From 3aa8dc6cd37d9487e32d24e49e63267df9b9cccb Mon Sep 17 00:00:00 2001 From: "Long, Qin" Date: Tue, 19 Nov 2013 01:49:49 +0000 Subject: Add UEFI RNG Protocol support. The driver will leverage Intel Secure Key technology to produce the Random Number Generator protocol, which is used to provide high-quality random numbers for use in applications, or entropy for seeding other random number generators. Refer to http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/ for more information about Intel Secure Key technology. Signed-off-by: Long, Qin Reviewed-by: Fu, Siyuan Reviewed-by: Rosenbaum, Lee G git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14858 6f19259b-4bc3-4df7-8a09-765794883524 --- SecurityPkg/Application/RngTest/RngTest.c | 231 ++++++++++++++++++++++++++++ SecurityPkg/Application/RngTest/RngTest.inf | 50 ++++++ 2 files changed, 281 insertions(+) create mode 100644 SecurityPkg/Application/RngTest/RngTest.c create mode 100644 SecurityPkg/Application/RngTest/RngTest.inf (limited to 'SecurityPkg/Application') diff --git a/SecurityPkg/Application/RngTest/RngTest.c b/SecurityPkg/Application/RngTest/RngTest.c new file mode 100644 index 0000000000..25edecefe3 --- /dev/null +++ b/SecurityPkg/Application/RngTest/RngTest.c @@ -0,0 +1,231 @@ +/** @file + UEFI RNG (Random Number Generator) Protocol test application. + +Copyright (c) 2013, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include +#include +#include +#include +#include +#include +#include + +/** + The user Entry Point for Application. The user code starts with this function + as the real entry point for the application. + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The entry point is executed successfully. + @retval other Some error occurs when executing this entry point. + +**/ +EFI_STATUS +EFIAPI +UefiMain ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + EFI_RNG_PROTOCOL *Rng; + UINTN RngAlgListSize; + EFI_RNG_ALGORITHM RngAlgList[10]; + EFI_RNG_ALGORITHM *PtrRngAlg; + UINTN RngAlgCount; + UINT8 *Rand; + UINTN RandSize; + UINTN Index; + UINTN Index2; + + Status = EFI_SUCCESS; + PtrRngAlg = NULL; + Rand = NULL; + + Print (L"UEFI RNG Protocol Testing :\n"); + Print (L"----------------------------\n"); + + //----------------------------------------- + // Basic UEFI RNG Protocol Test + //----------------------------------------- + Print (L" -- Locate UEFI RNG Protocol : "); + Status = gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID **)&Rng); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]\n", Status); + goto Exit; + } else { + Print (L"[Pass]\n"); + } + + //----------------------------------------- + // Rng->GetInfo() interface test. + //----------------------------------------- + + Print (L" -- Call RNG->GetInfo() interface : "); + RngAlgListSize = 0; + Status = Rng->GetInfo (Rng, &RngAlgListSize, NULL); + if (Status != EFI_BUFFER_TOO_SMALL) { + Print (L"[Fail - Status = %r]\n", Status); + } + // + // Print out the supported RNG algorithm GUIDs + // + RngAlgCount = RngAlgListSize / sizeof (EFI_RNG_ALGORITHM); + Print (L"\n >> Supported RNG Algorithm (Count = %d) : ", RngAlgCount); + Status = Rng->GetInfo (Rng, &RngAlgListSize, RngAlgList); + for (Index = 0; Index < RngAlgCount; Index++) { + PtrRngAlg = (EFI_RNG_ALGORITHM *)(&RngAlgList[Index]); + Print (L"\n %d) ", Index); + Print (L"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", PtrRngAlg->Data1, + PtrRngAlg->Data2, PtrRngAlg->Data3, PtrRngAlg->Data4[0], PtrRngAlg->Data4[1], + PtrRngAlg->Data4[2], PtrRngAlg->Data4[3], PtrRngAlg->Data4[4], + PtrRngAlg->Data4[5], PtrRngAlg->Data4[6], PtrRngAlg->Data4[7]); + } + + //----------------------------------------- + // Rng->GetRNG() interface test. + //----------------------------------------- + Print (L"\n -- Call RNG->GetRNG() interface : "); + + // + // Allocate one buffer to store random data. + // + RandSize = 32; + Rand = AllocatePool (RandSize); + + // + // RNG with default