VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/Library/DcsCfgLib
diff options
context:
space:
mode:
authorkavsrf <kavsrf@gmail.com>2016-12-04 13:46:48 +0300
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2017-06-05 17:36:42 +0200
commit6701b862aa96775609a7d42662ae4a98e43071bb (patch)
tree3900fcd874625898d9ab921ec6f2e3f5f8ef4b97 /Library/DcsCfgLib
parentebe8c240166ef25ed0ca8898f8bfd34b415a75d0 (diff)
downloadVeraCrypt-DCS-6701b862aa96775609a7d42662ae4a98e43071bb.tar.gz
VeraCrypt-DCS-6701b862aa96775609a7d42662ae4a98e43071bb.zip
TPM12 support
Diffstat (limited to 'Library/DcsCfgLib')
-rw-r--r--Library/DcsCfgLib/DcsCfgLib.inf3
-rw-r--r--Library/DcsCfgLib/DcsRandom.c144
2 files changed, 121 insertions, 26 deletions
diff --git a/Library/DcsCfgLib/DcsCfgLib.inf b/Library/DcsCfgLib/DcsCfgLib.inf
index 8607cb4..d199bb1 100644
--- a/Library/DcsCfgLib/DcsCfgLib.inf
+++ b/Library/DcsCfgLib/DcsCfgLib.inf
@@ -36,11 +36,14 @@ DcsRandom.c
[Packages]
MdePkg/MdePkg.dec
DcsPkg/DcsPkg.dec
+ CryptoPkg/CryptoPkg.dec
[LibraryClasses]
MemoryAllocationLib
UefiLib
RngLib
+ BaseCryptLib
+ DcsTpmLib
[Protocols]
diff --git a/Library/DcsCfgLib/DcsRandom.c b/Library/DcsCfgLib/DcsRandom.c
index a269a46..084a8cf 100644
--- a/Library/DcsCfgLib/DcsRandom.c
+++ b/Library/DcsCfgLib/DcsRandom.c
@@ -18,9 +18,11 @@ https://opensource.org/licenses/LGPL-3.0
#include <Library/CommonLib.h>
#include <Library/RngLib.h>
#include <Library/DcsCfgLib.h>
+#include <Library/BaseCryptLib.h>
#include <common/Pkcs5.h>
#include <crypto/sha2.h>
+#include "../../Include/Library/DcsTpmLib.h"
DCS_RND* gRnd = NULL;
@@ -61,7 +63,8 @@ RndFileGetBytes(
EFI_STATUS
RndFileInit(
IN DCS_RND* rnd,
- IN VOID* Context
+ IN VOID* Context,
+ IN UINTN ContextSize
)
{
EFI_STATUS res = EFI_NOT_FOUND;
@@ -70,10 +73,8 @@ RndFileInit(
rnd->GetBytes = RndFileGetBytes;
rnd->Prepare = RndFilePrepare;
if (Context != NULL) {
- res = FileLoad(NULL, (CHAR16*)Context, &rnd->State.File.Data, &rnd->State.File.Size);
- if (!EFI_ERROR(res)) {
- return rnd->Prepare(rnd);
- }
+ rnd->State.File.Data = Context;
+ rnd->State.File.Size = ContextSize;
}
return res;
}
@@ -121,7 +122,8 @@ RndRDRandGetBytes(
EFI_STATUS
RndRDRandInit(
IN DCS_RND* rnd,
- IN VOID* Context
+ IN VOID* Context,
+ IN UINTN ContextSize
)
{
ZeroMem(rnd, sizeof(DCS_RND));
@@ -321,8 +323,8 @@ RndDtrmHmacSha512GetBytes(
EFI_STATUS
RndDtrmHmacSha512Init(
IN DCS_RND* rnd,
- IN VOID* Context
- )
+ IN VOID* Context,
+ IN UINTN ContextSize)
{
EFI_STATUS res = EFI_SUCCESS;
ZeroMem(rnd, sizeof(DCS_RND));
@@ -331,31 +333,115 @@ RndDtrmHmacSha512Init(
rnd->Prepare = RndDtrmHmacSha512Prepare;
if (Context != NULL) {
- CHAR16* type = (CHAR16*)Context;
- if (*type == '_') {
- UINT8* data;
- UINTN size;
- type++;
- res = FileLoad(NULL, (CHAR16*)type, &data, &size);
- if (EFI_ERROR(res)) {
- rnd->Type = RndTypeNone;
- }
- res = RndDtrmHmacSha512Update(&rnd->State.HMacSha512, data, size, 0);
- if (EFI_ERROR(res)) {
- rnd->Type = RndTypeNone;
- }
+ res = RndDtrmHmacSha512Update(&rnd->State.HMacSha512, (UINT8*)Context, ContextSize, 0);
+ if (EFI_ERROR(res)) {
+ rnd->Type = RndTypeNone;
}
}
return rnd->Prepare(rnd);
}
//////////////////////////////////////////////////////////////////////////
+// OpenSSL random
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+RndOpenSSLPrepare(
