tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add UEFI RNG Protocol support. The driver will leverage Intel Secure Key technology to produce the Random Number Generator protocol, which is used to provide high-quality random numbers for use in applications, or entropy for seeding other random number generators. Refer to http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/ for more information about Intel Secure Key technology. 

Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-by: Rosenbaum, Lee G <lee.g.rosenbaum@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14858 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Long, Qin 2013-11-19 01:49:49 +00:00 committed by sfu5
parent 419db80bef
commit 3aa8dc6cd3
17 changed files with 2247 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

156
MdePkg/Include/Protocol/Rng.h Normal file
View File

@ -0,0 +1,156 @@
/** @file
EFI_RNG_PROTOCOL as defined in UEFI 2.4.
The UEFI Random Number Generator Protocol is used to provide random bits for use
in applications, or entropy for seeding other random number generators.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __EFI_RNG_PROTOCOL_H__
#define __EFI_RNG_PROTOCOL_H__
///
/// Global ID for the Random Number Generator Protocol
///
#define EFI_RNG_PROTOCOL_GUID \
{ \
0x3152bca5, 0xeade, 0x433d, {0x86, 0x2e, 0xc0, 0x1c, 0xdc, 0x29, 0x1f, 0x44 } \
}
typedef struct _EFI_RNG_PROTOCOL EFI_RNG_PROTOCOL;
///
/// A selection of EFI_RNG_PROTOCOL algorithms.
/// The algorithms listed are optional, not meant to be exhaustive and be argmented by
/// vendors or other industry standards.
///
typedef EFI_GUID EFI_RNG_ALGORITHM;
///
/// The algorithms corresponds to SP800-90 as defined in
/// NIST SP 800-90, "Recommendation for Random Number Generation Using Deterministic Random
/// Bit Generators", March 2007.
///
#define EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID \
{ \
0xa7af67cb, 0x603b, 0x4d42, {0xba, 0x21, 0x70, 0xbf, 0xb6, 0x29, 0x3f, 0x96 } \
}
#define EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID \
{ \
0xc5149b43, 0xae85, 0x4f53, {0x99, 0x82, 0xb9, 0x43, 0x35, 0xd3, 0xa9, 0xe7 } \
}
#define EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID \
{ \
0x44f0de6e, 0x4d8c, 0x4045, {0xa8, 0xc7, 0x4d, 0xd1, 0x68, 0x85, 0x6b, 0x9e } \
}
///
/// The algorithms correspond to X9.31 as defined in
/// NIST, "Recommended Random Number Generator Based on ANSI X9.31 Appendix A.2.4 Using
/// the 3-Key Triple DES and AES Algorithm", January 2005.
///
#define EFI_RNG_ALGORITHM_X9_31_3DES_GUID \
{ \
0x63c4785a, 0xca34, 0x4012, {0xa3, 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 } \
}
#define EFI_RNG_ALGORITHM_X9_31_AES_GUID \
{ \
0xacd03321, 0x777e, 0x4d3d, {0xb1, 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 } \
}
///
/// The "raw" algorithm, when supported, is intended to provide entropy directly from
/// the source, without it going through some deterministic random bit generator.
///
#define EFI_RNG_ALGORITHM_RAW \
{ \
0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 } \
}
/**
Returns information about the random number generation implementation.
@param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
@param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
On output with a return code of EFI_SUCCESS, the size
in bytes of the data returned in RNGAlgorithmList. On output
with a return code of EFI_BUFFER_TOO_SMALL,
the size of RNGAlgorithmList required to obtain the list.
@param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver
with one EFI_RNG_ALGORITHM element for each supported
RNG algorithm. The list must not change across multiple
calls to the same driver. The first algorithm in the list
is the default algorithm for the driver.
@retval EFI_SUCCESS The RNG algorithm list was returned successfully.
@retval EFI_UNSUPPORTED The services is not supported by this driver.
@retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
hardware or firmware error.
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
@retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
**/
typedef
EFI_STATUS
(EFIAPI *EFI_RNG_GET_INFO) (
IN EFI_RNG_PROTOCOL *This,
IN OUT UINTN *RNGAlgorithmListSize,
OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
);
/**
Produces and returns an RNG value using either the default or specified RNG algorithm.
@param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
@param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM that identifies the RNG
algorithm to use. May be NULL in which case the function will
use its default RNG algorithm.
@param[in] RNGValueLength The length in bytes of the memory buffer pointed to by
RNGValue. The driver shall return exactly this numbers of bytes.
@param[out] RNGValue A caller-allocated memory buffer filled by the driver with the
resulting RNG value.
@retval EFI_SUCCESS The RNG value was returned successfully.
@retval EFI_UNSUPPORTED The algorithm specified by RNGAlgorithm is not supported by
this driver.
@retval EFI_DEVICE_ERROR An RNG value could not be retrieved due to a hardware or
firmware error.
@retval EFI_NOT_READY There is not enough random data available to satisfy the length
requested by RNGValueLength.
@retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength is zero.
**/
typedef
EFI_STATUS
(EFIAPI *EFI_RNG_GET_RNG) (
IN EFI_RNG_PROTOCOL *This,
IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL
IN UINTN RNGValueLength,
OUT UINT8 *RNGValue
);
///
/// The Random Number Generator (RNG) protocol provides random bits for use in
/// applications, or entropy for seeding other random number generators.
///
struct _EFI_RNG_PROTOCOL {
EFI_RNG_GET_INFO GetInfo;
EFI_RNG_GET_RNG GetRNG;
};
extern EFI_GUID gEfiRngProtocolGuid;
extern EFI_GUID gEfiRngAlgorithmSp80090Hash256Guid;
extern EFI_GUID gEfiRngAlgorithmSp80090Hmac256Guid;
extern EFI_GUID gEfiRngAlgorithmSp80090Ctr256Guid;
extern EFI_GUID gEfiRngAlgorithmX9313DesGuid;
extern EFI_GUID gEfiRngAlgorithmX931AesGuid;
extern EFI_GUID gEfiRngAlgorithmRaw;
#endif

11
MdePkg/MdePkg.dec
View File

@ -520,6 +520,14 @@
## Include/Guid/FmpCapsule.h
gEfiFmpCapsuleGuid = { 0x6dcbd5ed, 0xe82d, 0x4c44, {0xbd, 0xa1, 0x71, 0x94, 0x19, 0x9a, 0xd9, 0x2a }}
## Include/Protocol/Rng.h
gEfiRngAlgorithmSp80090Hash256Guid = { 0xa7af67cb, 0x603b, 0x4d42, {0xba, 0x21, 0x70, 0xbf, 0xb6, 0x29, 0x3f, 0x96 }}
gEfiRngAlgorithmSp80090Hmac256Guid = { 0xc5149b43, 0xae85, 0x4f53, {0x99, 0x82, 0xb9, 0x43, 0x35, 0xd3, 0xa9, 0xe7 }}
gEfiRngAlgorithmSp80090Ctr256Guid = { 0x44f0de6e, 0x4d8c, 0x4045, {0xa8, 0xc7, 0x4d, 0xd1, 0x68, 0x85, 0x6b, 0x9e }}
gEfiRngAlgorithmX9313DesGuid = { 0x63c4785a, 0xca34, 0x4012, {0xa3, 0xc8, 0x0b, 0x6a, 0x32, 0x4f, 0x55, 0x46 }}
gEfiRngAlgorithmX931AesGuid = { 0xacd03321, 0x777e, 0x4d3d, {0xb1, 0xc8, 0x20, 0xcf, 0xd8, 0x88, 0x20, 0xc9 }}
gEfiRngAlgorithmRaw = { 0xe43176d7, 0xb6e8, 0x4827, {0xb7, 0x84, 0x7f, 0xfd, 0xc4, 0xb6, 0x85, 0x61 }}
#
# GUID defined in PI1.0
#
@ -1322,6 +1330,9 @@
## Include/Protocol/Timestamp.h
gEfiTimestampProtocolGuid = { 0xafbfde41, 0x2e6e, 0x4262, {0xba, 0x65, 0x62, 0xb9, 0x23, 0x6e, 0x54, 0x95 }}
## Include/Protocol/Rng.h
gEfiRngProtocolGuid = { 0x3152bca5, 0xeade, 0x433d, {0x86, 0x2e, 0xc0, 0x1c, 0xdc, 0x29, 0x1f, 0x44 }}
[PcdsFeatureFlag]
## If TRUE, the component name protocol will not be installed.
gEfiMdePkgTokenSpaceGuid.PcdComponentNameDisable|FALSE|BOOLEAN|0x0000000d

