You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132
  1. /*
  2. * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
  3. *
  4. * This program is free software; you can redistribute it and/or
  5. * modify it under the terms of the GNU General Public License as
  6. * published by the Free Software Foundation; either version 2 of the
  7. * License, or any later version.
  8. *
  9. * This program is distributed in the hope that it will be useful, but
  10. * WITHOUT ANY WARRANTY; without even the implied warranty of
  11. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  12. * General Public License for more details.
  13. *
  14. * You should have received a copy of the GNU General Public License
  15. * along with this program; if not, write to the Free Software
  16. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  17. * 02110-1301, USA.
  18. *
  19. * You can also choose to distribute this program under the terms of
  20. * the Unmodified Binary Distribution Licence (as given in the file
  21. * COPYING.UBDL), provided that you have satisfied its requirements.
  22. *
  23. * Alternatively, you may distribute this code in source or binary
  24. * form, with or without modification, provided that the following
  25. * conditions are met:
  26. *
  27. * 1. Redistributions of source code must retain the above copyright
  28. * notice, this list of conditions and the above disclaimer.
  29. *
  30. * 2. Redistributions in binary form must reproduce the above
  31. * copyright notice, this list of conditions and the above
  32. * disclaimer in the documentation and/or other materials provided
  33. * with the distribution.
  34. */
  35. FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  36. /** @file
  37. *
  38. * RBG mechanism
  39. *
  40. * This mechanism is designed to comply with ANS X9.82 Part 4 (April
  41. * 2011 Draft) Section 10. This standard is unfortunately not freely
  42. * available.
  43. *
  44. * The chosen RBG design is that of a DRBG with a live entropy source
  45. * with no conditioning function. Only a single security strength is
  46. * supported. No seedfile is used since there may be no non-volatile
  47. * storage available. The system UUID is used as the personalisation
  48. * string.
  49. */
  50. #include <stdint.h>
  51. #include <string.h>
  52. #include <ipxe/init.h>
  53. #include <ipxe/settings.h>
  54. #include <ipxe/uuid.h>
  55. #include <ipxe/crypto.h>
  56. #include <ipxe/drbg.h>
  57. #include <ipxe/rbg.h>
  58. /** The RBG */
  59. struct random_bit_generator rbg;
  60. /**
  61. * Start up RBG
  62. *
  63. * @ret rc Return status code
  64. *
  65. * This is the RBG_Startup function defined in ANS X9.82 Part 4 (April
  66. * 2011 Draft) Section 9.1.2.2.
  67. */
  68. static int rbg_startup ( void ) {
  69. union uuid uuid;
  70. int len;
  71. int rc;
  72. /* Try to obtain system UUID for use as personalisation
  73. * string, in accordance with ANS X9.82 Part 3-2007 Section
  74. * 8.5.2. If no UUID is available, proceed without a
  75. * personalisation string.
  76. */
  77. if ( ( len = fetch_uuid_setting ( NULL, &uuid_setting, &uuid ) ) < 0 ) {
  78. rc = len;
  79. DBGC ( &rbg, "RBG could not fetch personalisation string: "
  80. "%s\n", strerror ( rc ) );
  81. len = 0;
  82. }
  83. /* Instantiate DRBG */
  84. if ( ( rc = drbg_instantiate ( &rbg.state, &uuid, len ) ) != 0 ) {
  85. DBGC ( &rbg, "RBG could not instantiate DRBG: %s\n",
  86. strerror ( rc ) );
  87. return rc;
  88. }
  89. return 0;
  90. }
  91. /**
  92. * Shut down RBG
  93. *
  94. */
  95. static void rbg_shutdown ( void ) {
  96. /* Uninstantiate DRBG */
  97. drbg_uninstantiate ( &rbg.state );
  98. }
  99. /** RBG startup function */
  100. static void rbg_startup_fn ( void ) {
  101. /* Start up RBG. There is no way to report an error at this
  102. * stage, but a failed startup will result in an invalid DRBG
  103. * that refuses to generate bits.
  104. */
  105. rbg_startup();
  106. }
  107. /** RBG shutdown function */
  108. static void rbg_shutdown_fn ( int booting __unused ) {
  109. /* Shut down RBG */
  110. rbg_shutdown();
  111. }
  112. /** RBG startup table entry */
  113. struct startup_fn startup_rbg __startup_fn ( STARTUP_NORMAL ) = {
  114. .name = "rbg",
  115. .startup = rbg_startup_fn,
  116. .shutdown = rbg_shutdown_fn,
  117. };