[FFmpeg-devel] [PATCH 1/2] avformat/hlsenc: fall back to av_get_random_seed() when generating AES128 key

Steven Liu lingjiujianke at gmail.com
Mon Jul 3 05:20:48 EEST 2023 

Marton Balint <cus at passwd.hu> 于2023年7月3日周一 03:30写道:
>
> It should be OK to use av_get_random_seed() to generate the key instead of
> using openSSL/Gcrypt functions. This removes the hard dependancy of those libs
> for key generation functionality.
>
> Fixes ticket #10441.
>
> Signed-off-by: Marton Balint <cus at passwd.hu>
> ---
>  libavformat/hlsenc.c | 18 ++++++++----------
>  1 file changed, 8 insertions(+), 10 deletions(-)
>
> diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c
> index 1e0848ce3d..0b22c71186 100644
> --- a/libavformat/hlsenc.c
> +++ b/libavformat/hlsenc.c
> @@ -40,6 +40,7 @@
>  #include "libavutil/intreadwrite.h"
>  #include "libavutil/opt.h"
>  #include "libavutil/log.h"
> +#include "libavutil/random_seed.h"
>  #include "libavutil/time.h"
>  #include "libavutil/time_internal.h"
>
> @@ -710,18 +711,18 @@ fail:
>      return ret;
>  }
>
> -static int randomize(uint8_t *buf, int len)
> +static void randomize(uint8_t *buf, int len)
>  {
>  #if CONFIG_GCRYPT
>      gcry_randomize(buf, len, GCRY_VERY_STRONG_RANDOM);
> -    return 0;
> +    return;
>  #elif CONFIG_OPENSSL
>      if (RAND_bytes(buf, len))
> -        return 0;
> -#else
> -    return AVERROR(ENOSYS);
> +        return;
>  #endif
> -    return AVERROR(EINVAL);
> +    av_assert0(len % 4 == 0);
> +    for (int i = 0; i < len; i += 4)
> +        AV_WB32(buf + i, av_get_random_seed());
>  }
>
>  static int do_encrypt(AVFormatContext *s, VariantStream *vs)
> @@ -775,10 +776,7 @@ static int do_encrypt(AVFormatContext *s, VariantStream *vs)
>      if (!*hls->key_string) {
>          AVDictionary *options = NULL;
>          if (!hls->key) {
> -            if ((ret = randomize(key, sizeof(key))) < 0) {
> -                av_log(s, AV_LOG_ERROR, "Cannot generate a strong random key\n");
> -                return ret;
> -            }
> +            randomize(key, sizeof(key));
>          } else {
>              memcpy(key, hls->key, sizeof(key));
>          }
Hi Marton,

Should remove braces too. I cannot sure how to make it more simpler as
!hls->key ?  randomize(key, sizeof(key)) : memcpy(key, hls->key,
sizeof(key)); ?


Thanks
Steven

More information about the ffmpeg-devel mailing list