回复: [edk2-devel] [PATCH v9 2/5] MdePkg: BaseRngLibDxe: Add RngLib that uses RngDxe
gaoliming
gaoliming at byosoft.com.cn
Thu Aug 27 01:28:55 UTC 2020
Matthew:
> -----邮件原件-----
> 发件人: bounce+27952+64654+4905953+8761045 at groups.io
> <bounce+27952+64654+4905953+8761045 at groups.io> 代表 Matthew
> Carlson
> 发送时间: 2020年8月27日 4:55
> 收件人: devel at edk2.groups.io
> 抄送: Ard Biesheuvel <ard.biesheuvel at arm.com>; Michael D Kinney
> <michael.d.kinney at intel.com>; Liming Gao <liming.gao at intel.com>;
> Zhiguang Liu <zhiguang.liu at intel.com>; Matthew Carlson
> <matthewfcarlson at gmail.com>
> 主题: [edk2-devel] [PATCH v9 2/5] MdePkg: BaseRngLibDxe: Add RngLib that
> uses RngDxe
>
> From: Matthew Carlson <macarl at microsoft.com>
>
> This adds a RngLib that uses the RngProtocol to provide randomness.
> This means that the RngLib is meant to be used with DXE_DRIVERS.
>
> Ref: https://github.com/tianocore/edk2/pull/845
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1871
>
> Cc: Ard Biesheuvel <ard.biesheuvel at arm.com>
> Cc: Michael D Kinney <michael.d.kinney at intel.com>
> Cc: Liming Gao <liming.gao at intel.com>
> Cc: Zhiguang Liu <zhiguang.liu at intel.com>
> Signed-off-by: Matthew Carlson <matthewfcarlson at gmail.com>
> ---
> MdePkg/Library/DxeRngLib/DxeRngLib.c | 199 ++++++++++++++++++++
> MdePkg/Library/DxeRngLib/DxeRngLib.inf | 38 ++++
> MdePkg/Library/DxeRngLib/DxeRngLib.uni | 15 ++
> MdePkg/MdePkg.dsc | 4 +-
> 4 files changed, 255 insertions(+), 1 deletion(-)
>
> diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.c
> b/MdePkg/Library/DxeRngLib/DxeRngLib.c
> new file mode 100644
> index 000000000000..8d4e05e52d57
> --- /dev/null
> +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.c
> @@ -0,0 +1,199 @@
> +/** @file
>
> + Provides an implementation of the library class RngLib that uses the Rng
> protocol.
>
> +
>
> + Copyright (c) Microsoft Corporation. All rights reserved.
>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +#include <Uefi.h>
>
> +#include <Library/UefiBootServicesTableLib.h>
>
> +#include <Library/DebugLib.h>
>
> +#include <Library/RngLib.h>
>
> +#include <Protocol/Rng.h>
>
> +
>
> +/**
>
> + Routine Description:
>
> +
>
> + Generates a random number via the NIST
>
> + 800-9A algorithm. Refer to
>
> + http://csrc.nist.gov/groups/STM/cavp/documents/drbg/DRBGVS.pdf
>
> + for more information.
>
> +
>
> + @param[out] Buffer Buffer to receive the random number.
>
> + @param[in] BufferSize Number of bytes in Buffer.
>
> +
>
> + @retval EFI_SUCCESS or underlying failure code.