+ IN DCS_RND* rnd
+ )
+{
+ UINT64 rndTmp;
+ if (rnd != NULL && rnd->Type == RndTypeOpenSSL) {
+ if (RandomBytes((UINT8*)&rndTmp, 8)) {
+ return EFI_SUCCESS;
+ }
+ }
+ return EFI_NOT_READY;
+}
+
+EFI_STATUS
+RndOpenSSLGetBytes(
+ IN DCS_RND *rnd,
+ OUT UINT8 *buf,
+ IN UINTN len)
+{
+ if (rnd != NULL && rnd->Type == RndTypeOpenSSL) {
+ if (RandomBytes(buf, len)) {
+ return EFI_SUCCESS;
+ }
+ }
+ return EFI_NOT_READY;
+}
+
+EFI_STATUS
+RndOpenSSLInit(
+ IN DCS_RND* rnd,
+ IN VOID* Context,
+ IN UINTN ContextSize
+ )
+{
+ int res;
+ ZeroMem(rnd, sizeof(DCS_RND));
+ rnd->Type = RndTypeOpenSSL;
+ rnd->GetBytes = RndOpenSSLGetBytes;
+ rnd->Prepare = RndOpenSSLPrepare;
+ res = RandomSeed(Context, ContextSize);
+ if (!res) {
+ return EFI_NOT_READY;
+ }
+ return rnd->Prepare(rnd);
+}
+
+//////////////////////////////////////////////////////////////////////////
+// TPM random
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+RndTpmPrepare(
+ IN DCS_RND* rnd
+ )
+{
+ UINT64 rndTmp;
+ UINT32 sz = sizeof(rndTmp);
+ if (rnd != NULL && rnd->Type == RndTypeTpm) {
+ return Tpm12GetRandom(&sz, (UINT8*)&rndTmp);
+ }
+ return EFI_NOT_READY;
+}
+
+EFI_STATUS
+RndTpmGetBytes(
+ IN DCS_RND *rnd,
+ OUT UINT8 *buf,
+ IN UINTN len)
+{
+ UINT32 sz = (UINT32)len;
+ if (rnd != NULL && rnd->Type == RndTypeTpm) {
+ return Tpm12GetRandom(&sz, buf);
+ }
+ return EFI_NOT_READY;
+}
+
+EFI_STATUS
+RndTpmInit(
+ IN DCS_RND* rnd,
+ IN VOID* Context,
+ IN UINTN ContextSize
+ )
+{
+ ZeroMem(rnd, sizeof(DCS_RND));
+ rnd->Type = RndTypeTpm;
+ rnd->GetBytes = RndTpmGetBytes;
+ rnd->Prepare = RndTpmPrepare;
+ return rnd->Prepare(rnd);
+}
+
+//////////////////////////////////////////////////////////////////////////
// Random API
//////////////////////////////////////////////////////////////////////////
EFI_STATUS
RndInit(
IN UINTN rndType,
IN VOID* Context,
+ IN UINTN ContextSize,
OUT DCS_RND **rnd)
{
if (rnd != NULL) {
@@ -366,13 +452,19 @@ RndInit(
rndTemp->Type = (UINT32)rndType;
switch (rndType) {
case RndTypeFile:
- res = RndFileInit(rndTemp, Context);
+ res = RndFileInit(rndTemp, Context, ContextSize);
break;
case RndTypeRDRand:
- res = RndRDRandInit(rndTemp, Context);
+ res = RndRDRandInit(rndTemp, Context, ContextSize);
break;
case RndTypeDtrmHmacSha512:
- res = RndDtrmHmacSha512Init(rndTemp, Context);
+ res = RndDtrmHmacSha512Init(rndTemp, Context, ContextSize);
+ break;
+ case RndTypeOpenSSL:
+ res = RndOpenSSLInit(rndTemp, Context, ContextSize);
+ break;
+ case RndTypeTpm:
+ res = RndTpmInit(rndTemp, Context, ContextSize);
break;
}
if (EFI_ERROR(res)) {
@@ -417,7 +509,7 @@ RndSave(
EFI_STATUS res = EFI_NOT_READY;
DCS_RND_SAVED *RndSaved;
UINT32 crc;
- if (rnd != NULL && rndSaved != NULL && rnd->Type != RndTypeFile) {
+ if (rnd != NULL && rndSaved != NULL && rnd->Type != RndTypeFile && rnd->Type != RndTypeOpenSSL) {
RndSaved = MEM_ALLOC(sizeof(DCS_RND_SAVED));
if (RndSaved != NULL) {
RndSaved->Size = sizeof(DCS_RND_SAVED);
@@ -452,7 +544,7 @@ RndLoad(
if (EFI_ERROR(res) || crc != crcSaved || rndSaved->Sign != gRndHeaderSign) {
return EFI_CRC_ERROR;
}
- res = RndInit(rndSaved->Type, NULL, rndOut);
+ res = RndInit(rndSaved->Type, NULL, 0, rndOut);
if (!EFI_ERROR(res)) {
CopyMem(&((*rndOut)->State), &rndSaved->State, sizeof(DCS_RND_STATE));
}