diff options
author | Marton Balint <cus@passwd.hu> | 2023-07-02 20:57:47 +0200 |
---|---|---|
committer | Marton Balint <cus@passwd.hu> | 2023-07-16 11:48:31 +0200 |
commit | 36f4e6f8f4c14b3a571815c55d213d095b54df6f (patch) | |
tree | 5287bd09c5889f200f5c2ba65d77c5b02d55c041 | |
parent | 9a7f060c3264fd6042b54834374cd8e3a0169224 (diff) |
avformat/hlsenc: use av_random_bytes() for generating AES128 key
av_random_bytes() can use OS provided strong random functions and does not
depend soley on openssl/gcrypt external libraries.
Fixes ticket #10441.
Signed-off-by: Marton Balint <cus@passwd.hu>
-rwxr-xr-x | configure | 1 | ||||
-rw-r--r-- | libavformat/hlsenc.c | 23 |
2 files changed, 2 insertions, 22 deletions
@@ -3507,7 +3507,6 @@ gxf_muxer_select="pcm_rechunk_bsf" hds_muxer_select="flv_muxer" hls_demuxer_select="adts_header ac3_parser mov_demuxer mpegts_demuxer" hls_muxer_select="mov_muxer mpegts_muxer" -hls_muxer_suggest="gcrypt openssl" image2_alias_pix_demuxer_select="image2_demuxer" image2_brender_pix_demuxer_select="image2_demuxer" imf_demuxer_deps="libxml2" diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c index 1e0848ce3d..27d97f5f72 100644 --- a/libavformat/hlsenc.c +++ b/libavformat/hlsenc.c @@ -27,12 +27,6 @@ #include <unistd.h> #endif -#if CONFIG_GCRYPT -#include <gcrypt.h> -#elif CONFIG_OPENSSL -#include <openssl/rand.h> -#endif - #include "libavutil/avassert.h" #include "libavutil/mathematics.h" #include "libavutil/avstring.h" @@ -40,6 +34,7 @@ #include "libavutil/intreadwrite.h" #include "libavutil/opt.h" #include "libavutil/log.h" +#include "libavutil/random_seed.h" #include "libavutil/time.h" #include "libavutil/time_internal.h" @@ -710,20 +705,6 @@ fail: return ret; } -static int randomize(uint8_t *buf, int len) -{ -#if CONFIG_GCRYPT - gcry_randomize(buf, len, GCRY_VERY_STRONG_RANDOM); - return 0; -#elif CONFIG_OPENSSL - if (RAND_bytes(buf, len)) - return 0; -#else - return AVERROR(ENOSYS); -#endif - return AVERROR(EINVAL); -} - static int do_encrypt(AVFormatContext *s, VariantStream *vs) { HLSContext *hls = s->priv_data; @@ -775,7 +756,7 @@ static int do_encrypt(AVFormatContext *s, VariantStream *vs) if (!*hls->key_string) { AVDictionary *options = NULL; if (!hls->key) { - if ((ret = randomize(key, sizeof(key))) < 0) { + if ((ret = av_random_bytes(key, sizeof(key))) < 0) { av_log(s, AV_LOG_ERROR, "Cannot generate a strong random key\n"); return ret; } |