For Hibernate Signature Verification - HMAC version, I need a hash algorithm in EFI stub environment before ExitBootServices() to mix / mess random seed from different sources (rdtsc, rdrand...) for generating the HMAC key to sign the hibernate image in runtime environment.

There have no any hash functions provides by EFI services, so need implement it in EFI stub. I choice SHA1 to be the target algorithm because currently I choice HMAC-SHA1 to be the algorithm to generate signature of hibernate image.

My plan is just direct porting the sample code in RFC-3174 to EFI stub:

After SHA1 works in EFI stub, then I can use it to generate HMAC key for using by runtime. Even more, I can implement HMAC verification logic in EFI stub to verify the entropy seed that sent from runtime random pool.

Looking for mad skills in:

Nothing? Add some keywords!

This project is part of:

Hack Week 12 Hack Week 11


Be the first to comment!

Similar Projects

This project is one of its kind!