Skip to content

Commit

Permalink
avutil/random_seed: add av_random_bytes()
Browse files Browse the repository at this point in the history 
Uses the existing code for av_get_random_seed() to return a buffer with
cryptographically secure random data, or an error if none could be generated.

Signed-off-by: James Almer <jamrial@gmail.com>
  • Loading branch information
@jamrial
jamrial committed Jul 5, 2023
1 parent 7a1128c commit d694c25
Show file tree
Hide file tree
Showing 4 changed files with 40 additions and 13 deletions.
3 changes: 3 additions & 0 deletions doc/APIchanges
View file
Expand Up @@ -2,6 +2,9 @@ The last version increases of all libraries were on 2023-02-09

API changes, most recent first:

2023-07-05 - xxxxxxxxxx - lavu 58.14.100 - random_seed.h
Add av_random_bytes()

2023-05-29 - xxxxxxxxxx - lavc 60.16.100 - avcodec.h codec_id.h
Add AV_CODEC_ID_EVC, FF_PROFILE_EVC_BASELINE, and FF_PROFILE_EVC_MAIN.

Expand Down
33 changes: 22 additions & 11 deletions libavutil/random_seed.c
View file
Expand Up @@ -46,18 +46,18 @@
#define TEST 0
#endif

static int read_random(uint32_t *dst, const char *file)
static int read_random(uint8_t *dst, size_t len, const char *file)
{
#if HAVE_UNISTD_H
FILE *fp = avpriv_fopen_utf8(file, "r");
size_t err;

if (!fp)
return AVERROR_UNKNOWN;
err = fread(dst, 1, sizeof(*dst), fp);
err = fread(dst, 1, len, fp);
fclose(fp);

if (err != sizeof(*dst))
if (err != len)
return AVERROR_UNKNOWN;

return 0;
Expand Down Expand Up @@ -121,27 +121,38 @@ static uint32_t get_generic_seed(void)
return AV_RB32(digest) + AV_RB32(digest + 16);
}

uint32_t av_get_random_seed(void)
int av_random_bytes(uint8_t* buf, size_t len)
{
uint32_t seed;
int err;

#if HAVE_BCRYPT
BCRYPT_ALG_HANDLE algo_handle;
NTSTATUS ret = BCryptOpenAlgorithmProvider(&algo_handle, BCRYPT_RNG_ALGORITHM,
MS_PRIMITIVE_PROVIDER, 0);
if (BCRYPT_SUCCESS(ret)) {
NTSTATUS ret = BCryptGenRandom(algo_handle, (UCHAR*)&seed, sizeof(seed), 0);
NTSTATUS ret = BCryptGenRandom(algo_handle, (PUCHAR)buf, len, 0);
BCryptCloseAlgorithmProvider(algo_handle, 0);
if (BCRYPT_SUCCESS(ret))
return seed;
return 0;
}
#endif

#if HAVE_ARC4RANDOM
return arc4random();
arc4random_buf(buf, len);
return 0;
#endif

if (!read_random(&seed, "/dev/urandom"))
return seed;
return get_generic_seed();
err = read_random(buf, len, "/dev/urandom");

return err;
}

uint32_t av_get_random_seed(void)
{
uint32_t seed;

if (av_random_bytes((uint8_t *)&seed, sizeof(seed)) < 0)
return get_generic_seed();

return seed;
}
13 changes: 13 additions & 0 deletions libavutil/random_seed.h
View file
Expand Up @@ -36,6 +36,19 @@
*/
uint32_t av_get_random_seed(void);

/**
* Generate cryptographically secure random data, i.e. suitable for use as
* encryption keys and similar.
*
* @param buf buffer into which the random data will be written
* @param len size of buf in bytes
*
* @retval 0 success, len bytes of random data was written
* into buf
* @retval "a negative AVERROR code" random data could not be generated
*/
int av_random_bytes(uint8_t *buf, size_t len);

/**
* @}
*/
Expand Down
4 changes: 2 additions & 2 deletions libavutil/version.h
View file
Expand Up @@ -79,8 +79,8 @@
*/

#define LIBAVUTIL_VERSION_MAJOR 58
#define LIBAVUTIL_VERSION_MINOR 13
#define LIBAVUTIL_VERSION_MICRO 101
#define LIBAVUTIL_VERSION_MINOR 14
#define LIBAVUTIL_VERSION_MICRO 100

#define LIBAVUTIL_VERSION_INT AV_VERSION_INT(LIBAVUTIL_VERSION_MAJOR, \
LIBAVUTIL_VERSION_MINOR, \
Expand Down

0 comments on commit d694c25

Please sign in to comment.