1 /** @file 2 Pseudorandom Number Generator Wrapper Implementation over OpenSSL. 3 4 Copyright (c) 2012 - 2013, Intel Corporation. All rights reserved.<BR> 5 This program and the accompanying materials 6 are licensed and made available under the terms and conditions of the BSD License 7 which accompanies this distribution. The full text of the license may be found at 8 http://opensource.org/licenses/bsd-license.php 9 10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 12 13 **/ 14 15 #include "InternalCryptLib.h" 16 #include <openssl/rand.h> 17 #include <openssl/evp.h> 18 #include <Library/PrintLib.h> 19 20 /** 21 Sets up the seed value for the pseudorandom number generator. 22 23 This function sets up the seed value for the pseudorandom number generator. 24 If Seed is not NULL, then the seed passed in is used. 25 If Seed is NULL, then default seed is used. 26 27 @param[in] Seed Pointer to seed value. 28 If NULL, default seed is used. 29 @param[in] SeedSize Size of seed value. 30 If Seed is NULL, this parameter is ignored. 31 32 @retval TRUE Pseudorandom number generator has enough entropy for random generation. 33 @retval FALSE Pseudorandom number generator does not have enough entropy for random generation. 34 35 **/ 36 BOOLEAN 37 EFIAPI 38 RandomSeed ( 39 IN CONST UINT8 *Seed OPTIONAL, 40 IN UINTN SeedSize 41 ) 42 { 43 CHAR8 DefaultSeed[128]; 44 45 if (SeedSize > INT_MAX) { 46 return FALSE; 47 } 48 49 // 50 // The software PRNG implementation built in OpenSSL depends on message digest algorithm. 51 // Make sure SHA-1 digest algorithm is available here. 52 // 53 if (EVP_add_digest (EVP_sha1 ()) == 0) { 54 return FALSE; 55 } 56 57 // 58 // Seed the pseudorandom number generator with user-supplied value. 59 // NOTE: A cryptographic PRNG must be seeded with unpredictable data. 60 // 61 if (Seed != NULL) { 62 RAND_seed (Seed, (UINT32) SeedSize); 63 } else { 64 // 65 // Retrieve current time. 66 // 67 AsciiSPrint ( 68 DefaultSeed, 69 sizeof (DefaultSeed), 70 "UEFI Crypto Library default seed (%ld)", 71 AsmReadTsc () 72 ); 73 74 RAND_seed (DefaultSeed, sizeof (DefaultSeed)); 75 } 76 77 if (RAND_status () == 1) { 78 return TRUE; 79 } 80 81 return FALSE; 82 } 83 84 /** 85 Generates a pseudorandom byte stream of the specified size. 86 87 If Output is NULL, then return FALSE. 88 89 @param[out] Output Pointer to buffer to receive random value. 90 @param[in] Size Size of randome bytes to generate. 91 92 @retval TRUE Pseudorandom byte stream generated successfully. 93 @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy. 94 95 **/ 96 BOOLEAN 97 EFIAPI 98 RandomBytes ( 99 OUT UINT8 *Output, 100 IN UINTN Size 101 ) 102 { 103 // 104 // Check input parameters. 105 // 106 if (Output == NULL || Size > INT_MAX) { 107 return FALSE; 108 } 109 110 // 111 // Generate random data. 112 // 113 if (RAND_bytes (Output, (UINT32) Size) != 1) { 114 return FALSE; 115 } 116 117 return TRUE; 118 } 119