[coreboot-gerrit] Change in coreboot[master]: security/crypto: WIP // Add Pseudo Random Number Generator support

Philipp Deppenwiese (Code Review) gerrit at coreboot.org
Mon Jan 15 15:37:59 CET 2018 

Philipp Deppenwiese has uploaded this change for review. ( https://review.coreboot.org/23277


Change subject: security/crypto: WIP // Add Pseudo Random Number Generator support
......................................................................

security/crypto: WIP // Add Pseudo Random Number Generator support

* Add TRNG interfacing for different implementations (Intel RDRAND/ TPM)
* Add HKDF algorithm as cryptographic secure PRNG (rfc5869).
* Add high level get_random interface.

Change-Id: I59c55b7cb512f0793b4889055fc7749afb525956
Signed-off-by: Philipp Deppenwiese <zaolin at das-labor.org>
---
M src/security/crypto/Kconfig
M src/security/crypto/Makefile.inc
A src/security/crypto/rng.h
A src/security/crypto/rng/hkdf.c
A src/security/crypto/rng/trng.c
5 files changed, 76 insertions(+), 0 deletions(-)



  git pull ssh://review.coreboot.org:29418/coreboot refs/changes/77/23277/1

diff --git a/src/security/crypto/Kconfig b/src/security/crypto/Kconfig
index 4fbb808..834bc69 100644
--- a/src/security/crypto/Kconfig
+++ b/src/security/crypto/Kconfig
@@ -68,4 +68,14 @@
 
 	  If unsure, say N.
 
+config CRYPTO_PRNG
+	bool "PRNG support"
+	default n
+	select CRYPTO_HMAC
+	help
+	  Enable this option to to ensure RSA support.
+	  Currently only signature verification with PKCS#1.5 is supported.
+
+	  If unsure, say N.
+
 endmenu # Cryptographic Primitives
diff --git a/src/security/crypto/Makefile.inc b/src/security/crypto/Makefile.inc
index d4e4b1b..32ecdba 100644
--- a/src/security/crypto/Makefile.inc
+++ b/src/security/crypto/Makefile.inc
@@ -29,3 +29,8 @@
 romstage-$(CONFIG_CRYPTO_RSA) += rsa/rsa.c common/common.c
 ramstage-$(CONFIG_CRYPTO_RSA) += rsa/rsa.c common/common.c
 smm-$(CONFIG_CRYPTO_RSA) += rsa/rsa.c common/common.c
+
+verstage-$(CONFIG_CRYPTO_PRNG) += rng/hkdf.c
+romstage-$(CONFIG_CRYPTO_PRNG) += rng/hkdf.c
+ramstage-$(CONFIG_CRYPTO_PRNG) += rng/hkdf.c
+smm-$(CONFIG_CRYPTO_PRNG) += rng/hkdf.c
diff --git a/src/security/crypto/rng.h b/src/security/crypto/rng.h
new file mode 100644
index 0000000..c6075b8
--- /dev/null
+++ b/src/security/crypto/rng.h
@@ -0,0 +1,11 @@
+
+#include <stdint.h>
+
+#define HKDF_INFO_LENGTH 4
+
+int hkdf_extract(const void *salt, uint32_t salt_length, const void *ikm,
+		 uint32_t ikm_length, uint8_t *prk, size_t prk_length);
+
+int hkdf_expand(const void *prk, uint32_t prk_length,
+		uint8_t info[HKDF_INFO_LENGTH], uint8_t *data,
+		size_t data_length);
diff --git a/src/security/crypto/rng/hkdf.c b/src/security/crypto/rng/hkdf.c
new file mode 100644
index 0000000..1da8bfe
--- /dev/null
+++ b/src/security/crypto/rng/hkdf.c
@@ -0,0 +1,50 @@
+
+
+#include <security/crypto/hmac.h>
+#include <security/crypto/rng.h>
+
+#define HKDF_MESSAGE_LENGTH 40
+
+int hkdf_extract(const void *salt, uint32_t salt_length, const void *ikm,
+		 uint32_t ikm_length, uint8_t *prk, size_t prk_length)
+{
+	int ret;
+
+	if (!salt || !salt_length) {
+		uint8_t zero_salt[SHA256_DIGEST_SIZE] = {0};
+		ret = hmac(HASH_SHA256, zero_salt, SHA256_DIGEST_SIZE, ikm,
+			   ikm_length, prk, prk_length);
+	} else {
+		ret = hmac(HASH_SHA256, salt, salt_length, ikm, ikm_length, prk,
+			   prk_length);
+	}
+
+	return ret;
+}
+
+int hkdf_expand(const void *prk, uint32_t prk_length,
+		uint8_t info[HKDF_INFO_LENGTH], uint8_t *data,
+		size_t data_length)
+{
+	uint32_t i;
+	int ret = 0;
+	uint8_t t[SHA256_DIGEST_SIZE] = {0};
+	uint8_t message[HKDF_MESSAGE_LENGTH] = {0};
+	size_t rounds;
+
+	rounds = (data_length / SHA256_DIGEST_SIZE);
+
+	for (i = 0; i < rounds; i++) {
+		memcpy(message, t, SHA256_DIGEST_SIZE);
+		memcpy(message + SHA256_DIGEST_SIZE, info, HKDF_INFO_LENGTH);
+		memcpy(message + SHA256_DIGEST_SIZE + HKDF_INFO_LENGTH, &i,
+		       HKDF_INFO_LENGTH);
+
+		ret = hmac(HASH_SHA256, prk, prk_length, message,
+			   HKDF_MESSAGE_LENGTH, t, SHA256_DIGEST_SIZE);
+
+		memcpy(data + (i * SHA256_DIGEST_SIZE), t, SHA256_DIGEST_SIZE);
+	}
+
+	return ret;
+}
diff --git a/src/security/crypto/rng/trng.c b/src/security/crypto/rng/trng.c
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/src/security/crypto/rng/trng.c

-- 
To view, visit https://review.coreboot.org/23277
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I59c55b7cb512f0793b4889055fc7749afb525956
Gerrit-Change-Number: 23277
Gerrit-PatchSet: 1
Gerrit-Owner: Philipp Deppenwiese <zaolin.daisuki at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot-gerrit/attachments/20180115/997e2cc2/attachment.html>

More information about the coreboot-gerrit mailing list