231
SecurityPkg/Application/RngTest/RngTest.c Normal file
View File

@ -0,0 +1,231 @@
/** @file
UEFI RNG (Random Number Generator) Protocol test application.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Uefi.h>
#include <Library/UefiLib.h>
#include <Library/UefiApplicationEntryPoint.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/DebugLib.h>
#include <Protocol/Rng.h>
/**
The user Entry Point for Application. The user code starts with this function
as the real entry point for the application.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The entry point is executed successfully.
@retval other Some error occurs when executing this entry point.
**/
EFI_STATUS
EFIAPI
UefiMain (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
EFI_RNG_PROTOCOL *Rng;
UINTN RngAlgListSize;
EFI_RNG_ALGORITHM RngAlgList[10];
EFI_RNG_ALGORITHM *PtrRngAlg;
UINTN RngAlgCount;
UINT8 *Rand;
UINTN RandSize;
UINTN Index;
UINTN Index2;
Status = EFI_SUCCESS;
PtrRngAlg = NULL;
Rand = NULL;
Print (L"UEFI RNG Protocol Testing :\n");
Print (L"----------------------------\n");
//-----------------------------------------
// Basic UEFI RNG Protocol Test
//-----------------------------------------
Print (L" -- Locate UEFI RNG Protocol : ");
Status = gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID **)&Rng);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]\n", Status);
goto Exit;
} else {
Print (L"[Pass]\n");
}
//-----------------------------------------
// Rng->GetInfo() interface test.
//-----------------------------------------
Print (L" -- Call RNG->GetInfo() interface : ");
RngAlgListSize = 0;
Status = Rng->GetInfo (Rng, &RngAlgListSize, NULL);
if (Status != EFI_BUFFER_TOO_SMALL) {
Print (L"[Fail - Status = %r]\n", Status);
}
//
// Print out the supported RNG algorithm GUIDs
//
RngAlgCount = RngAlgListSize / sizeof (EFI_RNG_ALGORITHM);
Print (L"\n >> Supported RNG Algorithm (Count = %d) : ", RngAlgCount);
Status = Rng->GetInfo (Rng, &RngAlgListSize, RngAlgList);
for (Index = 0; Index < RngAlgCount; Index++) {
PtrRngAlg = (EFI_RNG_ALGORITHM *)(&RngAlgList[Index]);
Print (L"\n %d) ", Index);
Print (L"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", PtrRngAlg->Data1,
PtrRngAlg->Data2, PtrRngAlg->Data3, PtrRngAlg->Data4[0], PtrRngAlg->Data4[1],
PtrRngAlg->Data4[2], PtrRngAlg->Data4[3], PtrRngAlg->Data4[4],
PtrRngAlg->Data4[5], PtrRngAlg->Data4[6], PtrRngAlg->Data4[7]);
}
//-----------------------------------------
// Rng->GetRNG() interface test.
//-----------------------------------------
Print (L"\n -- Call RNG->GetRNG() interface : ");
//
// Allocate one buffer to store random data.
//
RandSize = 32;
Rand = AllocatePool (RandSize);
//
// RNG with default algorithm
//
Print (L"\n >> RNG with default algorithm : ");
Status = Rng->GetRNG (Rng, NULL, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
} else {
Print (L"[Pass]");
}
//
// RNG with SP800-90-HMAC-256
//
Print (L"\n >> RNG with SP800-90-HMAC-256 : ");
Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmSp80090Hmac256Guid, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
} else {
Print (L"[Pass]");
}
//
// RNG with SP800-90-HASH-256
//
Print (L"\n >> RNG with SP800-90-Hash-256 : ");
Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmSp80090Hash256Guid, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
} else {
Print (L"[Pass]");
}
//
// RNG with SP800-90-CTR-256
//
Print (L"\n >> RNG with SP800-90-CTR-256 : ");
Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmSp80090Ctr256Guid, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
} else {
Print (L"[Pass]");
}
//
// RNG with X9.31-3DES
//
Print (L"\n >> RNG with X9.31-3DES : ");
Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmX9313DesGuid, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
} else {
Print (L"[Pass]");
}
//
// RNG with X9.31-AES
//
Print (L"\n >> RNG with X9.31-AES : ");
Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmX931AesGuid, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
} else {
Print (L"[Pass]");
}
//
// RNG with RAW Entropy
//
Print (L"\n >> RNG with RAW Entropy : ");
Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmRaw, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
} else {
Print (L"[Pass]");
}
//-----------------------------------------
// Random Number Generator test.
//-----------------------------------------
Print (L"\n -- Random Number Generation Test with default RNG Algorithm (20 Rounds): ");
RandSize = 1;
for (Index = 0; Index < 20; Index++) {
Status = Rng->GetRNG (Rng, NULL, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
break;
} else {
Print (L"\n %02d) - ", Index + 1);
for (Index2 = 0; Index2 < RandSize; Index2++) {
Print (L"%02x", Rand[Index2]);
}
}
RandSize +=1;
}
//-----------------------------------------
// Random Number Generator test.
//-----------------------------------------
Print (L"\n -- RAW Entropy Generation Test (20 Rounds) : ");
RandSize = 32;
for (Index = 0; Index < 20; Index++) {
Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmRaw, RandSize, Rand);
if (EFI_ERROR (Status)) {
Print (L"[Fail - Status = %r]", Status);
break;
} else {
Print (L"\n %02d) - ", Index + 1);
for (Index2 = 0; Index2 < RandSize; Index2++) {
Print (L"%02x", Rand[Index2]);
}
}
}
Print (L"\n -- Exit UEFI RNG Protocol Test (Status = %r).\n", Status);
Exit:
if (Rand != NULL) {
FreePool (Rand);
}
return Status;
}

50
SecurityPkg/Application/RngTest/RngTest.inf Normal file
View File

@ -0,0 +1,50 @@
## @file
# UEFI RNG (Random Number Generator) Protocol test application.
#
# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = RngTest
FILE_GUID = B8AC7FB2-4211-4c2b-B62F-504421666C87
MODULE_TYPE = UEFI_APPLICATION
VERSION_STRING = 1.0
ENTRY_POINT = UefiMain
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64
#
[Sources]
RngTest.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
UefiApplicationEntryPoint
UefiLib
[Protocols]
gEfiRngProtocolGuid
[Guids]
gEfiRngAlgorithmSp80090Hash256Guid
gEfiRngAlgorithmSp80090Hmac256Guid
gEfiRngAlgorithmSp80090Ctr256Guid
gEfiRngAlgorithmX9313DesGuid
gEfiRngAlgorithmX931AesGuid
gEfiRngAlgorithmRaw

