-/** @file\r
- Pseudorandom Number Generator Wrapper Implementation over OpenSSL.\r
-\r
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>\r
-SPDX-License-Identifier: BSD-2-Clause-Patent\r
-\r
-**/\r
-\r
-#include "InternalCryptLib.h"\r
-#include <openssl/rand.h>\r
-#include <openssl/evp.h>\r
-#include <Library/PrintLib.h>\r
-\r
-/**\r
- Sets up the seed value for the pseudorandom number generator.\r
-\r
- This function sets up the seed value for the pseudorandom number generator.\r
- If Seed is not NULL, then the seed passed in is used.\r
- If Seed is NULL, then default seed is used.\r
-\r
- @param[in] Seed Pointer to seed value.\r
- If NULL, default seed is used.\r
- @param[in] SeedSize Size of seed value.\r
- If Seed is NULL, this parameter is ignored.\r
-\r
- @retval TRUE Pseudorandom number generator has enough entropy for random generation.\r
- @retval FALSE Pseudorandom number generator does not have enough entropy for random generation.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-RandomSeed (\r
- IN CONST UINT8 *Seed OPTIONAL,\r
- IN UINTN SeedSize\r
- )\r
-{\r
- CHAR8 DefaultSeed[128];\r
-\r
- if (SeedSize > INT_MAX) {\r
- return FALSE;\r
- }\r
-\r
- //\r
- // The software PRNG implementation built in OpenSSL depends on message digest algorithm.\r
- // Make sure SHA-1 digest algorithm is available here.\r
- //\r
- if (EVP_add_digest (EVP_sha1 ()) == 0) {\r
- return FALSE;\r
- }\r
-\r
- //\r
- // Seed the pseudorandom number generator with user-supplied value.\r
- // NOTE: A cryptographic PRNG must be seeded with unpredictable data.\r
- //\r
- if (Seed != NULL) {\r
- RAND_seed (Seed, (UINT32) SeedSize);\r
- } else {\r
- //\r
- // Retrieve current time.\r
- //\r
- AsciiSPrint (\r
- DefaultSeed,\r
- sizeof (DefaultSeed),\r
- "UEFI Crypto Library default seed (%ld)",\r
- AsmReadItc ()\r
- );\r
-\r
- RAND_seed (DefaultSeed, sizeof (DefaultSeed));\r
- }\r
-\r
- if (RAND_status () == 1) {\r
- return TRUE;\r
- }\r
-\r
- return FALSE;\r
-}\r
-\r
-/**\r
- Generates a pseudorandom byte stream of the specified size.\r
-\r
- If Output is NULL, then return FALSE.\r
-\r
- @param[out] Output Pointer to buffer to receive random value.\r
- @param[in] Size Size of random bytes to generate.\r
-\r
- @retval TRUE Pseudorandom byte stream generated successfully.\r
- @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-RandomBytes (\r
- OUT UINT8 *Output,\r
- IN UINTN Size\r
- )\r
-{\r
- //\r
- // Check input parameters.\r
- //\r
- if (Output == NULL || Size > INT_MAX) {\r
- return FALSE;\r
- }\r
-\r
- //\r
- // Generate random data.\r
- //\r
- if (RAND_bytes (Output, (UINT32) Size) != 1) {\r
- return FALSE;\r
- }\r
-\r
- return TRUE;\r
-}\r