rtmpdh: Generate the whole private exponent using av_get_random_seed() with nettle/gmp

Don't use a PRNG for generating it; that defies the intended use within the cryptograhic handshake. Signed-off-by: Martin Storsjö <martin@martin.st>
2025-08-10 06:10:52 +02:00 · 2015-05-29 10:14:39 +03:00
parent e9e86d9ef6
commit b2f0f37d24
1 changed files with 9 additions and 7 deletions
--- a/libavformat/rtmpdh.c
+++ b/libavformat/rtmpdh.c
@@ -83,11 +83,13 @@
 #define bn_modexp(bn, y, q, p)      mpz_powm(bn, y, q, p)
 #define bn_random(bn, num_bits)                       \
    do {                                              \
-        gmp_randstate_t rs;                         \
-        gmp_randinit_mt(rs);                        \
-        gmp_randseed_ui(rs, av_get_random_seed());  \
-        mpz_urandomb(bn, rs, num_bits);             \
-        gmp_randclear(rs);                          \
+        int bits = num_bits;                          \
+        mpz_set_ui(bn, 0);                            \
+        for (bits = num_bits; bits > 0; bits -= 32) { \
+            mpz_mul_2exp(bn, bn, 32);                 \
+            mpz_add_ui(bn, bn, av_get_random_seed()); \
+        }                                             \
+        mpz_fdiv_r_2exp(bn, bn, num_bits);            \
    } while (0)
 #elif CONFIG_GCRYPT
 #define bn_new(bn)                  bn = gcry_mpi_new(1)