REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Add rand function for BaseCryptLibMbedTls.
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Yi Li <yi1...@intel.com>
Signed-off-by: Wenxing Hou <wenxing....@intel.com>
---
CryptoPkg/Include/Library/BaseCryptLib.h | 2 +
.../BaseCryptLibMbedTls/InternalCryptLib.h | 16 +++
.../BaseCryptLibMbedTls/Rand/CryptRand.c | 114 ++++++++++++++++++
.../BaseCryptLibMbedTls/Rand/CryptRandTsc.c | 114 ++++++++++++++++++
4 files changed, 246 insertions(+)
create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 86f784a1d2..111df8e78b 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -3139,6 +3139,8 @@ DhComputeKey (
If Seed is NULL, then default seed is used.
If this interface is not supported, then return FALSE.
+ RandomSeed has not been implemented in BaseCryptoLibMbedTls.
+
@param[in] Seed Pointer to seed value.
If NULL, default seed is used.
@param[in] SeedSize Size of seed value.
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
index 039aa32028..a30666cef4 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
@@ -22,4 +22,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
//
#include <mbedtls/mbedtls_config.h>
+/**
+ The MbedTLS function f_rng, which MbedtlsRand implements.
+
+ @param[in] RngState Not used, just for compatibility with mbedlts.
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Len Size of random bytes to generate.
+
+ @retval 0 Pseudorandom byte stream generated successfully.
+ @retval Non-0 Pseudorandom number generator fails to generate due to lack
of entropy.
+**/
+INT32
+MbedtlsRand (
+ VOID *RngState,
+ UINT8 *Output,
+ UINTN Len
+ );
#endif
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
new file mode 100644
index 0000000000..e01aabc0de
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
@@ -0,0 +1,114 @@
+/** @file
+ Pseudorandom Number Generator Wrapper Implementation over MbedTLS.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include <Library/RngLib.h>
+
+/**
+ Sets up the seed value for the pseudorandom number generator.
+
+ This function sets up the seed value for the pseudorandom number generator.
+ If Seed is not NULL, then the seed passed in is used.
+ If Seed is NULL, then default seed is used.
+
+ @param[in] Seed Pointer to seed value.
+ If NULL, default seed is used.
+ @param[in] SeedSize Size of seed value.
+ If Seed is NULL, this parameter is ignored.
+
+ @retval TRUE Pseudorandom number generator has enough entropy for random
generation.
+ @retval FALSE Pseudorandom number generator does not have enough entropy
for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+ IN CONST UINT8 *Seed OPTIONAL,
+ IN UINTN SeedSize
+ )
+{
+ return TRUE;
+}
+
+/**
+ Generates a pseudorandom byte stream of the specified size.
+
+ If Output is NULL, then return FALSE.
+
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Size Size of random bytes to generate.
+
+ @retval TRUE Pseudorandom byte stream generated successfully.
+ @retval FALSE Pseudorandom number generator fails to generate due to lack
of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+ OUT UINT8 *Output,
+ IN UINTN Size
+ )
+{
+ BOOLEAN Ret;
+ volatile UINT64 TempRand;
+
+ //
+ // Check input parameters.
+ //
+ if ((Output == NULL) || (Size > INT_MAX)) {
+ return FALSE;
+ }
+
+ Ret = FALSE;
+
+ while (Size > 0) {
+ // Use RngLib to get random number
+ Ret = GetRandomNumber64 ((UINT64 *)&TempRand);
+
+ if (!Ret) {
+ TempRand = 0;
+ return Ret;
+ }
+
+ if (Size >= sizeof (TempRand)) {
+ *((UINT64 *)Output) = TempRand;
+ Output += sizeof (UINT64);
+ Size -= sizeof (TempRand);
+ } else {
+ CopyMem (Output, (VOID *)&TempRand, Size);
+ Size = 0;
+ }
+ }
+
+ TempRand = 0;
+ return Ret;
+}
+
+/**
+ The MbedTLS function f_rng, which MbedtlsRand implements.
+
+ @param[in] RngState Not used, just for compatibility with mbedlts.
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Len Size of random bytes to generate.
+
+ @retval 0 Pseudorandom byte stream generated successfully.
+ @retval Non-0 Pseudorandom number generator fails to generate due to lack
of entropy.
+**/
+INT32
+MbedtlsRand (
+ VOID *RngState,
+ UINT8 *Output,
+ UINTN Len
+ )
+{
+ BOOLEAN Result;
+
+ Result = RandomBytes (Output, Len);
+
+ return Result ? 0 : -1;
+}
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c
b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c
new file mode 100644
index 0000000000..e01aabc0de
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c
@@ -0,0 +1,114 @@
+/** @file
+ Pseudorandom Number Generator Wrapper Implementation over MbedTLS.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include <Library/RngLib.h>
+
+/**
+ Sets up the seed value for the pseudorandom number generator.
+
+ This function sets up the seed value for the pseudorandom number generator.
+ If Seed is not NULL, then the seed passed in is used.
+ If Seed is NULL, then default seed is used.
+
+ @param[in] Seed Pointer to seed value.
+ If NULL, default seed is used.
+ @param[in] SeedSize Size of seed value.
+ If Seed is NULL, this parameter is ignored.
+
+ @retval TRUE Pseudorandom number generator has enough entropy for random
generation.
+ @retval FALSE Pseudorandom number generator does not have enough entropy
for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+ IN CONST UINT8 *Seed OPTIONAL,
+ IN UINTN SeedSize
+ )
+{
+ return TRUE;
+}
+
+/**
+ Generates a pseudorandom byte stream of the specified size.
+
+ If Output is NULL, then return FALSE.
+
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Size Size of random bytes to generate.
+
+ @retval TRUE Pseudorandom byte stream generated successfully.
+ @retval FALSE Pseudorandom number generator fails to generate due to lack
of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+ OUT UINT8 *Output,
+ IN UINTN Size
+ )
+{
+ BOOLEAN Ret;
+ volatile UINT64 TempRand;
+
+ //
+ // Check input parameters.
+ //
+ if ((Output == NULL) || (Size > INT_MAX)) {
+ return FALSE;
+ }
+
+ Ret = FALSE;
+
+ while (Size > 0) {
+ // Use RngLib to get random number
+ Ret = GetRandomNumber64 ((UINT64 *)&TempRand);
+
+ if (!Ret) {
+ TempRand = 0;
+ return Ret;
+ }
+
+ if (Size >= sizeof (TempRand)) {
+ *((UINT64 *)Output) = TempRand;
+ Output += sizeof (UINT64);
+ Size -= sizeof (TempRand);
+ } else {
+ CopyMem (Output, (VOID *)&TempRand, Size);
+ Size = 0;
+ }
+ }
+
+ TempRand = 0;
+ return Ret;
+}
+
+/**
+ The MbedTLS function f_rng, which MbedtlsRand implements.
+
+ @param[in] RngState Not used, just for compatibility with mbedlts.
+ @param[out] Output Pointer to buffer to receive random value.
+ @param[in] Len Size of random bytes to generate.
+
+ @retval 0 Pseudorandom byte stream generated successfully.
+ @retval Non-0 Pseudorandom number generator fails to generate due to lack
of entropy.
+**/
+INT32
+MbedtlsRand (
+ VOID *RngState,
+ UINT8 *Output,
+ UINTN Len
+ )
+{
+ BOOLEAN Result;
+
+ Result = RandomBytes (Output, Len);
+
+ return Result ? 0 : -1;
+}
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118733): https://edk2.groups.io/g/devel/message/118733
Mute This Topic: https://groups.io/mt/105996828/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