367
SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c Normal file
View File

@ -0,0 +1,367 @@
/** @file
Core Primitive Implementation of the Advanced Encryption Standard (AES) algorithm.
Refer to FIPS PUB 197 ("Advanced Encryption Standard (AES)") for detailed algorithm
description of AES.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "AesCore.h"
//
// Number of columns (32-bit words) comprising the State.
// AES_NB is a constant (value = 4) for NIST FIPS-197.
//
#define AES_NB 4
//
// Pre-computed AES Forward Table: AES_ETABLE[t] = AES_SBOX[t].[02, 01, 01, 03]
// This is to speed up execution of the cipher by combining SubBytes and
// ShiftRows with MixColumns steps and transforming them into table lookups.
//
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT32 AES_FTABLE[] = {
0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd,
0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d,
0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7,
0xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4,
0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1,
0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0x1d83839e,
0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e,
0x5e2f2f71, 0x13848497, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46,
0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7,
0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe,
0x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a,
0xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2,
0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e,
0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256,
0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4,
0xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa,
0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1,
0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, 0xe0707090, 0x7c3e3e42,
0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158,
0x3a1d1d27, 0x279e9eb9, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22,
0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631,
0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
};
//
// Pre-computed AES Reverse Table: AES_DTABLE[t] = AES_INV_SBOX[t].[0e, 09, 0d, 0b]
//
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT32 AES_RTABLE[] = {
0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1,
0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, 0xdeb15a49, 0x25ba1b67,
0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3,
0x49e06929, 0x8ec9c844, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182,
0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2,
0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, 0x8acf1c2b, 0xa779b492,
0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa,
0x5e719f06, 0xbd6e1051, 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997,
0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48,
0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, 0x0c0a67b1, 0x9357e70f,
0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad,
0x2db6a8b9, 0x141ea9c8, 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc,
0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3,
0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, 0x87494ec7, 0xd938d1c1,
0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8,
0x2e39f75e, 0x82c3aff5, 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4,
0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331,
0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, 0x764dd68d, 0x43efb04d,
0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252,
0xe9105633, 0x6dd64713, 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f,
0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c,
0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
};
//
// AES Inverse S-Box (Defined in sec 5.3.2 of FIPS PUB 197).
//
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 AES_INV_SBOX[256] = {
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
};
//
// Round constant word array used in AES key expansion.
//
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT32 Rcon[] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000
};
//
// Rotates x right n bits (circular right shift operation)
//
#define ROTATE_RIGHT32(x, n) (((x) >> (n)) | ((x) << (32-(n))))
//
// Loading & Storing 32-bit words in big-endian format: y[3..0] --> x; x --> y[3..0];
//
#define LOAD32H(x, y) { x = ((UINT32)((y)[0] & 0xFF) << 24) | ((UINT32)((y)[1] & 0xFF) << 16) | \
((UINT32)((y)[2] & 0xFF) << 8) | ((UINT32)((y)[3] & 0xFF)); }
#define STORE32H(x, y) { (y)[0] = (UINT8)(((x) >> 24) & 0xFF); (y)[1] = (UINT8)(((x) >> 16) & 0xFF); \
(y)[2] = (UINT8)(((x) >> 8) & 0xFF); (y)[3] = (UINT8)((x) & 0xFF); }
//
// Wrap macros for AES forward and reverse tables lookups
//
#define AES_FT0(x) AES_FTABLE[x]
#define AES_FT1(x) ROTATE_RIGHT32(AES_FTABLE[x], 8)
#define AES_FT2(x) ROTATE_RIGHT32(AES_FTABLE[x], 16)
#define AES_FT3(x) ROTATE_RIGHT32(AES_FTABLE[x], 24)
#define AES_RT0(x) AES_RTABLE[x]
#define AES_RT1(x) ROTATE_RIGHT32(AES_RTABLE[x], 8)
#define AES_RT2(x) ROTATE_RIGHT32(AES_RTABLE[x], 16)
#define AES_RT3(x) ROTATE_RIGHT32(AES_RTABLE[x], 24)
///
/// AES Key Schedule which is expanded from symmetric key [Size 60 = 4 * ((Max AES Round, 14) + 1)].
///
typedef struct {
UINTN Nk; // Number of Cipher Key (in 32-bit words);
UINT32 eKey[60]; // Expanded AES encryption key
UINT32 dKey[60]; // Expanded AES decryption key (Not used here)
} AES_KEY;
/**
AES Key Expansion.
This function expands the cipher key into encryption schedule.
@param[in] Key AES symmetric key buffer.
@param[in] KeyLenInBits Key length in bits (128, 192, or 256).
@param[out] AesKey Expanded AES Key schedule for encryption.
@retval EFI_SUCCESS AES key expansion succeeded.
@retval EFI_INVALID_PARAMETER Unsupported key length.
**/
EFI_STATUS
EFIAPI
AesExpandKey (
IN UINT8 *Key,
IN UINTN KeyLenInBits,
OUT AES_KEY *AesKey
)
{
UINTN Nk, Nr, NW;
UINTN i, j, k;
UINT32 *Ek;
UINT32 Temp;
//
// Nk - Number of 32-bit words comprising the cipher key. (Nk = 4, 6 or 8)
// Nr - Number of rounds. (Nr = 10, 12, or 14), which is dependent on the key size.
//
Nk = KeyLenInBits >> 5;
if (Nk != 4 && Nk != 6 && Nk != 8) {
return EFI_INVALID_PARAMETER;
}
Nr = Nk + 6;
NW = AES_NB * (Nr + 1); // Key Expansion generates a total of Nb * (Nr + 1) words
AesKey->Nk = Nk;
//
// Load initial symmetric AES key;
// Note that AES was designed on big-endian systems.
//
Ek = AesKey->eKey;
for (i = j = 0; i < Nk; i++, j+=4) {
LOAD32H (Ek[i], Key + j);
}
//
// Initialize the encryption key scheduler
//
for (j = Nk, k = 0; j < NW; j+=Nk, k++) {
Temp = Ek[j - 1];
Ek[j] = Ek[j - Nk] ^ (AES_FT2((Temp >> 16) & 0xFF) & 0xFF000000) ^
(AES_FT3((Temp >> 8) & 0xFF) & 0x00FF0000) ^
(AES_FT0((Temp) & 0xFF) & 0x0000FF00) ^
(AES_FT1((Temp >> 24) & 0xFF) & 0x000000FF) ^
Rcon[k];
if (Nk <= 6) {
//
// If AES Cipher Key is 128 or 192 bits
//
for (i = 1; i < Nk && (i + j) < NW; i++) {
Ek [i + j] = Ek [i + j - Nk] ^ Ek[i + j - 1];
}
} else {
//
// Different routine for key expansion If Cipher Key is 256 bits,
//
for (i = 1; i < 4 && (i + j) < NW; i++) {
Ek [i + j] = Ek[i + j - Nk] ^ Ek[i + j - 1];
}
if (j + 4 < NW) {
Temp = Ek[j + 3];
Ek[j + 4] = Ek[j + 4 - Nk] ^ (AES_FT2((Temp >> 24) & 0xFF) & 0xFF000000) ^
(AES_FT3((Temp >> 16) & 0xFF) & 0x00FF0000) ^
(AES_FT0((Temp >> 8) & 0xFF) & 0x0000FF00) ^
(AES_FT1((Temp) & 0xFF) & 0x000000FF);
}
for (i = 5; i < Nk && (i + j) < NW; i++) {
Ek[i + j] = Ek[i + j - Nk] ^ Ek[i + j - 1];
}
}
}
return EFI_SUCCESS;
}
/**
Encrypts one single block data (128 bits) with AES algorithm.
@param[in] Key AES symmetric key buffer.
@param[in] InData One block of input plaintext to be encrypted.
@param[out] OutData Encrypted output ciphertext.
@retval EFI_SUCCESS AES Block Encryption succeeded.
@retval EFI_INVALID_PARAMETER One or more parameters are invalid.
**/
EFI_STATUS
EFIAPI
AesEncrypt (
IN UINT8 *Key,
IN UINT8 *InData,
OUT UINT8 *OutData
)
{
AES_KEY AesKey;
UINTN Nr;
UINT32 *Ek, s[4], t[4], *x, *y, *Temp;
UINTN Index, k, Round;
if ((Key == NULL) || (InData == NULL) || (OutData == NULL)) {
return EFI_INVALID_PARAMETER;
}
//
// Expands AES Key for encryption.
//
AesExpandKey (Key, 128, &AesKey);
Nr = AesKey.Nk + 6;
Ek = AesKey.eKey;
//
// Initialize the cipher State array with the initial round key
//
for (Index = 0; Index < AES_NB; Index++) {
LOAD32H (s[Index], InData + 4 * Index);
s[Index] ^= Ek[Index];
}
k = AES_NB;
x = s;
y = t;
//
// AES Cipher transformation rounds (Nr - 1 rounds), in which SubBytes(),
// ShiftRows() and MixColumns() operations were combined by a sequence of
// table lookups to speed up the execution.
//
for (Round = 1; Round < Nr; Round++) {
y[0] = AES_FT0 ((x[0] >> 24) ) ^ AES_FT1 ((x[1] >> 16) & 0xFF) ^
AES_FT2 ((x[2] >> 8) & 0xFF) ^ AES_FT3 ((x[3] ) & 0xFF) ^ Ek[k];
y[1] = AES_FT0 ((x[1] >> 24) ) ^ AES_FT1 ((x[2] >> 16) & 0xFF) ^
AES_FT2 ((x[3] >> 8) & 0xFF) ^ AES_FT3 ((x[0] ) & 0xFF) ^ Ek[k + 1];
y[2] = AES_FT0 ((x[2] >> 24) ) ^ AES_FT1 ((x[3] >> 16) & 0xFF) ^
AES_FT2 ((x[0] >> 8) & 0xFF) ^ AES_FT3 ((x[1] ) & 0xFF) ^ Ek[k + 2];
y[3] = AES_FT0 ((x[3] >> 24) ) ^ AES_FT1 ((x[0] >> 16) & 0xFF) ^
AES_FT2 ((x[1] >> 8) & 0xFF) ^ AES_FT3 ((x[2] ) & 0xFF) ^ Ek[k + 3];
k += 4;
Temp = x; x = y; y = Temp;
}
//
// Apply the final round, which does not include MixColumns() transformation
//
y[0] = (AES_FT2 ((x[0] >> 24) ) & 0xFF000000) ^ (AES_FT3 ((x[1] >> 16) & 0xFF) & 0x00FF0000) ^
(AES_FT0 ((x[2] >> 8) & 0xFF) & 0x0000FF00) ^ (AES_FT1 ((x[3] ) & 0xFF) & 0x000000FF) ^
Ek[k];
y[1] = (AES_FT2 ((x[1] >> 24) ) & 0xFF000000) ^ (AES_FT3 ((x[2] >> 16) & 0xFF) & 0x00FF0000) ^
(AES_FT0 ((x[3] >> 8) & 0xFF) & 0x0000FF00) ^ (AES_FT1 ((x[0] ) & 0xFF) & 0x000000FF) ^
Ek[k + 1];
y[2] = (AES_FT2 ((x[2] >> 24) ) & 0xFF000000) ^ (AES_FT3 ((x[3] >> 16) & 0xFF) & 0x00FF0000) ^
(AES_FT0 ((x[0] >> 8) & 0xFF) & 0x0000FF00) ^ (AES_FT1 ((x[1] ) & 0xFF) & 0x000000FF) ^
Ek[k + 2];
y[3] = (AES_FT2 ((x[3] >> 24) ) & 0xFF000000) ^ (AES_FT3 ((x[0] >> 16) & 0xFF) & 0x00FF0000) ^
(AES_FT0 ((x[1] >> 8) & 0xFF) & 0x0000FF00) ^ (AES_FT1 ((x[2] ) & 0xFF) & 0x000000FF) ^
Ek[k + 3];
//
// Output the transformed result;
//
for (Index = 0; Index < AES_NB; Index++) {
STORE32H (y[Index], OutData + 4 * Index);
}
return EFI_SUCCESS;
}

