From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id CF48540131 for ; Tue, 4 Jul 2023 14:37:15 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 6D24D68C526; Tue, 4 Jul 2023 17:37:12 +0300 (EEST) Received: from mail-oi1-f179.google.com (mail-oi1-f179.google.com [209.85.167.179]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 25EED68C58A for ; Tue, 4 Jul 2023 17:37:06 +0300 (EEST) Received: by mail-oi1-f179.google.com with SMTP id 5614622812f47-3a1c162cdfeso3960590b6e.2 for ; Tue, 04 Jul 2023 07:37:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1688481424; x=1691073424; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=NJVm4d+jhXjFhpR8k5TQE0Rmpwe8LD7xwOwOTG/hO28=; b=GXcgCqZOEoWcKImSsmwp5cRecXuzHtm8Cw7PhGdIbEWPKgonayPLqiA7jSXWUTVr+8 5Mtuj7EySaUFnteart3JWNX+2jocF2JHg8My7cVctMVzpMcy8txS/eK0i8anoF2qdt1V gQZmRJUv1ufoLRJikS9SEurJuPKimak1b3ORUFa+W2WdkeZfyUZSAT0Z8228LtFMjd9z rXh/SjlFly+DHv665/o2YEBQlD1xB3zxIL57DbrxEMD/TvhRsKBsC3u0KOVPOJECPdc1 YHtT9JZ4DEmwNparmTE4FtVlf8tntZTcFmTL5IJGvsNs1bpxBsszKQeq9VAQFvhJo8PK ePww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688481424; x=1691073424; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=NJVm4d+jhXjFhpR8k5TQE0Rmpwe8LD7xwOwOTG/hO28=; b=EmOw0VwC+URw4VFi/ERVCfW3B3jY1RYyb/03qUfE5/i31ajWPq+iJ+ORpGmXX3UilM GNS14VYrFEPLqLpGGqTLDcwR4DoqIEshyLlzpz9qL3C19CeBU0sNC6wSh23XK7oaep70 CePZcU0w0Gl0fxrKoxDMbI+zWYwFJ6PEKpNvYs3mp0eo6brCH0J37UMew+zwr3JD6/Zr lkh4iCEk8t3hRfmE/TlxiEkthEYf65poC8lRAnW2K38fkmOYVYeDoQxSq41ny0ZsG6fv FrY0BbmfYUUfC1snHrcnM43YhkWKQ43Z/zMyQd3WvvKend9+8gkZnunTg3j1duLLALc/ 1p5A== X-Gm-Message-State: AC+VfDzRYfgqcpIOY2us5iHBGBWveR8423yWxqQz1MOVszmpywItZ/In AUPoRZRXvn7jXbq4IM64y1V9kOgkg34= X-Google-Smtp-Source: ACHHUZ4A10EChJcgqTkeVes+cclHZgsz4XT/sdY0a8XKWrhHhisSy2bGfIPOzUxbf0gSdMK4ztnL0g== X-Received: by 2002:a05:6808:d4e:b0:3a3:7e8d:b0b with SMTP id w14-20020a0568080d4e00b003a37e8d0b0bmr14511749oik.22.1688481423353; Tue, 04 Jul 2023 07:37:03 -0700 (PDT) Received: from [192.168.0.12] (host197.190-225-105.telecom.net.ar. [190.225.105.197]) by smtp.gmail.com with ESMTPSA id b10-20020aca220a000000b003a3611eb6ddsm6702440oic.19.2023.07.04.07.37.01 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 04 Jul 2023 07:37:02 -0700 (PDT) Message-ID: <4cc08bc5-82a4-d7d1-4183-710676cb36c3@gmail.com> Date: Tue, 4 Jul 2023 11:37:03 -0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Content-Language: en-US To: ffmpeg-devel@ffmpeg.org References: <20230702193010.11654-1-cus@passwd.hu> <54fe8899-d250-8d62-1157-621deb546040@gmail.com> <168841533190.542.8113031316523716543@lain.khirnov.net> <4b0740-7b32-415b-47af-3199463854b@passwd.hu> <168841859463.9711.12513000520212201640@lain.khirnov.net> <20230703235057.GQ1093384@pb2> <168845004614.542.18132678959456829324@lain.khirnov.net> From: James Almer In-Reply-To: <168845004614.542.18132678959456829324@lain.khirnov.net> Subject: Re: [FFmpeg-devel] [PATCH 1/2] avformat/hlsenc: fall back to av_get_random_seed() when generating AES128 key X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: On 7/4/2023 2:54 AM, Anton Khirnov wrote: > Quoting Michael Niedermayer (2023-07-04 01:50:57) >> On Mon, Jul 03, 2023 at 11:09:54PM +0200, Anton Khirnov wrote: >>> Quoting Marton Balint (2023-07-03 22:54:41) >>>> On Mon, 3 Jul 2023, Anton Khirnov wrote: >>>> My patch use av_get_random_seed() which uses what the underlying OS >>>> provides, BCrypt for Windows, /dev/urandom for Linux, arc4random() for >>>> BSD/Mac. >>> >>> IOW it's a jungle of various paths, some of which are not guaranteed to >>> be cryptographically secure. I see no such guarantees for arc4random() >>> from a brief web search, and the fallback get_generic_seed() certainly >>> is not either. Granted it's only used on obscure architectures, but >>> still. >>> >>> The doxy even says >>>> This function tries to provide a good seed at a best effort bases. >>> >>>> You really think that these are significantly worse than >>>> OpenSSL/GCrypt, so it should not be allowed to fallback to? >>> >>> I think we should be using cryptographically secure PRNG for generating >>> encryption keys, or fail when they are not available. If you want to get >>> rid of the openssl dependency, IMO the best solution is a new >>> int av_random(uint8_t* buf, size_t len); >>> that guarantees either cryptographically secure randomness or an error. >> >> "guarantees cryptographically secure randomness" ? >> If one defined "cryptographically secure" as "not broken publically as of today" >> >> Iam saying that as i think "guarantees" can be misleading in what it means > > I feel your snark is very much misplaced. > > I recall way more instances of broken crypto caused by overconfident > non-experts with an attitude like yours ("those silly crypto libraries, > broken all the time, how hard can it be really") than by actual > vulnerabilities in actual crypto libraries. > > In fact the highest-profile break I remember (Debian key entropy bug) > was caused precisely by non-experts fiddling with code they did not > understand. Maybe the gcrypt and openssl API calls used here can instead be moved to av_get_random_seed(), which would reduce (or outright remove) the cases /dev/random or get_generic_seed() are called and result in essentially no changes to this functionality here? _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".