]> git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/OpensslLib/rand_pool.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UefiCpuPkg: Move AsmRelocateApLoopStart from Mpfuncs.nasm to AmdSev.nasm
[mirror_edk2.git] / CryptoPkg / Library / OpensslLib / rand_pool.c
1 /** @file
2 OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI.
3 The file implement these functions.
4
5 Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
7
8 **/
9
10 #include "crypto/rand.h"
11 #include <openssl/aes.h>
12
13 #include <Uefi.h>
14 #include <Library/RngLib.h>
15
16 /**
17 Calls RandomNumber64 to fill
18 a buffer of arbitrary size with random bytes.
19 This is a shim layer to RngLib.
20
21 @param[in] Length Size of the buffer, in bytes, to fill with.
22 @param[out] RandBuffer Pointer to the buffer to store the random result.
23
24 @retval TRUE Random bytes generation succeeded.
25 @retval FALSE Failed to request random bytes.
26
27 **/
28 STATIC
29 BOOLEAN
30 EFIAPI
31 RandGetBytes (
32 IN UINTN Length,
33 OUT UINT8 *RandBuffer
34 )
35 {
36 BOOLEAN Ret;
37 UINT64 TempRand;
38
39 Ret = FALSE;
40
41 if (RandBuffer == NULL) {
42 DEBUG ((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n"));
43 ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later.
44 return Ret;
45 }
46
47 while (Length > 0) {
48 // Use RngLib to get random number
49 Ret = GetRandomNumber64 (&TempRand);
50
51 if (!Ret) {
52 return Ret;
53 }
54
55 if (Length >= sizeof (TempRand)) {
56 *((UINT64 *)RandBuffer) = TempRand;
57 RandBuffer += sizeof (UINT64);
58 Length -= sizeof (TempRand);
59 } else {
60 CopyMem (RandBuffer, &TempRand, Length);
61 Length = 0;
62 }
63 }
64
65 return Ret;
66 }
67
68 /*
69 * Add random bytes to the pool to acquire requested amount of entropy
70 *
71 * This function is platform specific and tries to acquire the requested
72 * amount of entropy by polling platform specific entropy sources.
73 *
74 * This is OpenSSL required interface.
75 */
76 size_t
77 rand_pool_acquire_entropy (
78 RAND_POOL *pool
79 )
80 {
81 BOOLEAN Ret;
82 size_t Bytes_needed;
83 unsigned char *Buffer;
84
85 Bytes_needed = rand_pool_bytes_needed (pool, 1 /*entropy_factor*/);
86 if (Bytes_needed > 0) {
87 Buffer = rand_pool_add_begin (pool, Bytes_needed);
88
89 if (Buffer != NULL) {
90 Ret = RandGetBytes (Bytes_needed, Buffer);
91 if (FALSE == Ret) {
92 rand_pool_add_end (pool, 0, 0);
93 } else {
94 rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed);
95 }
96 }
97 }
98
99 return rand_pool_entropy_available (pool);
100 }
101
102 /*
103 * Implementation for UEFI
104 *
105 * This is OpenSSL required interface.
106 */
107 int
108 rand_pool_add_nonce_data (
109 RAND_POOL *pool
110 )
111 {
112 UINT8 data[16];
113
114 RandGetBytes (sizeof (data), data);
115
116 return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);
117 }
118
119 /*
120 * Implementation for UEFI
121 *
122 * This is OpenSSL required interface.
123 */
124 int
125 rand_pool_add_additional_data (
126 RAND_POOL *pool
127 )
128 {
129 UINT8 data[16];
130
131 RandGetBytes (sizeof (data), data);
132
133 return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);
134 }
135
136 /*
137 * Dummy Implementation for UEFI
138 *
139 * This is OpenSSL required interface.
140 */
141 int
142 rand_pool_init (
143 VOID
144 )
145 {
146 return 1;
147 }
148
149 /*
150 * Dummy Implementation for UEFI
151 *
152 * This is OpenSSL required interface.
153 */
154 VOID
155 rand_pool_cleanup (
156 VOID
157 )
158 {
159 }
160
161 /*
162 * Dummy Implementation for UEFI
163 *
164 * This is OpenSSL required interface.
165 */
166 VOID
167 rand_pool_keep_random_devices_open (
168 int keep
169 )
170 {
171 }
EFI Development Kit II mirror for PVE