37
SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h Normal file
View File

@ -0,0 +1,37 @@
/** @file
Function prototype for AES Block Cipher support.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __AES_CORE_H__
#define __AES_CORE_H__
/**
Encrypts one single block data (128 bits) with AES algorithm.
@param[in] Key AES symmetric key buffer.
@param[in] InData One block of input plaintext to be encrypted.
@param[out] OutData Encrypted output ciphertext.
@retval EFI_SUCCESS AES Block Encryption succeeded.
@retval EFI_INVALID_PARAMETER One or more parameters are invalid.
**/
EFI_STATUS
EFIAPI
AesEncrypt (
IN UINT8 *Key,
IN UINT8 *InData,
OUT UINT8 *OutData
);
#endif // __AES_CORE_H__

67
SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm Normal file
View File

@ -0,0 +1,67 @@
;------------------------------------------------------------------------------
;
; Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
; This program and the accompanying materials
; are licensed and made available under the terms and conditions of the BSD License
; which accompanies this distribution. The full text of the license may be found at
; http://opensource.org/licenses/bsd-license.php.
;
; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
;
; Module Name:
;
; AsmRdRand.Asm
;
; Abstract:
;
; Implementation for 16-, and 32- invocations of RDRAND instruction under 32bit platform.
;
; Notes:
;
; Visual Studio coding practices do not use inline asm since multiple compilers and
; architectures are supported assembler not recognizing rdrand instruction so using DB's.
;
;------------------------------------------------------------------------------
.586P
.model flat, C
.code
;------------------------------------------------------------------------------
; Generate a 16 bit random number
; Return TRUE if Rand generated successfully, or FALSE if not
;
; BOOLEAN EFIAPI RdRand16Step (UINT16 *Rand); ECX
;------------------------------------------------------------------------------
RdRand16Step PROC
; rdrand ax ; generate a 16 bit RN into ax, CF=1 if RN generated ok, otherwise CF=0
db 0fh, 0c7h, 0f0h ; rdrand r16: "0f c7 /6 ModRM:r/m(w)"
jb rn16_ok ; jmp if CF=1
xor eax, eax ; reg=0 if CF=0
ret ; return with failure status
rn16_ok:
mov [ecx], ax
mov eax, 1
ret
RdRand16Step ENDP
;------------------------------------------------------------------------------
; Generate a 32 bit random number
; Return TRUE if Rand generated successfully, or FALSE if not
;
; BOOLEAN EFIAPI RdRand32Step (UINT32 *Rand); ECX
;------------------------------------------------------------------------------
RdRand32Step PROC
; rdrand eax ; generate a 32 bit RN into eax, CF=1 if RN generated ok, otherwise CF=0
db 0fh, 0c7h, 0f0h ; rdrand r32: "0f c7 /6 ModRM:r/m(w)"
jb rn32_ok ; jmp if CF=1
xor eax, eax ; reg=0 if CF=0
ret ; return with failure status
rn32_ok:
mov [ecx], eax
mov eax, 1
ret
RdRand32Step ENDP
END

69
SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c Normal file
View File

@ -0,0 +1,69 @@
/** @file
RDRAND Support Routines for GCC environment.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
/**
Generates a 16-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand16Step (
OUT UINT16 *Rand
)
{
UINT8 Carry;
//
// Uses byte code for RDRAND instruction,
// in case that GCC version has no direct support on RDRAND assembly.
//
__asm__ __volatile__ (
".byte 0x66; .byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
:"=a" (*Rand),
"=qm" (Carry)
);
return (BOOLEAN) Carry;
}
/**
Generates a 32-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand32Step (
OUT UINT32 *Rand
)
{
UINT8 Carry;
__asm__ __volatile__ (
".byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
:"=a" (*Rand),
"=qm" (Carry)
);
return (BOOLEAN) Carry;
}

