mirror of https://github.com/acidanthera/audk.git
a85336531c
Removed from gEfiRngAlgorithmRaw an incorrect assumption that
Raw cannot return less than 256 bits. The DRNG Algorithms
should always use a 256 bit seed as per nist standards
however a caller is free to request less than 256 bits.
>
> //
> // When a DRBG is used on the output of a entropy source,
> // its security level must be at least 256 bits according to UEFI
Spec.
> //
> if (RNGValueLength < 32) {
> return EFI_INVALID_PARAMETER;
> }
>
AARCH64 platforms do not have this limitation and this brings both
implementations into alignment with each other and the spec.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewe Yao <Jiewen.yao@intel.com>
|
||
|---|---|---|
| .. | ||
| DeviceSecurity | ||
| EnrollFromDefaultKeysApp | ||
| FvReportPei | ||
| Hash2DxeCrypto | ||
| HddPassword | ||
| Include | ||
| Library | ||
| Pkcs7Verify/Pkcs7VerifyDxe | ||
| RandomNumberGenerator/RngDxe | ||
| Tcg | ||
| Test | ||
| VariableAuthenticated | ||
| SecurityFixes.yaml | ||
| SecurityPkg.ci.yaml | ||
| SecurityPkg.dec | ||
| SecurityPkg.dsc | ||
| SecurityPkg.uni | ||
| SecurityPkgExtra.uni | ||