algorithm + // + Print (L"\n >> RNG with default algorithm : "); + Status = Rng->GetRNG (Rng, NULL, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + } else { + Print (L"[Pass]"); + } + + // + // RNG with SP800-90-HMAC-256 + // + Print (L"\n >> RNG with SP800-90-HMAC-256 : "); + Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmSp80090Hmac256Guid, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + } else { + Print (L"[Pass]"); + } + + // + // RNG with SP800-90-HASH-256 + // + Print (L"\n >> RNG with SP800-90-Hash-256 : "); + Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmSp80090Hash256Guid, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + } else { + Print (L"[Pass]"); + } + + // + // RNG with SP800-90-CTR-256 + // + Print (L"\n >> RNG with SP800-90-CTR-256 : "); + Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmSp80090Ctr256Guid, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + } else { + Print (L"[Pass]"); + } + + // + // RNG with X9.31-3DES + // + Print (L"\n >> RNG with X9.31-3DES : "); + Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmX9313DesGuid, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + } else { + Print (L"[Pass]"); + } + + // + // RNG with X9.31-AES + // + Print (L"\n >> RNG with X9.31-AES : "); + Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmX931AesGuid, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + } else { + Print (L"[Pass]"); + } + + // + // RNG with RAW Entropy + // + Print (L"\n >> RNG with RAW Entropy : "); + Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmRaw, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + } else { + Print (L"[Pass]"); + } + + //----------------------------------------- + // Random Number Generator test. + //----------------------------------------- + Print (L"\n -- Random Number Generation Test with default RNG Algorithm (20 Rounds): "); + + RandSize = 1; + for (Index = 0; Index < 20; Index++) { + Status = Rng->GetRNG (Rng, NULL, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + break; + } else { + Print (L"\n %02d) - ", Index + 1); + for (Index2 = 0; Index2 < RandSize; Index2++) { + Print (L"%02x", Rand[Index2]); + } + } + + RandSize +=1; + } + + //----------------------------------------- + // Random Number Generator test. + //----------------------------------------- + Print (L"\n -- RAW Entropy Generation Test (20 Rounds) : "); + + RandSize = 32; + for (Index = 0; Index < 20; Index++) { + Status = Rng->GetRNG (Rng, &gEfiRngAlgorithmRaw, RandSize, Rand); + if (EFI_ERROR (Status)) { + Print (L"[Fail - Status = %r]", Status); + break; + } else { + Print (L"\n %02d) - ", Index + 1); + for (Index2 = 0; Index2 < RandSize; Index2++) { + Print (L"%02x", Rand[Index2]); + } + } + } + + Print (L"\n -- Exit UEFI RNG Protocol Test (Status = %r).\n", Status); + +Exit: + if (Rand != NULL) { + FreePool (Rand); + } + return Status; +} diff --git a/SecurityPkg/Application/RngTest/RngTest.inf b/SecurityPkg/Application/RngTest/RngTest.inf new file mode 100644 index 0000000000..bec78a4c99 --- /dev/null +++ b/SecurityPkg/Application/RngTest/RngTest.inf @@ -0,0 +1,50 @@ +## @file +# UEFI RNG (Random Number Generator) Protocol test application. +# +# Copyright (c) 2013, Intel Corporation. All rights reserved.
+# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = RngTest + FILE_GUID = B8AC7FB2-4211-4c2b-B62F-504421666C87 + MODULE_TYPE = UEFI_APPLICATION + VERSION_STRING = 1.0 + ENTRY_POINT = UefiMain + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 +# + +[Sources] + RngTest.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + SecurityPkg/SecurityPkg.dec + +[LibraryClasses] + UefiApplicationEntryPoint + UefiLib + +[Protocols] + gEfiRngProtocolGuid + +[Guids] + gEfiRngAlgorithmSp80090Hash256Guid + gEfiRngAlgorithmSp80090Hmac256Guid + gEfiRngAlgorithmSp80090Ctr256Guid + gEfiRngAlgorithmX9313DesGuid + gEfiRngAlgorithmX931AesGuid + gEfiRngAlgorithmRaw \ No newline at end of file -- cgit v1.2.3