104
SecurityPkg/RandomNumberGenerator/RngDxe/IA32/RdRandWord.c Normal file
View File

@ -0,0 +1,104 @@
/** @file
RDRAND Support Routines.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "RdRand.h"
/**
Generates a 64-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand64Step (
OUT UINT64 *Rand
)
{
UINT32 RandLow;
UINT32 RandHigh;
//
// Generating a 64-bit rand on a 32-bit system by
// mapping two 32-bit RDRAND instructions.
//
if (!RdRand32Step (&RandLow)) {
return FALSE;
}
if (!RdRand32Step (&RandHigh)) {
return FALSE;
}
*Rand = (UINT64) RandLow | LShiftU64 ((UINT64)RandHigh, 32);
return TRUE;
}
/**
Calls RDRAND to request a word-length random number.
@param[out] Rand Buffer pointer to store the random number.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS Random word generation succeeded.
@retval EFI_NOT_READY Failed to request random word.
**/
EFI_STATUS
EFIAPI
RdRandWord (
OUT UINTN *Rand,
IN BOOLEAN NeedRetry
)
{
return RdRand32 (Rand, NeedRetry);
}
/**
Calls RDRAND to request multiple word-length random numbers.
@param[in] Length Size of the buffer, in words, to fill with.
@param[out] RandBuffer Pointer to the buffer to store the random result.
@retval EFI_SUCCESS Random words generation succeeded.
@retval EFI_NOT_READY Failed to request random words.
**/
EFI_STATUS
EFIAPI
RdRandGetWords (
IN UINTN Length,
OUT UINTN *RandBuffer
)
{
EFI_STATUS Status;
UINT32 Index;
for (Index = 0; Index < Length; Index++) {
//
// Obtain one word-length (32-bit) Random Number with possible retry-loop.
//
Status = RdRand32 (RandBuffer, TRUE);
if (EFI_ERROR (Status)) {
return Status;
}
RandBuffer++;
}
return EFI_SUCCESS;
}

395
SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c Normal file
View File

@ -0,0 +1,395 @@
/** @file
Support routines for RDRAND instruction access.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "RdRand.h"
#include "AesCore.h"
//
// Bit mask used to determine if RdRand instruction is supported.
//
#define RDRAND_MASK 0x40000000
/**
Determines whether or not RDRAND instruction is supported by the host hardware.
@retval EFI_SUCCESS RDRAND instruction supported.
@retval EFI_UNSUPPORTED RDRAND instruction not supported.
**/
EFI_STATUS
EFIAPI
IsRdRandSupported (
VOID
)
{
EFI_STATUS Status;
UINT32 RegEax;
UINT32 RegEbx;
UINT32 RegEcx;
UINT32 RegEdx;
BOOLEAN IsIntelCpu;
Status = EFI_UNSUPPORTED;
IsIntelCpu = FALSE;
//
// Checks whether the current processor is an Intel product by CPUID.
//
AsmCpuid (0, &RegEax, &RegEbx, &RegEcx, &RegEdx);
if ((CompareMem ((CHAR8 *)(&RegEbx), "Genu", 4) == 0) &&
(CompareMem ((CHAR8 *)(&RegEdx), "ineI", 4) == 0) &&
(CompareMem ((CHAR8 *)(&RegEcx), "ntel", 4) == 0)) {
IsIntelCpu = TRUE;
}
if (IsIntelCpu) {
//
// Determine RDRAND support by examining bit 30 of the ECX register returned by CPUID.
// A value of 1 indicates that processor supports RDRAND instruction.
//
AsmCpuid (1, 0, 0, &RegEcx, 0);
if ((RegEcx & RDRAND_MASK) == RDRAND_MASK) {
Status = EFI_SUCCESS;
}
}
return Status;
}
/**
Calls RDRAND to obtain a 16-bit random number.
@param[out] Rand Buffer pointer to store the random result.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS RDRAND call was successful.
@retval EFI_NOT_READY Failed attempts to call RDRAND.
**/
EFI_STATUS
EFIAPI
RdRand16 (
OUT UINT16 *Rand,
IN BOOLEAN NeedRetry
)
{
UINT32 Index;
UINT32 RetryCount;
if (NeedRetry) {
RetryCount = RETRY_LIMIT;
} else {
RetryCount = 1;
}
//
// Perform a single call to RDRAND, or enter a loop call until RDRAND succeeds.
//
for (Index = 0; Index < RetryCount; Index++) {
if (RdRand16Step (Rand)) {
return EFI_SUCCESS;
}
}
return EFI_NOT_READY;
}
/**
Calls RDRAND to obtain a 32-bit random number.
@param[out] Rand Buffer pointer to store the random result.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS RDRAND call was successful.
@retval EFI_NOT_READY Failed attempts to call RDRAND.
**/
EFI_STATUS
EFIAPI
RdRand32 (
OUT UINT32 *Rand,
IN BOOLEAN NeedRetry
)
{
UINT32 Index;
UINT32 RetryCount;
if (NeedRetry) {
RetryCount = RETRY_LIMIT;
} else {
RetryCount = 1;
}
//
// Perform a single call to RDRAND, or enter a loop call until RDRAND succeeds.
//
for (Index = 0; Index < RetryCount; Index++) {
if (RdRand32Step (Rand)) {
return EFI_SUCCESS;
}
}
return EFI_NOT_READY;
}
/**
Calls RDRAND to obtain a 64-bit random number.
@param[out] Rand Buffer pointer to store the random result.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS RDRAND call was successful.
@retval EFI_NOT_READY Failed attempts to call RDRAND.
**/
EFI_STATUS
EFIAPI
RdRand64 (
OUT UINT64 *Rand,
IN BOOLEAN NeedRetry
)
{
UINT32 Index;
UINT32 RetryCount;
if (NeedRetry) {
RetryCount = RETRY_LIMIT;
} else {
RetryCount = 1;
}
//
// Perform a single call to RDRAND, or enter a loop call until RDRAND succeeds.
//
for (Index = 0; Index < RetryCount; Index++) {
if (RdRand64Step (Rand)) {
return EFI_SUCCESS;
}
}
return EFI_NOT_READY;
}
/**
Calls RDRAND to fill a buffer of arbitrary size with random bytes.
@param[in] Length Size of the buffer, in bytes, to fill with.
@param[out] RandBuffer Pointer to the buffer to store the random result.
@retval EFI_SUCCESS Random bytes generation succeeded.
@retval EFI_NOT_READY Failed to request random bytes.
**/
EFI_STATUS
EFIAPI
RdRandGetBytes (
IN UINTN Length,
OUT UINT8 *RandBuffer
)
{
EFI_STATUS Status;
UINT8 *Start;
UINT8 *ResidualStart;
UINTN *BlockStart;
UINTN TempRand;
UINTN Count;
UINTN Residual;
UINTN StartLen;
UINTN BlockNum;
UINTN Index;
ResidualStart = NULL;
TempRand = 0;
//
// Compute the address of the first word aligned (32/64-bit) block in the
// destination buffer, depending on whether we are in 32- or 64-bit mode.
//
Start = RandBuffer;
if (((UINT32)(UINTN)Start % (UINT32)sizeof(UINTN)) == 0) {
BlockStart = (UINTN *)Start;
Count = Length;
StartLen = 0;
} else {
BlockStart = (UINTN *)(((UINTN)Start & ~(UINTN)(sizeof(UINTN) - 1)) + (UINTN)sizeof(UINTN));
Count = Length - (sizeof (UINTN) - (UINT32)((UINTN)Start % sizeof (UINTN)));
StartLen = (UINT32)((UINTN)BlockStart - (UINTN)Start);
}
//
// Compute the number of word blocks and the remaining number of bytes.
//
Residual = Count % sizeof (UINTN);
BlockNum = Count / sizeof (UINTN);
if (Residual != 0) {
ResidualStart = (UINT8 *) (BlockStart + BlockNum);
}
//
// Obtain a temporary random number for use in the residuals. Failout if retry fails.
//
if (StartLen > 0) {
Status = RdRandWord ((UINTN *) &TempRand, TRUE);
if (EFI_ERROR (Status)) {
return Status;
}
}
//
// Populate the starting mis-aligned block.
//
for (Index = 0; Index < StartLen; Index++) {
Start[Index] = (UINT8)(TempRand & 0xff);
TempRand = TempRand >> 8;
}
//
// Populate the central aligned block. Fail out if retry fails.
//
Status = RdRandGetWords (BlockNum, (UINTN *)(BlockStart));
if (EFI_ERROR (Status)) {
return Status;
}
//
// Populate the final mis-aligned block.
//
if (Residual > 0) {
Status = RdRandWord ((UINTN *)&TempRand, TRUE);
if (EFI_ERROR (Status)) {
return Status;
}
for (Index = 0; Index < Residual; Index++) {
ResidualStart[Index] = (UINT8)(TempRand & 0xff);
TempRand = TempRand >> 8;
}
}
return EFI_SUCCESS;
}
/**
Creates a 128bit random value that is fully forward and backward prediction resistant,
suitable for seeding a NIST SP800-90 Compliant, FIPS 1402-2 certifiable SW DRBG.
This function takes multiple random numbers through RDRAND without intervening
delays to ensure reseeding and performs AES-CBC-MAC over the data to compute the
seed value.
@param[out] SeedBuffer Pointer to a 128bit buffer to store the random seed.
@retval EFI_SUCCESS Random seed generation succeeded.
@retval EFI_NOT_READY Failed to request random bytes.
**/
EFI_STATUS
EFIAPI
RdRandGetSeed128 (
OUT UINT8 *SeedBuffer
)
{
EFI_STATUS Status;
UINT8 RandByte[16];
UINT8 Key[16];
UINT8 Ffv[16];
UINT8 Xored[16];
UINT32 Index;
UINT32 Index2;
//
// Chose an arbitary key and zero the feed_forward_value (FFV)
//
for (Index = 0; Index < 16; Index++) {
Key[Index] = (UINT8) Index;
Ffv[Index] = 0;
}
//
// Perform CBC_MAC over 32 * 128 bit values, with 10us gaps between 128 bit value
// The 10us gaps will ensure multiple reseeds within the HW RNG with a large design margin.
//
for (Index = 0; Index < 32; Index++) {
MicroSecondDelay (10);
Status = RdRandGetBytes (16, RandByte);
if (EFI_ERROR (Status)) {
return Status;
}
//
// Perform XOR operations on two 128-bit value.
//
for (Index2 = 0; Index2 < 16; Index2++) {
Xored[Index2] = RandByte[Index2] ^ Ffv[Index2];
}
AesEncrypt (Key, Xored, Ffv);
}
for (Index = 0; Index < 16; Index++) {
SeedBuffer[Index] = Ffv[Index];
}
return EFI_SUCCESS;
}
/**
Generate high-quality entropy source through RDRAND.
@param[in] Length Size of the buffer, in bytes, to fill with.
@param[out] Entropy Pointer to the buffer to store the entropy data.
@retval EFI_SUCCESS Entropy generation succeeded.
@retval EFI_NOT_READY Failed to request random data.
**/
EFI_STATUS
EFIAPI
RdRandGenerateEntropy (
IN UINTN Length,
OUT UINT8 *Entropy
)
{
EFI_STATUS Status;
UINTN BlockCount;
UINT8 Seed[16];
UINT8 *Ptr;
Status = EFI_NOT_READY;
BlockCount = Length / 16;
Ptr = (UINT8 *)Entropy;
//
// Generate high-quality seed for DRBG Entropy
//
while (BlockCount > 0) {
Status = RdRandGetSeed128 (Seed);
if (EFI_ERROR (Status)) {
return Status;
}
CopyMem (Ptr, Seed, 16);
BlockCount--;
Ptr = Ptr + 16;
}
//
// Populate the remained data as request.
//
Status = RdRandGetSeed128 (Seed);
if (EFI_ERROR (Status)) {
return Status;
}
CopyMem (Ptr, Seed, (Length % 16));
return Status;
}

