From: James Almer <jamrial@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Subject: [FFmpeg-devel] [PATCH v4 2/4] avutil/random_seed: add av_random_bytes()
Date: Wed, 5 Jul 2023 09:12:47 -0300
Message-ID: <20230705121247.1235-1-jamrial@gmail.com> (raw)
In-Reply-To: <168855266183.542.7703623237832964766@lain.khirnov.net>
Uses the existing code for av_get_random_seed() to return a buffer with
cryptographically secure random data, or an error if none could be generated.
Signed-off-by: James Almer <jamrial@gmail.com>
---
libavutil/random_seed.c | 33 ++++++++++++++++++++++-----------
libavutil/random_seed.h | 13 +++++++++++++
2 files changed, 35 insertions(+), 11 deletions(-)
diff --git a/libavutil/random_seed.c b/libavutil/random_seed.c
index a51149235b..f5c291263e 100644
--- a/libavutil/random_seed.c
+++ b/libavutil/random_seed.c
@@ -46,7 +46,7 @@
#define TEST 0
#endif
-static int read_random(uint32_t *dst, const char *file)
+static int read_random(uint8_t *dst, size_t len, const char *file)
{
#if HAVE_UNISTD_H
FILE *fp = avpriv_fopen_utf8(file, "r");
@@ -54,10 +54,10 @@ static int read_random(uint32_t *dst, const char *file)
if (!fp)
return AVERROR_UNKNOWN;
- err = fread(dst, 1, sizeof(*dst), fp);
+ err = fread(dst, 1, len, fp);
fclose(fp);
- if (err != sizeof(*dst))
+ if (err != len)
return AVERROR_UNKNOWN;
return 0;
@@ -121,27 +121,38 @@ static uint32_t get_generic_seed(void)
return AV_RB32(digest) + AV_RB32(digest + 16);
}
-uint32_t av_get_random_seed(void)
+int av_random_bytes(uint8_t* buf, size_t len)
{
- uint32_t seed;
+ int err;
#if HAVE_BCRYPT
BCRYPT_ALG_HANDLE algo_handle;
NTSTATUS ret = BCryptOpenAlgorithmProvider(&algo_handle, BCRYPT_RNG_ALGORITHM,
MS_PRIMITIVE_PROVIDER, 0);
if (BCRYPT_SUCCESS(ret)) {
- NTSTATUS ret = BCryptGenRandom(algo_handle, (UCHAR*)&seed, sizeof(seed), 0);
+ NTSTATUS ret = BCryptGenRandom(algo_handle, (PUCHAR)buf, len, 0);
BCryptCloseAlgorithmProvider(algo_handle, 0);
if (BCRYPT_SUCCESS(ret))
- return seed;
+ return 0;
}
#endif
#if HAVE_ARC4RANDOM
- return arc4random();
+ arc4random_buf(buf, len);
+ return 0;
#endif
- if (!read_random(&seed, "/dev/urandom"))
- return seed;
- return get_generic_seed();
+ err = read_random(buf, len, "/dev/urandom");
+
+ return err;
+}
+
+uint32_t av_get_random_seed(void)
+{
+ uint32_t seed;
+
+ if (av_random_bytes((uint8_t *)&seed, sizeof(seed)) < 0)
+ return get_generic_seed();
+
+ return seed;
}
diff --git a/libavutil/random_seed.h b/libavutil/random_seed.h
index 0462a048e0..e67e6e38c4 100644
--- a/libavutil/random_seed.h
+++ b/libavutil/random_seed.h
@@ -36,6 +36,19 @@
*/
uint32_t av_get_random_seed(void);
+/**
+ * Generate cryptographically secure random data, i.e. suitable for use as
+ * encryption keys and similar.
+ *
+ * @param buf buffer into which the random data will be written
+ * @param len size of buf in bytes
+ *
+ * @retval 0 success, len bytes of random data was written
+ * into buf
+ * @retval "a negative AVERROR code" random data could not be generated
+ */
+int av_random_bytes(uint8_t *buf, size_t len);
+
/**
* @}
*/
--
2.41.0
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2023-07-05 12:13 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-04 23:26 [FFmpeg-devel] [PATCH v3 1/3] avutil/random_seed: use fread() in read_random() James Almer
2023-07-04 23:26 ` [FFmpeg-devel] [PATCH v3 2/3] avutil/random_seed: add av_random_bytes() James Almer
2023-07-05 10:24 ` Anton Khirnov
2023-07-05 12:12 ` James Almer [this message]
2023-07-05 12:46 ` [FFmpeg-devel] [PATCH v4 2/4] " Anton Khirnov
2023-07-05 13:24 ` James Almer
2023-07-04 23:26 ` [FFmpeg-devel] [PATCH v3 3/3] avutil/random_seed: add support for gcrypt and OpenSSL as source of randomness James Almer
2023-07-05 12:56 ` Anton Khirnov
2023-07-05 13:03 ` James Almer
2023-07-06 7:52 ` Anton Khirnov
2023-07-06 17:03 ` James Almer
2023-07-06 17:56 ` Marton Balint
2023-07-06 18:36 ` James Almer
2023-07-05 12:43 ` [FFmpeg-devel] [PATCH v3 1/3] avutil/random_seed: use fread() in read_random() Anton Khirnov
2023-07-05 13:24 ` James Almer
2023-07-05 15:34 ` Rémi Denis-Courmont
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230705121247.1235-1-jamrial@gmail.com \
--to=jamrial@gmail.com \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git