>
> +**/
>
> +STATIC
>
> +EFI_STATUS
>
> +GenerateRandomNumberViaNist800Algorithm (
>
> + OUT UINT8 *Buffer,
>
> + IN UINTN BufferSize
>
> + )
>
> +{
>
> + EFI_STATUS Status;
>
> + EFI_RNG_PROTOCOL *RngProtocol;
>
> +
>
> + RngProtocol = NULL;
>
> +
>
> + if (Buffer == NULL) {
>
> + DEBUG((DEBUG_ERROR, "%a: Buffer == NULL.\n",
> __FUNCTION__));
>
> + return EFI_INVALID_PARAMETER;
>
> + }
>
> +
>
> + Status = gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID
> **)&RngProtocol);
>
> + if (EFI_ERROR (Status) || RngProtocol == NULL) {
>
> + DEBUG((DEBUG_ERROR, "%a: Could not locate RNG prototocol,
> Status = %r\n", __FUNCTION__, Status));
>
> + return Status;
>
> + }
>
> +
>
> + Status = RngProtocol->GetRNG (RngProtocol,
> &gEfiRngAlgorithmSp80090Ctr256Guid, BufferSize, Buffer);
>
> + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm CTR-256 - Status = %r\n",
> __FUNCTION__, Status));
>
> + if (!EFI_ERROR (Status)) {
>
> + return Status;
>
> + }
>
> +
>
> + Status = RngProtocol->GetRNG (RngProtocol,
> &gEfiRngAlgorithmSp80090Hmac256Guid, BufferSize, Buffer);
>
> + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm HMAC-256 - Status
> = %r\n", __FUNCTION__, Status));
>
> + if (!EFI_ERROR (Status)) {
>
> + return Status;
>
> + }
>
> +
>
> + Status = RngProtocol->GetRNG (RngProtocol,
> &gEfiRngAlgorithmSp80090Hash256Guid, BufferSize, Buffer);
>
> + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm Hash-256 - Status = %r\n",
> __FUNCTION__, Status));
>
> + if (!EFI_ERROR (Status)) {
>
> + return Status;
>
> + }
>
> + // If all the other methods have failed, use the default method from
the
> RngProtocol
>
> + Status = RngProtocol->GetRNG (RngProtocol, NULL, BufferSize, Buffer);
>
> + DEBUG((DEBUG_INFO, "%a: GetRNG algorithm Hash-256 - Status = %r\n",
> __FUNCTION__, Status));
>
> + if (!EFI_ERROR (Status)) {
>
> + return Status;
>
> + }
>
> + // If we get to this point, we have failed
>
> + DEBUG((DEBUG_ERROR, "%a: GetRNG() failed, staus = %r\n",
> __FUNCTION__, Status));
>
> +
>
> + return Status;
>
> +}// GenerateRandomNumberViaNist800Algorithm()
>
> +
>
> +
>
> +/**
>
> + Generates a 16-bit random number.
>
> +
>
> + if Rand is NULL, return FALSE.
>
> +
>
> + @param[out] Rand Buffer pointer to store the 16-bit random value.
>
> +
>
> + @retval TRUE Random number generated successfully.
>
> + @retval FALSE Failed to generate the random number.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +GetRandomNumber16 (
>
> + OUT UINT16 *Rand
>
> + )
>
> +{
>
> + EFI_STATUS Status;
>
> +
>
> + if (Rand == NULL)
>
> + {
>
> + return FALSE;
>
> + }
>
> +
>
> + Status = GenerateRandomNumberViaNist800Algorithm ((UINT8 *)Rand,
> 2);
Here, how about use sizeof (UINT16) to replace hardcode 2? It will be
meaningful.
The same comments are for the following 4, 8, 16. 16 is 2 * sizeof (UINT64).
Thanks
Liming
>
> + if (EFI_ERROR (Status)) {
>
> + return FALSE;
>
> + }
>
> + return TRUE;
>
> +}
>
> +
>
> +/**
>
> + Generates a 32-bit random number.
>
> +
>
> + if Rand is NULL, return FALSE.
>
> +
>
> + @param[out] Rand Buffer pointer to store the 32-bit random value.
>
> +
>
> + @retval TRUE Random number generated successfully.
>
> + @retval FALSE Failed to generate the random number.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +GetRandomNumber32 (
>
> + OUT UINT32 *Rand
>
> + )
>
> +{
>
> + EFI_STATUS Status;
>
> +
>
> + if (Rand == NULL) {
>
> + return FALSE;
>
> + }
>
> +
>
> + Status = GenerateRandomNumberViaNist800Algorithm ((UINT8*)Rand,
> 4);
>
> + if (EFI_ERROR (Status)) {
>
> + return FALSE;
>
> + }
>
> + return TRUE;
>
> +}
>
> +
>
> +/**
>
> + Generates a 64-bit random number.
>
> +
>
> + if Rand is NULL, return FALSE.
>
> +
>
> + @param[out] Rand Buffer pointer to store the 64-bit random value.
>
> +
>
> + @retval TRUE Random number generated successfully.
>
> + @retval FALSE Failed to generate the random number.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +GetRandomNumber64 (
>
> + OUT UINT64 *Rand
>
> + )
>
> +{
>
> + EFI_STATUS Status;
>
> +
>
> + if (Rand == NULL) {
>
> + return FALSE;
>
> + }
>
> +
>
> + Status = GenerateRandomNumberViaNist800Algorithm ((UINT8*)Rand,
> 8);
>
> + if (EFI_ERROR (Status)) {
>
> + return FALSE;
>
> + }
>
> + return TRUE;
>
> +}
>
> +
>
> +/**
>
> + Generates a 128-bit random number.
>
> +
>
> + if Rand is NULL, return FALSE.