213
SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h Normal file
View File

@ -0,0 +1,213 @@
/** @file
Header for the RDRAND APIs used by RNG DXE driver.
Support API definitions for RDRAND instruction access, which will leverage
Intel Secure Key technology to provide high-quality random numbers for use
in applications, or entropy for seeding other random number generators.
Refer to http://software.intel.com/en-us/articles/intel-digital-random-number
-generator-drng-software-implementation-guide/ for more information about Intel
Secure Key technology.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __RD_RAND_H__
#define __RD_RAND_H__
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/TimerLib.h>
#include <Protocol/Rng.h>
//
// The maximun number of retries to obtain one available random number.
//
#define RETRY_LIMIT 10
/**
Determines whether or not RDRAND instruction is supported by the host hardware.
@retval EFI_SUCCESS RDRAND instruction supported.
@retval EFI_UNSUPPORTED RDRAND instruction not supported.
**/
EFI_STATUS
EFIAPI
IsRdRandSupported (
VOID
);
/**
Generates a 16-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand16Step (
OUT UINT16 *Rand
);
/**
Generates a 32-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand32Step (
OUT UINT32 *Rand
);
/**
Generates a 64-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand64Step (
OUT UINT64 *Rand
);
/**
Calls RDRAND to obtain a 16-bit random number.
@param[out] Rand Buffer pointer to store the random result.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS RDRAND call was successful.
@retval EFI_NOT_READY Failed attempts to call RDRAND.
**/
EFI_STATUS
EFIAPI
RdRand16 (
OUT UINT16 *Rand,
IN BOOLEAN NeedRetry
);
/**
Calls RDRAND to obtain a 32-bit random number.
@param[out] Rand Buffer pointer to store the random result.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS RDRAND call was successful.
@retval EFI_NOT_READY Failed attempts to call RDRAND.
**/
EFI_STATUS
EFIAPI
RdRand32 (
OUT UINT32 *Rand,
IN BOOLEAN NeedRetry
);
/**
Calls RDRAND to obtain a 64-bit random number.
@param[out] Rand Buffer pointer to store the random result.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS RDRAND call was successful.
@retval EFI_NOT_READY Failed attempts to call RDRAND.
**/
EFI_STATUS
EFIAPI
RdRand64 (
OUT UINT64 *Rand,
IN BOOLEAN NeedRetry
);
/**
Calls RDRAND to request a word-length random number.
@param[out] Rand Buffer pointer to store the random number.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS Random word generation succeeded.
@retval EFI_NOT_READY Failed to request random word.
**/
EFI_STATUS
EFIAPI
RdRandWord (
OUT UINTN *Rand,
IN BOOLEAN NeedRetry
);
/**
Calls RDRAND to request multiple word-length random numbers.
@param[in] Length Size of the buffer, in words, to fill with.
@param[out] RandBuffer Pointer to the buffer to store the random result.
@retval EFI_SUCCESS Random words generation succeeded.
@retval EFI_NOT_READY Failed to request random words.
**/
EFI_STATUS
EFIAPI
RdRandGetWords (
IN UINTN Length,
OUT UINTN *RandBuffer
);
/**
Calls RDRAND to fill a buffer of arbitrary size with random bytes.
@param[in] Length Size of the buffer, in bytes, to fill with.
@param[out] RandBuffer Pointer to the buffer to store the random result.
@retval EFI_SUCCESS Random bytes generation succeeded.
@retval EFI_NOT_READY Failed to request random bytes.
**/
EFI_STATUS
EFIAPI
RdRandGetBytes (
IN UINTN Length,
OUT UINT8 *RandBuffer
);
/**
Generate high-quality entropy source through RDRAND.
@param[in] Length Size of the buffer, in bytes, to fill with.
@param[out] Entropy Pointer to the buffer to store the entropy data.
@retval EFI_SUCCESS Entropy generation succeeded.
@retval EFI_NOT_READY Failed to request random data.
**/
EFI_STATUS
EFIAPI
RdRandGenerateEntropy (
IN UINTN Length,
OUT UINT8 *Entropy
);
#endif // __RD_RAND_H__

