Use current time value as default random seed in BaseCryptLib.

Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Sun Rui <rui.sun@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13300 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
tye1 2012-05-10 07:58:02 +00:00
parent 4e33001c6e
commit 7ce960e712
5 changed files with 239 additions and 4 deletions

View File

@ -1,7 +1,7 @@
## @file ## @file
# Cryptographic Library Instance for DXE_DRIVER. # Cryptographic Library Instance for DXE_DRIVER.
# #
# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at # which accompanies this distribution. The full text of the license may be found at
@ -37,7 +37,6 @@
Cipher/CryptAes.c Cipher/CryptAes.c
Cipher/CryptTdes.c Cipher/CryptTdes.c
Cipher/CryptArc4.c Cipher/CryptArc4.c
Rand/CryptRand.c
Pk/CryptRsa.c Pk/CryptRsa.c
Pk/CryptPkcs7.c Pk/CryptPkcs7.c
Pk/CryptDh.c Pk/CryptDh.c
@ -68,6 +67,17 @@
SysCall/Ia32/MathLShiftS64.S | GCC SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC SysCall/Ia32/MathRShiftU64.S | GCC
Rand/CryptRandTsc.c
[Sources.X64]
Rand/CryptRandTsc.c
[Sources.IPF]
Rand/CryptRandItc.c
[Sources.ARM]
Rand/CryptRand.c
[Packages] [Packages]
MdePkg/MdePkg.dec MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec CryptoPkg/CryptoPkg.dec
@ -79,6 +89,7 @@
DebugLib DebugLib
OpensslLib OpensslLib
IntrinsicLib IntrinsicLib
PrintLib
# #
# Remove these [BuildOptions] after this library is cleaned up # Remove these [BuildOptions] after this library is cleaned up

View File

@ -0,0 +1,101 @@
/** @file
Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "InternalCryptLib.h"
#include <openssl/rand.h>
#include <Library/PrintLib.h>
/**
Sets up the seed value for the pseudorandom number generator.
This function sets up the seed value for the pseudorandom number generator.
If Seed is not NULL, then the seed passed in is used.
If Seed is NULL, then default seed is used.
@param[in] Seed Pointer to seed value.
If NULL, default seed is used.
@param[in] SeedSize Size of seed value.
If Seed is NULL, this parameter is ignored.
@retval TRUE Pseudorandom number generator has enough entropy for random generation.
@retval FALSE Pseudorandom number generator does not have enough entropy for random generation.
**/
BOOLEAN
EFIAPI
RandomSeed (
IN CONST UINT8 *Seed OPTIONAL,
IN UINTN SeedSize
)
{
CHAR8 DefaultSeed[128];
//
// Seed the pseudorandom number generator with user-supplied value.
// NOTE: A cryptographic PRNG must be seeded with unpredictable data.
//
if (Seed != NULL) {
RAND_seed (Seed, (UINT32) SeedSize);
} else {
//
// Retrieve current time.
//
AsciiSPrint (
DefaultSeed,
sizeof (DefaultSeed),
"UEFI Crypto Library default seed (%ld)",
AsmReadItc ()
);
RAND_seed (DefaultSeed, sizeof (DefaultSeed));
}
return TRUE;
}
/**
Generates a pseudorandom byte stream of the specified size.
If Output is NULL, then return FALSE.
@param[out] Output Pointer to buffer to receive random value.
@param[in] Size Size of randome bytes to generate.
@retval TRUE Pseudorandom byte stream generated successfully.
@retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.
**/
BOOLEAN
EFIAPI
RandomBytes (
OUT UINT8 *Output,
IN UINTN Size
)
{
//
// Check input parameters.
//
if (Output == NULL) {
return FALSE;
}
//
// Generate random data.
//
if (RAND_bytes (Output, (UINT32) Size) != 1) {
return FALSE;
}
return TRUE;
}

