Quoting Marton Balint (2023-07-03 22:54:41) > On Mon, 3 Jul 2023, Anton Khirnov wrote: > My patch use av_get_random_seed() which uses what the underlying OS > provides, BCrypt for Windows, /dev/urandom for Linux, arc4random() for > BSD/Mac.
IOW it's a jungle of various paths, some of which are not guaranteed to be cryptographically secure. I see no such guarantees for arc4random() from a brief web search, and the fallback get_generic_seed() certainly is not either. Granted it's only used on obscure architectures, but still. The doxy even says > This function tries to provide a good seed at a best effort bases. > You really think that these are significantly worse than > OpenSSL/GCrypt, so it should not be allowed to fallback to? I think we should be using cryptographically secure PRNG for generating encryption keys, or fail when they are not available. If you want to get rid of the openssl dependency, IMO the best solution is a new int av_random(uint8_t* buf, size_t len); that guarantees either cryptographically secure randomness or an error. -- Anton Khirnov _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
