuRngSupportedAlgorithm, sizeof (EFI_RNG_ALGORITHM));\r
\r
  // x86 platforms also support EFI_RNG_ALGORITHM_RAW via RDSEED\r
  CopyMem (&RNGAlgorithmList[1], &gEfiRngAlgorithmRaw, sizeof (EFI_RNG_ALGORITHM));\r
\r
  *RNGAlgorithmListSize = RequiredSize;\r
  return EFI_SUCCESS;\r
}\r
Commit	Line	Data
4e5ecdba RC	1	/** @file\r
	2	RNG Driver to produce the UEFI Random Number Generator protocol.\r
	3	\r
	4	The driver will use the new RDRAND instruction to produce high-quality, high-performance\r
	5	entropy and random number.\r
	6	\r
	7	RNG Algorithms defined in UEFI 2.4:\r
	8	- EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID - Supported\r
	9	(RDRAND implements a hardware NIST SP800-90 AES-CTR-256 based DRBG)\r
	10	- EFI_RNG_ALGORITHM_RAW - Supported\r
	11	(Structuring RDRAND invocation can be guaranteed as high-quality entropy source)\r
	12	- EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID - Unsupported\r
	13	- EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID - Unsupported\r
	14	- EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported\r
	15	- EFI_RNG_ALGORITHM_X9_31_AES_GUID - Unsupported\r
	16	\r
	17	Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>\r
	18	(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>\r
	19	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	20	\r
	21	**/\r
	22	\r
	23	#include "RdRand.h"\r
	24	#include "RngDxeInternals.h"\r
	25	\r
	26	/**\r
	27	Produces and returns an RNG value using either the default or specified RNG algorithm.\r
	28	\r
	29	@param[in] This A pointer to the EFI_RNG_PROTOCOL instance.\r
	30	@param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM that identifies the RNG\r
	31	algorithm to use. May be NULL in which case the function will\r
	32	use its default RNG algorithm.\r
	33	@param[in] RNGValueLength The length in bytes of the memory buffer pointed to by\r
	34	RNGValue. The driver shall return exactly this numbers of bytes.\r
	35	@param[out] RNGValue A caller-allocated memory buffer filled by the driver with the\r
	36	resulting RNG value.\r
	37	\r
	38	@retval EFI_SUCCESS The RNG value was returned successfully.\r
	39	@retval EFI_UNSUPPORTED The algorithm specified by RNGAlgorithm is not supported by\r
	40	this driver.\r
	41	@retval EFI_DEVICE_ERROR An RNG value could not be retrieved due to a hardware or\r
	42	firmware error.\r
	43	@retval EFI_NOT_READY There is not enough random data available to satisfy the length\r
	44	requested by RNGValueLength.\r
	45	@retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength is zero.\r
	46	\r
	47	**/\r
	48	EFI_STATUS\r
	49	EFIAPI\r
	50	RngGetRNG (\r
c411b485 MK	51	IN EFI_RNG_PROTOCOL *This,\r
	52	IN EFI_RNG_ALGORITHM *RNGAlgorithm OPTIONAL,\r
	53	IN UINTN RNGValueLength,\r
	54	OUT UINT8 *RNGValue\r
4e5ecdba RC	55	)\r
4e5ecdba RC	56	{\r
c411b485	57	EFI_STATUS Status;\r
4e5ecdba RC	58	\r
	59	if ((RNGValueLength == 0) \|\| (RNGValue == NULL)) {\r
	60	return EFI_INVALID_PARAMETER;\r
	61	}\r
	62	\r
	63	Status = EFI_UNSUPPORTED;\r
	64	if (RNGAlgorithm == NULL) {\r
	65	//\r
	66	// Use the default RNG algorithm if RNGAlgorithm is NULL.\r
	67	//\r
	68	RNGAlgorithm = &gEfiRngAlgorithmSp80090Ctr256Guid;\r
	69	}\r
	70	\r
	71	//\r
	72	// NIST SP800-90-AES-CTR-256 supported by RDRAND\r
	73	//\r
	74	if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmSp80090Ctr256Guid)) {\r
	75	Status = RngGetBytes (RNGValueLength, RNGValue);\r
	76	return Status;\r
	77	}\r
	78	\r
	79	//\r
	80	// The "raw" algorithm is intended to provide entropy directly\r
	81	//\r
	82	if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) {\r
	83	//\r
	84	// When a DRBG is used on the output of a entropy source,\r
	85	// its security level must be at least 256 bits according to UEFI Spec.\r
	86	//\r
	87	if (RNGValueLength < 32) {\r
	88	return EFI_INVALID_PARAMETER;\r
	89	}\r
	90	\r
	91	Status = RdRandGenerateEntropy (RNGValueLength, RNGValue);\r
	92	return Status;\r
	93	}\r
	94	\r
	95	//\r
	96	// Other algorithms were unsupported by this driver.\r
	97	//\r
	98	return Status;\r
	99	}\r
	100	\r
	101	/**\r
	102	Returns information about the random number generation implementation.\r
	103	\r
	104	@param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.\r
	105	On output with a return code of EFI_SUCCESS, the size\r
	106	in bytes of the data returned in RNGAlgorithmList. On output\r
	107	with a return code of EFI_BUFFER_TOO_SMALL,\r
	108	the size of RNGAlgorithmList required to obtain the list.\r
	109	@param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver\r
	110	with one EFI_RNG_ALGORITHM element for each supported\r
	111	RNG algorithm. The list must not change across multiple\r
	112	calls to the same driver. The first algorithm in the list\r
	113	is the default algorithm for the driver.\r
	114	\r
	115	@retval EFI_SUCCESS The RNG algorithm list was returned successfully.\r
	116	@retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.\r
	117	\r
	118	**/\r
	119	UINTN\r
	120	EFIAPI\r
	121	ArchGetSupportedRngAlgorithms (\r
c411b485 MK	122	IN OUT UINTN *RNGAlgorithmListSize,\r
c411b485 MK	123	OUT EFI_RNG_ALGORITHM *RNGAlgorithmList\r
4e5ecdba RC	124	)\r
4e5ecdba RC	125	{\r
c411b485 MK	126	UINTN RequiredSize;\r
c411b485 MK	127	EFI_RNG_ALGORITHM *CpuRngSupportedAlgorithm;\r
4e5ecdba RC	128	\r
	129	RequiredSize = 2 * sizeof (EFI_RNG_ALGORITHM);\r
	130	\r
	131	if (*RNGAlgorithmListSize < RequiredSize) {\r
	132	*RNGAlgorithmListSize = RequiredSize;\r
	133	return EFI_BUFFER_TOO_SMALL;\r
	134	}\r
	135	\r
	136	CpuRngSupportedAlgorithm = PcdGetPtr (PcdCpuRngSupportedAlgorithm);\r
	137	\r
c411b485	138	CopyMem (&RNGAlgorithmList[0], CpuRngSupportedAlgorithm, sizeof (EFI_RNG_ALGORITHM));\r
4e5ecdba RC	139	\r
4e5ecdba RC	140	// x86 platforms also support EFI_RNG_ALGORITHM_RAW via RDSEED\r
c411b485	141	CopyMem (&RNGAlgorithmList[1], &gEfiRngAlgorithmRaw, sizeof (EFI_RNG_ALGORITHM));\r
4e5ecdba RC	142	\r
	143	*RNGAlgorithmListSize = RequiredSize;\r
	144	return EFI_SUCCESS;\r
	145	}\r