From: Pierre Gondois <pierre.gond...@arm.com> NIST Special Publication 800-90C, s10.3.3 'Get_entropy_input Constructions for Accessing Entropy Sources' specifies multiple way to implement the Get_entropy_input() function.
Implement s10.3.3.1 'Construction When a Conditioning Function is not Used' in a separate file to let room for other potential implementations. Signed-off-by: Pierre Gondois <pierre.gond...@arm.com> --- MdePkg/Library/DrbgLib/GetEntropyInput.c | 72 ++++++++++++++++++++++++ MdePkg/Library/DrbgLib/GetEntropyInput.h | 48 ++++++++++++++++ 2 files changed, 120 insertions(+) create mode 100644 MdePkg/Library/DrbgLib/GetEntropyInput.c create mode 100644 MdePkg/Library/DrbgLib/GetEntropyInput.h diff --git a/MdePkg/Library/DrbgLib/GetEntropyInput.c b/MdePkg/Library/DrbgLib/GetEntropyInput.c new file mode 100644 index 000000000000..6257bc9093dd --- /dev/null +++ b/MdePkg/Library/DrbgLib/GetEntropyInput.c @@ -0,0 +1,72 @@ +/** @file + GetEntropyInput function implementation. + + Copyright (c) 2022, Arm Limited. All rights reserved.<BR> + SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Reference(s): + - [1] NIST Special Publication 800-90A Revision 1, June 2015, Recommendation + for Random Number Generation Using Deterministic Random Bit Generators. + (https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final) + - [2] NIST Special Publication 800-90B, Recommendation for the Entropy + Sources Used for Random Bit Generation. + (https://csrc.nist.gov/publications/detail/sp/800-90b/final) + - [3] (Second Draft) NIST Special Publication 800-90C, Recommendation for + Random Bit Generator (RBG) Constructions. + (https://csrc.nist.gov/publications/detail/sp/800-90c/draft) + + @par Glossary: + - TRNG - True Random Number Generator + - Sec - Security + - DRBG - Deterministic Random Bits Generator + - CTR - Counter +**/ + +#include <Library/BaseLib.h> +#include <Library/DebugLib.h> + +#include "Common.h" + +/** GetEntropyInput implementation (no conditionning function). + + Cf. [3] 10.3.3.1 Construction When a Conditioning Function is not Used + + @param [in] DrbgHandle The Drbg hanble. + @param [in] MinEntropy Minimum entropy. + @param [out] EntropyBitsStream Stream containing the generated entropy. + + @retval EFI_SUCCESS Success. + @retval EFI_INVALID_PARAMETER Invalid parameter. + @retval EFI_OUT_OF_RESOURCES Out of resources. +**/ +EFI_STATUS +EFIAPI +GetEntropyInputNoCondFn ( + IN DRBG_HANDLE DrbgHandle, + IN UINTN MinEntropy, + OUT BIT_STREAM **EntropyBitsStream + ) +{ + EFI_STATUS Status; + + if ((DrbgHandle == NULL) || + (EntropyBitsStream == NULL) || + (*EntropyBitsStream != NULL)) + { + ASSERT (DrbgHandle != NULL); + ASSERT (EntropyBitsStream != NULL); + ASSERT (*EntropyBitsStream == NULL); + return EFI_INVALID_PARAMETER; + } + + // 1. (status, entropy_bitstring) = Get_Entropy(min_entropy, max_length). + // 2. If (status != SUCCESS), then return (status, Null). + // 3. Return SUCCESS, entropy_bitstring. + Status = GetEntropy (DrbgHandle, MinEntropy, EntropyBitsStream); + if (EFI_ERROR (Status)) { + ASSERT_EFI_ERROR (Status); + // Fall through. + } + + return Status; +} diff --git a/MdePkg/Library/DrbgLib/GetEntropyInput.h b/MdePkg/Library/DrbgLib/GetEntropyInput.h new file mode 100644 index 000000000000..336fbc3826c0 --- /dev/null +++ b/MdePkg/Library/DrbgLib/GetEntropyInput.h @@ -0,0 +1,48 @@ +/** @file + GetEntropyInput function implementation. + + Copyright (c) 2022, Arm Limited. All rights reserved.<BR> + SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Reference(s): + - [1] NIST Special Publication 800-90A Revision 1, June 2015, Recommendation + for Random Number Generation Using Deterministic Random Bit Generators. + (https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final) + - [2] NIST Special Publication 800-90B, Recommendation for the Entropy + Sources Used for Random Bit Generation. + (https://csrc.nist.gov/publications/detail/sp/800-90b/final) + - [3] (Second Draft) NIST Special Publication 800-90C, Recommendation for + Random Bit Generator (RBG) Constructions. + (https://csrc.nist.gov/publications/detail/sp/800-90c/draft) + + @par Glossary: + - TRNG - True Random Number Generator + - Sec - Security + - DRBG - Deterministic Random Bits Generator + - CTR - Counter +**/ + +#ifndef GET_ENTROPY_INPUT_H_ +#define GET_ENTROPY_INPUT_H_ + +/** GetEntropyInput implementation (no conditionning function). + + Cf. [3] 10.3.3.1 Construction When a Conditioning Function is not Used + + @param [in] DrbgHandle The Drbg hanble. + @param [in] MinEntropy Minimum entropy. + @param [out] EntropyBitsStream Stream containing the generated entropy. + + @retval EFI_SUCCESS Success. + @retval EFI_INVALID_PARAMETER Invalid parameter. + @retval EFI_OUT_OF_RESOURCES Out of resources. +**/ +EFI_STATUS +EFIAPI +GetEntropyInputNoCondFn ( + IN DRBG_HANDLE DrbgHandle, + IN UINTN MinEntropy, + OUT BIT_STREAM **EntropyBitsStream + ); + +#endif // GET_ENTROPY_INPUT_H_ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#90902): https://edk2.groups.io/g/devel/message/90902 Mute This Topic: https://groups.io/mt/92072290/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
