avformat/hlsenc: use av_random_bytes() for generating AES128 key

av_random_bytes() can use OS provided strong random functions and does not
depend soley on openssl/gcrypt external libraries.

Fixes ticket #10441.

Signed-off-by: Marton Balint <cus@passwd.hu>
pull/389/head
Marton Balint 1 year ago
parent 9a7f060c32
commit 36f4e6f8f4
  1. 1
      configure
  2. 23
      libavformat/hlsenc.c

1
configure vendored

@ -3507,7 +3507,6 @@ gxf_muxer_select="pcm_rechunk_bsf"
hds_muxer_select="flv_muxer"
hls_demuxer_select="adts_header ac3_parser mov_demuxer mpegts_demuxer"
hls_muxer_select="mov_muxer mpegts_muxer"
hls_muxer_suggest="gcrypt openssl"
image2_alias_pix_demuxer_select="image2_demuxer"
image2_brender_pix_demuxer_select="image2_demuxer"
imf_demuxer_deps="libxml2"

@ -27,12 +27,6 @@
#include <unistd.h>
#endif
#if CONFIG_GCRYPT
#include <gcrypt.h>
#elif CONFIG_OPENSSL
#include <openssl/rand.h>
#endif
#include "libavutil/avassert.h"
#include "libavutil/mathematics.h"
#include "libavutil/avstring.h"
@ -40,6 +34,7 @@
#include "libavutil/intreadwrite.h"
#include "libavutil/opt.h"
#include "libavutil/log.h"
#include "libavutil/random_seed.h"
#include "libavutil/time.h"
#include "libavutil/time_internal.h"
@ -710,20 +705,6 @@ fail:
return ret;
}
static int randomize(uint8_t *buf, int len)
{
#if CONFIG_GCRYPT
gcry_randomize(buf, len, GCRY_VERY_STRONG_RANDOM);
return 0;
#elif CONFIG_OPENSSL
if (RAND_bytes(buf, len))
return 0;
#else
return AVERROR(ENOSYS);
#endif
return AVERROR(EINVAL);
}
static int do_encrypt(AVFormatContext *s, VariantStream *vs)
{
HLSContext *hls = s->priv_data;
@ -775,7 +756,7 @@ static int do_encrypt(AVFormatContext *s, VariantStream *vs)
if (!*hls->key_string) {
AVDictionary *options = NULL;
if (!hls->key) {
if ((ret = randomize(key, sizeof(key))) < 0) {
if ((ret = av_random_bytes(key, sizeof(key))) < 0) {
av_log(s, AV_LOG_ERROR, "Cannot generate a strong random key\n");
return ret;
}

Loading…
Cancel
Save