>
> +
>
> + @param[out] Rand Buffer pointer to store the 128-bit random
> value.
>
> +
>
> + @retval TRUE Random number generated successfully.
>
> + @retval FALSE Failed to generate the random number.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +GetRandomNumber128 (
>
> + OUT UINT64 *Rand
>
> + )
>
> +{
>
> + EFI_STATUS Status;
>
> +
>
> + if (Rand == NULL) {
>
> + return FALSE;
>
> + }
>
> +
>
> + Status = GenerateRandomNumberViaNist800Algorithm ((UINT8*)Rand,
> 16);
>
> + if (EFI_ERROR (Status)) {
>
> + return FALSE;
>
> + }
>
> + return TRUE;
>
> +}
>
> diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.inf
> b/MdePkg/Library/DxeRngLib/DxeRngLib.inf
> new file mode 100644
> index 000000000000..68554ad21146
> --- /dev/null
> +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.inf
> @@ -0,0 +1,38 @@
> +# @file
>
> +# Provides implementation of the library class RngLib that uses the
> RngProtocol
>
> +#
>
> +# @copyright
>
> +# Copyright (c) Microsoft Corporation. All rights reserved.
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +#
>
> +##
>
> +
>
> +[Defines]
>
> + INF_VERSION = 1.27
>
> + BASE_NAME = DxeRngLib
>
> + MODULE_UNI_FILE = DxeRngLib.uni
>
> + FILE_GUID = FF9F84C5-A33E-44E3-9BB5-0D654B2D4149
>
> + MODULE_TYPE = DXE_DRIVER
>
> + VERSION_STRING = 1.0
>
> + LIBRARY_CLASS = RngLib|DXE_DRIVER UEFI_APPLICATION
> UEFI_DRIVER
>
> +
>
> +[Packages]
>
> + MdePkg/MdePkg.dec
>
> +
>
> +[Sources]
>
> + DxeRngLib.c
>
> +
>
> +[LibraryClasses]
>
> + DebugLib
>
> + UefiBootServicesTableLib
>
> +
>
> +[Protocols]
>
> + gEfiRngProtocolGuid ## CONSUMES
>
> +
>
> +[Depex]
>
> + gEfiRngProtocolGuid
>
> +
>
> +[Guids]
>
> + gEfiRngAlgorithmSp80090Ctr256Guid
>
> + gEfiRngAlgorithmSp80090Hash256Guid
>
> + gEfiRngAlgorithmSp80090Hmac256Guid
>
> diff --git a/MdePkg/Library/DxeRngLib/DxeRngLib.uni
> b/MdePkg/Library/DxeRngLib/DxeRngLib.uni
> new file mode 100644
> index 000000000000..c904e54b6fb0
> --- /dev/null
> +++ b/MdePkg/Library/DxeRngLib/DxeRngLib.uni
> @@ -0,0 +1,15 @@
> +// @file
>
> +// Instance of RNG (Random Number Generator) Library.
>
> +//
>
> +// RngLib that uses the Rng Protocol to provide random numbers.
>
> +//
>
> +// Copyright (c) Microsoft Corporation.
>
> +//
>
> +// SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +//
>
> +
>
> +
>
> +#string STR_MODULE_ABSTRACT #language en-US "Instance of RNG
> Library"
>
> +
>
> +#string STR_MODULE_DESCRIPTION #language en-US "BaseRng Library
> that uses the Rng Protocol to provide random numbers"
>
> +
>
> diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc
> index d7ba3a730909..2c3b7966b086 100644
> --- a/MdePkg/MdePkg.dsc
> +++ b/MdePkg/MdePkg.dsc
> @@ -62,8 +62,10 @@
> MdePkg/Library/BasePostCodeLibPort80/BasePostCodeLibPort80.inf
>
> MdePkg/Library/BasePrintLib/BasePrintLib.inf
>
>
> MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull
> .inf
>
> - MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
>
> + MdePkg/Library/DxeRngLib/DxeRngLib.inf
>
> MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
>
> + MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
>
> +
>
> MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf
>
> MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
>
>
> MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
>
> --
> 2.28.0.windows.1
>
>
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
>
> View/Reply Online (#64654): https://edk2.groups.io/g/devel/message/64654
> Mute This Topic: https://groups.io/mt/76437902/4905953
> Group Owner: devel+owner at edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub
> [gaoliming at byosoft.com.cn]
> -=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#64668): https://edk2.groups.io/g/devel/message/64668
Mute This Topic: https://groups.io/mt/76442533/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list