avutil/random_seed: add av_random_bytes()

Uses the existing code for av_get_random_seed() to return a buffer with
cryptographically secure random data, or an error if none could be generated.

Signed-off-by: James Almer <jamrial@gmail.com>
This commit is contained in:
James Almer 2023-07-04 19:46:32 -03:00
parent 7a1128ca07
commit d694c25b44
4 changed files with 40 additions and 13 deletions

View File

@ -2,6 +2,9 @@ The last version increases of all libraries were on 2023-02-09
API changes, most recent first:
2023-07-05 - xxxxxxxxxx - lavu 58.14.100 - random_seed.h
Add av_random_bytes()
2023-05-29 - xxxxxxxxxx - lavc 60.16.100 - avcodec.h codec_id.h
Add AV_CODEC_ID_EVC, FF_PROFILE_EVC_BASELINE, and FF_PROFILE_EVC_MAIN.

View File

@ -46,7 +46,7 @@
#define TEST 0
#endif
static int read_random(uint32_t *dst, const char *file)
static int read_random(uint8_t *dst, size_t len, const char *file)
{
#if HAVE_UNISTD_H
FILE *fp = avpriv_fopen_utf8(file, "r");
@ -54,10 +54,10 @@ static int read_random(uint32_t *dst, const char *file)
if (!fp)
return AVERROR_UNKNOWN;
err = fread(dst, 1, sizeof(*dst), fp);
err = fread(dst, 1, len, fp);
fclose(fp);
if (err != sizeof(*dst))
if (err != len)
return AVERROR_UNKNOWN;
return 0;
@ -121,27 +121,38 @@ static uint32_t get_generic_seed(void)
return AV_RB32(digest) + AV_RB32(digest + 16);
}
uint32_t av_get_random_seed(void)
int av_random_bytes(uint8_t* buf, size_t len)
{
uint32_t seed;
int err;
#if HAVE_BCRYPT
BCRYPT_ALG_HANDLE algo_handle;
NTSTATUS ret = BCryptOpenAlgorithmProvider(&algo_handle, BCRYPT_RNG_ALGORITHM,
MS_PRIMITIVE_PROVIDER, 0);
if (BCRYPT_SUCCESS(ret)) {
NTSTATUS ret = BCryptGenRandom(algo_handle, (UCHAR*)&seed, sizeof(seed), 0);
NTSTATUS ret = BCryptGenRandom(algo_handle, (PUCHAR)buf, len, 0);
BCryptCloseAlgorithmProvider(algo_handle, 0);
if (BCRYPT_SUCCESS(ret))
return seed;
return 0;
}
#endif
#if HAVE_ARC4RANDOM
return arc4random();
arc4random_buf(buf, len);
return 0;
#endif
if (!read_random(&seed, "/dev/urandom"))
return seed;
return get_generic_seed();
err = read_random(buf, len, "/dev/urandom");
return err;
}
uint32_t av_get_random_seed(void)
{
uint32_t seed;
if (av_random_bytes((uint8_t *)&seed, sizeof(seed)) < 0)
return get_generic_seed();
return seed;
}

View File

@ -36,6 +36,19 @@
*/
uint32_t av_get_random_seed(void);
/**
* Generate cryptographically secure random data, i.e. suitable for use as
* encryption keys and similar.
*
* @param buf buffer into which the random data will be written
* @param len size of buf in bytes
*
* @retval 0 success, len bytes of random data was written
* into buf
* @retval "a negative AVERROR code" random data could not be generated
*/
int av_random_bytes(uint8_t *buf, size_t len);
/**
* @}
*/

View File

@ -79,8 +79,8 @@
*/
#define LIBAVUTIL_VERSION_MAJOR 58
#define LIBAVUTIL_VERSION_MINOR 13
#define LIBAVUTIL_VERSION_MICRO 101
#define LIBAVUTIL_VERSION_MINOR 14
#define LIBAVUTIL_VERSION_MICRO 100
#define LIBAVUTIL_VERSION_INT AV_VERSION_INT(LIBAVUTIL_VERSION_MAJOR, \
LIBAVUTIL_VERSION_MINOR, \