On Mon, 3 Jul 2023, James Almer wrote:
On 7/2/2023 4:30 PM, Marton Balint wrote:It should be OK to use av_get_random_seed() to generate the key instead of using openSSL/Gcrypt functions. This removes the hard dependancy of those libs for key generation functionality. Fixes ticket #10441. Signed-off-by: Marton Balint <c...@passwd.hu> --- libavformat/hlsenc.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c index 1e0848ce3d..0b22c71186 100644 --- a/libavformat/hlsenc.c +++ b/libavformat/hlsenc.c @@ -40,6 +40,7 @@ #include "libavutil/intreadwrite.h" #include "libavutil/opt.h" #include "libavutil/log.h" +#include "libavutil/random_seed.h" #include "libavutil/time.h" #include "libavutil/time_internal.h" @@ -710,18 +711,18 @@ fail: return ret; } -static int randomize(uint8_t *buf, int len) +static void randomize(uint8_t *buf, int len) { #if CONFIG_GCRYPT gcry_randomize(buf, len, GCRY_VERY_STRONG_RANDOM); - return 0; + return; #elif CONFIG_OPENSSL if (RAND_bytes(buf, len)) - return 0; -#else - return AVERROR(ENOSYS); + return; #endif - return AVERROR(EINVAL); + av_assert0(len % 4 == 0); + for (int i = 0; i < len; i += 4) + AV_WB32(buf + i, av_get_random_seed());Maybe instead use a PRNG, like the following: AVLFG c; av_lfg_init(&c, av_get_random_seed()); for (int i = 0; i < len; i += 4) AV_WB32(buf + i, av_lfg_get(&c));
If randomize() were to be used for arbitrary lengths, I'd agree, but here it is only used for key generation (only 128-bit keys in the current code), so I think av_get_random_seed() for the whole keysize is fine, and more secure.
Regards, Marton _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