View File

@ -0,0 +1,101 @@
/** @file
Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "InternalCryptLib.h"
#include <openssl/rand.h>
#include <Library/PrintLib.h>
/**
Sets up the seed value for the pseudorandom number generator.
This function sets up the seed value for the pseudorandom number generator.
If Seed is not NULL, then the seed passed in is used.
If Seed is NULL, then default seed is used.
@param[in] Seed Pointer to seed value.
If NULL, default seed is used.
@param[in] SeedSize Size of seed value.
If Seed is NULL, this parameter is ignored.
@retval TRUE Pseudorandom number generator has enough entropy for random generation.
@retval FALSE Pseudorandom number generator does not have enough entropy for random generation.
**/
BOOLEAN
EFIAPI
RandomSeed (
IN CONST UINT8 *Seed OPTIONAL,
IN UINTN SeedSize
)
{
CHAR8 DefaultSeed[128];
//
// Seed the pseudorandom number generator with user-supplied value.
// NOTE: A cryptographic PRNG must be seeded with unpredictable data.
//
if (Seed != NULL) {
RAND_seed (Seed, (UINT32) SeedSize);
} else {
//
// Retrieve current time.
//
AsciiSPrint (
DefaultSeed,
sizeof (DefaultSeed),
"UEFI Crypto Library default seed (%ld)",
AsmReadTsc ()
);
RAND_seed (DefaultSeed, sizeof (DefaultSeed));
}
return TRUE;
}
/**
Generates a pseudorandom byte stream of the specified size.
If Output is NULL, then return FALSE.
@param[out] Output Pointer to buffer to receive random value.
@param[in] Size Size of randome bytes to generate.
@retval TRUE Pseudorandom byte stream generated successfully.
@retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.
**/
BOOLEAN
EFIAPI
RandomBytes (
OUT UINT8 *Output,
IN UINTN Size
)
{
//
// Check input parameters.
//
if (Output == NULL) {
return FALSE;
}
//
// Generate random data.
//
if (RAND_bytes (Output, (UINT32) Size) != 1) {
return FALSE;
}
return TRUE;
}

View File

@ -31,7 +31,6 @@
Hash/CryptMd5.c Hash/CryptMd5.c
Hash/CryptSha1.c Hash/CryptSha1.c
Hash/CryptSha256.c Hash/CryptSha256.c
Rand/CryptRand.c
Pk/CryptRsa.c Pk/CryptRsa.c
Pk/CryptPkcs7.c Pk/CryptPkcs7.c
Pk/CryptX509.c Pk/CryptX509.c
@ -60,6 +59,17 @@
SysCall/Ia32/MathLShiftS64.S | GCC SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC SysCall/Ia32/MathRShiftU64.S | GCC
Rand/CryptRandTsc.c
[Sources.X64]
Rand/CryptRandTsc.c
[Sources.IPF]
Rand/CryptRandItc.c
[Sources.ARM]
Rand/CryptRand.c
[Packages] [Packages]
MdePkg/MdePkg.dec MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec CryptoPkg/CryptoPkg.dec
@ -73,6 +83,7 @@
DebugLib DebugLib
OpensslLib OpensslLib
IntrinsicLib IntrinsicLib
PrintLib
# #
# Remove these [BuildOptions] after this library is cleaned up # Remove these [BuildOptions] after this library is cleaned up

View File

@ -31,7 +31,6 @@
Hash/CryptMd5.c Hash/CryptMd5.c
Hash/CryptSha1.c Hash/CryptSha1.c
Hash/CryptSha256.c Hash/CryptSha256.c
Rand/CryptRand.c
Pk/CryptRsa.c Pk/CryptRsa.c
Pk/CryptPkcs7.c Pk/CryptPkcs7.c
Pk/CryptX509.c Pk/CryptX509.c
@ -60,6 +59,17 @@
SysCall/Ia32/MathLShiftS64.S | GCC SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC SysCall/Ia32/MathRShiftU64.S | GCC
Rand/CryptRandTsc.c
[Sources.X64]
Rand/CryptRandTsc.c
[Sources.IPF]
Rand/CryptRandItc.c
[Sources.ARM]
Rand/CryptRand.c
[Packages] [Packages]
MdePkg/MdePkg.dec MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec CryptoPkg/CryptoPkg.dec
@ -71,6 +81,7 @@
MemoryAllocationLib MemoryAllocationLib
OpensslLib OpensslLib
IntrinsicLib IntrinsicLib
PrintLib
# #
# Remove these [BuildOptions] after this library is cleaned up # Remove these [BuildOptions] after this library is cleaned up