219
SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c Normal file
View File

@ -0,0 +1,219 @@
/** @file
RNG Driver to produce the UEFI Random Number Generator protocol.
The driver will use the new RDRAND instruction to produce high-quality, high-performance
entropy and random number.
RNG Algoritnms defined in UEFI 2.4:
- EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID - Supported
(RDRAND implements a hardware NIST SP800-90 AES-CTR-256 based DRBG)
- EFI_RNG_ALGORITHM_RAW - Supported
(Structuring RDRAND invocation can be guaranteed as high-quality entropy source)
- EFI_RNG_ALGORITHM_SP800_90_HMAC_256_GUID - Unsupported
- EFI_RNG_ALGORITHM_SP800_90_HASH_256_GUID - Unsupported
- EFI_RNG_ALGORITHM_X9_31_3DES_GUID - Unsupported
- EFI_RNG_ALGORITHM_X9_31_AES_GUID - Unsupported
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "RdRand.h"
//
// Supported RNG Algorithms list by this driver.
//
EFI_RNG_ALGORITHM mSupportedRngAlgorithms[] = {
EFI_RNG_ALGORITHM_SP800_90_CTR_256_GUID,
EFI_RNG_ALGORITHM_RAW
};
/**
Returns information about the random number generation implementation.
@param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
@param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
On output with a return code of EFI_SUCCESS, the size
in bytes of the data returned in RNGAlgorithmList. On output
with a return code of EFI_BUFFER_TOO_SMALL,
the size of RNGAlgorithmList required to obtain the list.
@param[out] RNGAlgorithmList A caller-allocated memory buffer filled by the driver
with one EFI_RNG_ALGORITHM element for each supported
RNG algorithm. The list must not change across multiple
calls to the same driver. The first algorithm in the list
is the default algorithm for the driver.
@retval EFI_SUCCESS The RNG algorithm list was returned successfully.
@retval EFI_UNSUPPORTED The services is not supported by this driver.
@retval EFI_DEVICE_ERROR The list of algorithms could not be retrieved due to a
hardware or firmware error.
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
@retval EFI_BUFFER_TOO_SMALL The buffer RNGAlgorithmList is too small to hold the result.
**/
EFI_STATUS
EFIAPI
RngGetInfo (
IN EFI_RNG_PROTOCOL *This,
IN OUT UINTN *RNGAlgorithmListSize,
OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
)
{
EFI_STATUS Status;
UINTN RequiredSize;
if ((This == NULL) || (RNGAlgorithmListSize == NULL)) {
return EFI_INVALID_PARAMETER;
}
RequiredSize = sizeof (mSupportedRngAlgorithms);
if (*RNGAlgorithmListSize < RequiredSize) {
Status = EFI_BUFFER_TOO_SMALL;
} else {
//
// Return algorithm list supported by driver.
//
if (RNGAlgorithmList != NULL) {
CopyMem (RNGAlgorithmList, mSupportedRngAlgorithms, RequiredSize);
Status = EFI_SUCCESS;
} else {
Status = EFI_INVALID_PARAMETER;
}
}
*RNGAlgorithmListSize = RequiredSize;
return Status;
}
/**
Produces and returns an RNG value using either the default or specified RNG algorithm.
@param[in] This A pointer to the EFI_RNG_PROTOCOL instance.
@param[in] RNGAlgorithm A pointer to the EFI_RNG_ALGORITHM that identifies the RNG
algorithm to use. May be NULL in which case the function will
use its default RNG algorithm.
@param[in] RNGValueLength The length in bytes of the memory buffer pointed to by
RNGValue. The driver shall return exactly this numbers of bytes.
@param[out] RNGValue A caller-allocated memory buffer filled by the driver with the
resulting RNG value.
@retval EFI_SUCCESS The RNG value was returned successfully.
@retval EFI_UNSUPPORTED The algorithm specified by RNGAlgorithm is not supported by
this driver.
@retval EFI_DEVICE_ERROR An RNG value could not be retrieved due to a hardware or
firmware error.
@retval EFI_NOT_READY There is not enough random data available to satisfy the length
requested by RNGValueLength.
@retval EFI_INVALID_PARAMETER RNGValue is NULL or RNGValueLength is zero.
**/
EFI_STATUS
EFIAPI
RngGetRNG (
IN EFI_RNG_PROTOCOL *This,
IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL
IN UINTN RNGValueLength,
OUT UINT8 *RNGValue
)
{
EFI_STATUS Status;
if ((RNGValueLength == 0) || (RNGValue == NULL)) {
return EFI_INVALID_PARAMETER;
}
Status = EFI_UNSUPPORTED;
if (RNGAlgorithm == NULL) {
//
// Use the default RNG algorithm if RNGAlgorithm is NULL.
//
RNGAlgorithm = &gEfiRngAlgorithmSp80090Ctr256Guid;
}
//
// NIST SP800-90-AES-CTR-256 supported by RDRAND
//
if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmSp80090Ctr256Guid)) {
Status = RdRandGetBytes (RNGValueLength, RNGValue);
return Status;
}
//
// The "raw" algorithm is intended to provide entropy directly
//
if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) {
//
// When a DRBG is used on the output of a entropy source,
// its security level must be at least 256 bits according to UEFI Spec.
//
if (RNGValueLength < 32) {
return EFI_INVALID_PARAMETER;
}
Status = RdRandGenerateEntropy (RNGValueLength, RNGValue);
return Status;
}
//
// Other algorithms were unsupported by this driver.
//
return Status;
}
//
// The Random Number Generator (RNG) protocol
//
EFI_RNG_PROTOCOL mRngRdRand = {
RngGetInfo,
RngGetRNG
};
/**
The user Entry Point for the Random Number Generator (RNG) driver.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The entry point is executed successfully.
@retval EFI_NOT_SUPPORTED Platform does not support RNG.
@retval Other Some error occurs when executing this entry point.
**/
EFI_STATUS
EFIAPI
RngDriverEntry (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
EFI_HANDLE Handle;
//
// Verify RdRand support on Platform.
//
Status = IsRdRandSupported ();
if (EFI_ERROR (Status)) {
return Status;
}
//
// Install UEFI RNG (Random Number Generator) Protocol
//
Handle = NULL;
Status = gBS->InstallMultipleProtocolInterfaces (
&Handle,
&gEfiRngProtocolGuid,
&mRngRdRand,
NULL
);
return Status;
}

