Hi Doug First, I agree with you that "A caller is free to request less than 256 bit".
Second, I think we still need to meet 256 bit entropy requirement in UEFI spec, right? With above assumption, I checked how the callee is implemented when input length is small. https://github.com/tianocore/edk2/blob/master/SecurityPkg/RandomNumberGenerator/RngDxe/ArmTrng.c#L54-L59 EntropyBits = MIN ((RequiredEntropyBits - CollectedEntropyBits), MaxBits); Status = GetArmTrngEntropy ( EntropyBits, (Length - Index), &Entropy[Index] ); It seems to me that the EntropyBits is also less than 256, when the input requirement is less than 256 bit. Would you please double check that, to see if the requirement is still satisfied? Please correct me if my understanding is wrong. Thank you Yao, Jiewen > -----Original Message----- > From: Doug Flick <doug.e...@gmail.com> > Sent: Thursday, May 9, 2024 1:56 PM > To: devel@edk2.groups.io > Cc: Yao, Jiewen <jiewen....@intel.com> > Subject: [PATCH v2 07/13] SecurityPkg: RngDxe: Remove incorrect limitation on > GetRng > > Removed from gEfiRngAlgorithmRaw an incorrect assumption that > Raw cannot return less than 256 bits. The DRNG Algorithms > should always use a 256 bit seed as per nist standards > however a caller is free to request less than 256 bits. > > > > // > > // When a DRBG is used on the output of a entropy source, > > // its security level must be at least 256 bits according to UEFI Spec. > > // > > if (RNGValueLength < 32) { > > return EFI_INVALID_PARAMETER; > > } > > > > AARCH64 platforms do not have this limitation and this brings both > implementations into alignment with each other and the spec. > > Cc: Jiewen Yao <jiewen....@intel.com> > > Signed-off-by: Doug Flick [MSFT] <doug.e...@gmail.com> > --- > SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c | 8 -------- > 1 file changed, 8 deletions(-) > > diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c > b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c > index 7e06e16e4be5..5723ed695747 100644 > --- a/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c > +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RngDxe.c > @@ -116,14 +116,6 @@ RngGetRNG ( > // The "raw" algorithm is intended to provide entropy directly > > // > > if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) { > > - // > > - // When a DRBG is used on the output of a entropy source, > > - // its security level must be at least 256 bits according to UEFI Spec. > > - // > > - if (RNGValueLength < 32) { > > - return EFI_INVALID_PARAMETER; > > - } > > - > > Status = GenerateEntropy (RNGValueLength, RNGValue); > > return Status; > > } > > -- > 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118811): https://edk2.groups.io/g/devel/message/118811 Mute This Topic: https://groups.io/mt/105996584/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