75
SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf Normal file
View File

@ -0,0 +1,75 @@
## @file
# Module that produces the UEFI Random Number Generator protocol.
#
# This module will leverage Intel Secure Key technology to produce the Random
# Number Generator protocol, which is used to provide high-quality random numbers
# for use in applications, or entropy for seeding other random number generators.
# Refer to http://software.intel.com/en-us/articles/intel-digital-random-number
# -generator-drng-software-implementation-guide/ for more information about Intel
# Secure Key technology.
#
# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = RngDxe
FILE_GUID = B981A835-6EE8-4f4c-AE0B-210AA0BFBF01
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
ENTRY_POINT = RngDriverEntry
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64
#
[Sources.common]
RngDxe.c
RdRand.c
AesCore.c
[Sources.IA32]
IA32/RdRandWord.c
IA32/AsmRdRand.asm | MSFT
IA32/GccRdRand.c | GCC
[Sources.X64]
X64/RdRandWord.c
X64/AsmRdRand.asm | MSFT
X64/GccRdRand.c | GCC
[Packages]
MdePkg/MdePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
UefiLib
UefiBootServicesTableLib
BaseLib
DebugLib
UefiDriverEntryPoint
TimerLib
[Guids]
gEfiRngAlgorithmSp80090Hash256Guid
gEfiRngAlgorithmSp80090Hmac256Guid
gEfiRngAlgorithmSp80090Ctr256Guid
gEfiRngAlgorithmX9313DesGuid
gEfiRngAlgorithmX931AesGuid
gEfiRngAlgorithmRaw
[Protocols]
gEfiRngProtocolGuid ## PRODUCES
[Depex]
TRUE

83
SecurityPkg/RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm Normal file
View File

@ -0,0 +1,83 @@
;------------------------------------------------------------------------------
;
; Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
; This program and the accompanying materials
; are licensed and made available under the terms and conditions of the BSD License
; which accompanies this distribution. The full text of the license may be found at
; http://opensource.org/licenses/bsd-license.php.
;
; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
;
; Module Name:
;
; AsmRdRand.Asm
;
; Abstract:
;
; Implementation for 16-, 32-, and 64-bit invocations of RDRAND instruction under 64bit platform.
;
; Notes:
;
; Visual Studio coding practices do not use inline asm since multiple compilers and
; architectures are supported assembler not recognizing rdrand instruction so using DB's.
;
;------------------------------------------------------------------------------
.code
;------------------------------------------------------------------------------
; Generate a 16 bit random number
; Return TRUE if Rand generated successfully, or FALSE if not
;
; BOOLEAN EFIAPI RdRand16Step (UINT16 *Rand); RCX
;------------------------------------------------------------------------------
RdRand16Step PROC
; rdrand ax ; generate a 16 bit RN into ax, CF=1 if RN generated ok, otherwise CF=0
db 0fh, 0c7h, 0f0h ; rdrand r16: "0f c7 /6 ModRM:r/m(w)"
jb rn16_ok ; jmp if CF=1
xor rax, rax ; reg=0 if CF=0
ret ; return with failure status
rn16_ok:
mov [rcx], ax
mov rax, 1
ret
RdRand16Step ENDP
;------------------------------------------------------------------------------
; Generate a 32 bit random number
; Return TRUE if Rand generated successfully, or FALSE if not
;
; BOOLEAN EFIAPI RdRand32Step (UINT32 *Rand); RCX
;------------------------------------------------------------------------------
RdRand32Step PROC
; rdrand eax ; generate a 32 bit RN into eax, CF=1 if RN generated ok, otherwise CF=0
db 0fh, 0c7h, 0f0h ; rdrand r32: "0f c7 /6 ModRM:r/m(w)"
jb rn32_ok ; jmp if CF=1
xor rax, rax ; reg=0 if CF=0
ret ; return with failure status
rn32_ok:
mov [rcx], eax
mov rax, 1
ret
RdRand32Step ENDP
;------------------------------------------------------------------------------
; Generate a 64 bit random number
; Return TRUE if RN generated successfully, or FALSE if not
;
; BOOLEAN EFIAPI RdRand64Step (UINT64 *Random); RCX
;------------------------------------------------------------------------------
RdRand64Step PROC
; rdrand rax ; generate a 64 bit RN into rax, CF=1 if RN generated ok, otherwise CF=0
db 048h, 0fh, 0c7h, 0f0h ; rdrand r64: "REX.W + 0F C7 /6 ModRM:r/m(w)"
jb rn64_ok ; jmp if CF=1
xor rax, rax ; reg=0 if CF=0
ret ; return with failure status
rn64_ok:
mov [rcx], rax
mov rax, 1
ret
RdRand64Step ENDP
END

95
SecurityPkg/RandomNumberGenerator/RngDxe/X64/GccRdRand.c Normal file
View File

@ -0,0 +1,95 @@
/** @file
RDRAND Support Routines for GCC environment.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
/**
Generates a 16-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand16Step (
OUT UINT16 *Rand
)
{
UINT8 Carry;
//
// Uses byte code for RDRAND instruction,
// in case that GCC version has no direct support on RDRAND assembly.
//
__asm__ __volatile__ (
".byte 0x66; .byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
:"=a" (*Rand),
"=qm" (Carry)
);
return (BOOLEAN) Carry;
}
/**
Generates a 32-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand32Step (
OUT UINT32 *Rand
)
{
UINT8 Carry;
__asm__ __volatile__ (
".byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
:"=a" (*Rand),
"=qm" (Carry)
);
return (BOOLEAN) Carry;
}
/**
Generates a 64-bit random number through RDRAND instruction.
@param[out] Rand Buffer pointer to store the random result.
@retval TRUE RDRAND call was successful.
@retval FALSE Failed attempts to call RDRAND.
**/
BOOLEAN
EFIAPI
RdRand64Step (
OUT UINT64 *Rand
)
{
UINT8 Carry;
__asm__ __volatile__ (
".byte 0x48; .byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
:"=a" (*Rand),
"=qm" (Carry)
);
return (BOOLEAN) Carry;
}

70
SecurityPkg/RandomNumberGenerator/RngDxe/X64/RdRandWord.c Normal file
View File

@ -0,0 +1,70 @@
/** @file
RDRAND Support Routines.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "RdRand.h"
/**
Calls RDRAND to request a word-length random number.
@param[out] Rand Buffer pointer to store the random number.
@param[in] NeedRetry Determine whether or not to loop retry.
@retval EFI_SUCCESS Random word generation succeeded.
@retval EFI_NOT_READY Failed to request random word.
**/
EFI_STATUS
EFIAPI
RdRandWord (
OUT UINTN *Rand,
IN BOOLEAN NeedRetry
)
{
return RdRand64 (Rand, NeedRetry);
}
/**
Calls RDRAND to request multiple word-length random numbers.
@param[in] Length Size of the buffer, in words, to fill with.
@param[out] RandBuffer Pointer to the buffer to store the random result.
@retval EFI_SUCCESS Random words generation succeeded.
@retval EFI_NOT_READY Failed to request random words.
**/
EFI_STATUS
EFIAPI
RdRandGetWords (
IN UINTN Length,
OUT UINTN *RandBuffer
)
{
EFI_STATUS Status;
UINT32 Index;
for (Index = 0; Index < Length; Index++) {
//
// Obtain one word-length (64-bit) Random Number with possible retry-loop.
//
Status = RdRand64 (RandBuffer, TRUE);
if (EFI_ERROR (Status)) {
return Status;
}
RandBuffer++;
}
return EFI_SUCCESS;
}

5
SecurityPkg/SecurityPkg.dsc
View File

@ -129,6 +129,7 @@
# Application
#
SecurityPkg/Application/VariableInfo/VariableInfo.inf
SecurityPkg/Application/RngTest/RngTest.inf
#
# TPM
@ -214,6 +215,10 @@
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
SecurityPkg/Tcg/TrEESmm/TrEESmm.inf
#
# Random Number Generator
#
SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
[Components.IPF]
SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf