/src/ffmpeg/libavutil/random_seed.c

Source
/*
 * Copyright (c) 2009 Baptiste Coudurier <baptiste.coudurier@gmail.com>
 *
 * This file is part of FFmpeg.
 *
 * FFmpeg is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * FFmpeg is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with FFmpeg; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#include "config.h"

#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_IO_H
#include <io.h>
#endif
#if HAVE_BCRYPT
#include <windows.h>
#include <bcrypt.h>
#endif
#if CONFIG_GCRYPT
#include <gcrypt.h>
#elif CONFIG_OPENSSL
#include <openssl/rand.h>
#endif
#include <fcntl.h>
#include <math.h>
#include <time.h>
#include <string.h>
#include "avassert.h"
#include "file_open.h"
#include "internal.h"
#include "intreadwrite.h"
#include "timer.h"
#include "random_seed.h"
#include "sha.h"

#ifndef TEST
#define TEST 0
#endif

static int read_random(uint8_t *dst, size_t len, const char *file)
{
#if HAVE_UNISTD_H
    FILE *fp = avpriv_fopen_utf8(file, "r");
    size_t err;

    if (!fp)
        return AVERROR_UNKNOWN;
    setvbuf(fp, NULL, _IONBF, 0);
    err = fread(dst, 1, len, fp);
    fclose(fp);

    if (err != len)
        return AVERROR_UNKNOWN;

    return 0;
#else
    return AVERROR(ENOSYS);
#endif
}

static uint32_t get_generic_seed(void)
{
    uint64_t tmp[120/8];
    struct AVSHA *sha = (void*)tmp;
    clock_t last_t  = 0;
    clock_t last_td = 0;
    clock_t init_t = 0;
    static uint64_t i = 0;
    static uint32_t buffer[512] = { 0 };
    unsigned char digest[20];
    uint64_t last_i = i;
    int repeats[3] = { 0 };

    av_assert0(sizeof(tmp) >= av_sha_size);

    if(TEST){
        memset(buffer, 0, sizeof(buffer));
        last_i = i = 0;
    }else{
#ifdef AV_READ_TIME
        buffer[13] ^= AV_READ_TIME();
        buffer[41] ^= AV_READ_TIME()>>32;
#endif
    }

    for (;;) {
        clock_t t = clock();
        int incremented_i = 0;
        int cur_td = t - last_t;
        if (last_t + 2*last_td + (CLOCKS_PER_SEC > 1000) < t) {
            // If the timer incremented by more than 2*last_td at once,
            // we may e.g. have had a context switch. If the timer resolution
            // is high (CLOCKS_PER_SEC > 1000), require that the timer
            // incremented by more than 1. If the timer resolution is low,
            // it is enough that the timer incremented at all.
            buffer[++i & 511] += cur_td % 3294638521U;
            incremented_i = 1;
        } else if (t != last_t && repeats[0] > 0 && repeats[1] > 0 &&
                   repeats[2] > 0 && repeats[0] != repeats[1] &&
                   repeats[0] != repeats[2]) {
            // If the timer resolution is high, and we get the same timer
            // value multiple times, use variances in the number of repeats
            // of each timer value as entropy. If we get a different number of
            // repeats than the last two unique cases, count that as entropy
            // and proceed to the next index.
            buffer[++i & 511] += (repeats[0] + repeats[1] + repeats[2]) % 3294638521U;
            incremented_i = 1;
        } else {
            buffer[i & 511] = 1664525*buffer[i & 511] + 1013904223 + (cur_td % 3294638521U);
        }
        if (incremented_i && (t - init_t) >= CLOCKS_PER_SEC>>5) {
            if (last_i && i - last_i > 4 || i - last_i > 64 || TEST && i - last_i > 8)
                break;
        }
        if (t == last_t) {
            repeats[0]++;
        } else {
            // If we got a new unique number of repeats, update the history.
            if (repeats[0] != repeats[1]) {
                repeats[2] = repeats[1];
                repeats[1] = repeats[0];
            }
            repeats[0] = 0;
        }
        last_t = t;
        last_td = cur_td;
        if (!init_t)
            init_t = t;
    }

    if(TEST) {
        buffer[0] = buffer[1] = 0;
    } else {
#ifdef AV_READ_TIME
        buffer[111] += AV_READ_TIME();
#endif
    }

    av_sha_init(sha, 160);
    av_sha_update(sha, (const uint8_t *)buffer, sizeof(buffer));
    av_sha_final(sha, digest);
    return AV_RB32(digest) + AV_RB32(digest + 16);
}

int av_random_bytes(uint8_t* buf, size_t len)
{
    int err;

#if HAVE_BCRYPT
    BCRYPT_ALG_HANDLE algo_handle;
    NTSTATUS ret = BCryptOpenAlgorithmProvider(&algo_handle, BCRYPT_RNG_ALGORITHM,
                                               MS_PRIMITIVE_PROVIDER, 0);
    if (BCRYPT_SUCCESS(ret)) {
        NTSTATUS ret = BCryptGenRandom(algo_handle, (PUCHAR)buf, len, 0);
        BCryptCloseAlgorithmProvider(algo_handle, 0);
        if (BCRYPT_SUCCESS(ret))
            return 0;
    }
#endif

#if HAVE_ARC4RANDOM_BUF
    arc4random_buf(buf, len);
    return 0;
#endif

    err = read_random(buf, len, "/dev/urandom");
    if (!err)
        return err;

#if CONFIG_GCRYPT
    gcry_randomize(buf, len, GCRY_VERY_STRONG_RANDOM);
    return 0;
#elif CONFIG_OPENSSL
    if (RAND_bytes(buf, len) == 1)
        return 0;
    return AVERROR_EXTERNAL;
#else
    return err;
#endif
}

uint32_t av_get_random_seed(void)
{
    uint32_t seed;

    if (av_random_bytes((uint8_t *)&seed, sizeof(seed)) < 0)
        return get_generic_seed();

    return seed;
}

Coverage Report

Created: 2026-01-25 07:18

Line	Count	Source
1		/*
2		* Copyright (c) 2009 Baptiste Coudurier <baptiste.coudurier@gmail.com>
3		*
4		* This file is part of FFmpeg.
5		*
6		* FFmpeg is free software; you can redistribute it and/or
7		* modify it under the terms of the GNU Lesser General Public
8		* License as published by the Free Software Foundation; either
9		* version 2.1 of the License, or (at your option) any later version.
10		*
11		* FFmpeg is distributed in the hope that it will be useful,
12		* but WITHOUT ANY WARRANTY; without even the implied warranty of
13		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14		* Lesser General Public License for more details.
15		*
16		* You should have received a copy of the GNU Lesser General Public
17		* License along with FFmpeg; if not, write to the Free Software
18		* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19		*/
20
21		#include "config.h"
22
23		#if HAVE_UNISTD_H
24		#include <unistd.h>
25		#endif
26		#if HAVE_IO_H
27		#include <io.h>
28		#endif
29		#if HAVE_BCRYPT
30		#include <windows.h>
31		#include <bcrypt.h>
32		#endif
33		#if CONFIG_GCRYPT
34		#include <gcrypt.h>
35		#elif CONFIG_OPENSSL
36		#include <openssl/rand.h>
37		#endif
38		#include <fcntl.h>
39		#include <math.h>
40		#include <time.h>
41		#include <string.h>
42		#include "avassert.h"
43		#include "file_open.h"
44		#include "internal.h"
45		#include "intreadwrite.h"
46		#include "timer.h"
47		#include "random_seed.h"
48		#include "sha.h"
49
50		#ifndef TEST
51	0	#define TEST 0
52		#endif
53
54		static int read_random(uint8_t dst, size_t len, const char file)
55	0	{
56	0	#if HAVE_UNISTD_H
57	0	FILE *fp = avpriv_fopen_utf8(file, "r");
58	0	size_t err;
59
60	0	if (!fp)
61	0	return AVERROR_UNKNOWN;
62	0	setvbuf(fp, NULL, _IONBF, 0);
63	0	err = fread(dst, 1, len, fp);
64	0	fclose(fp);
65
66	0	if (err != len)
67	0	return AVERROR_UNKNOWN;
68
69	0	return 0;
70		#else
71		return AVERROR(ENOSYS);
72		#endif
73	0	}
74
75		static uint32_t get_generic_seed(void)
76	0	{
77	0	uint64_t tmp[120/8];
78	0	struct AVSHA sha = (void)tmp;
79	0	clock_t last_t = 0;
80	0	clock_t last_td = 0;
81	0	clock_t init_t = 0;
82	0	static uint64_t i = 0;
83	0	static uint32_t buffer[512] = { 0 };
84	0	unsigned char digest[20];
85	0	uint64_t last_i = i;
86	0	int repeats[3] = { 0 };
87
88	0	av_assert0(sizeof(tmp) >= av_sha_size);
89
90	0	if(TEST){
91	0	memset(buffer, 0, sizeof(buffer));
92	0	last_i = i = 0;
93	0	}else{
94	0	#ifdef AV_READ_TIME
95	0	buffer[13] ^= AV_READ_TIME();
96	0	buffer[41] ^= AV_READ_TIME()>>32;
97	0	#endif
98	0	}
99
100	0	for (;;) {
101	0	clock_t t = clock();
102	0	int incremented_i = 0;
103	0	int cur_td = t - last_t;
104	0	if (last_t + 2*last_td + (CLOCKS_PER_SEC > 1000) < t) {
105		// If the timer incremented by more than 2*last_td at once,
106		// we may e.g. have had a context switch. If the timer resolution
107		// is high (CLOCKS_PER_SEC > 1000), require that the timer
108		// incremented by more than 1. If the timer resolution is low,
109		// it is enough that the timer incremented at all.
110	0	buffer[++i & 511] += cur_td % 3294638521U;
111	0	incremented_i = 1;
112	0	} else if (t != last_t && repeats[0] > 0 && repeats[1] > 0 &&
113	0	repeats[2] > 0 && repeats[0] != repeats[1] &&
114	0	repeats[0] != repeats[2]) {
115		// If the timer resolution is high, and we get the same timer
116		// value multiple times, use variances in the number of repeats
117		// of each timer value as entropy. If we get a different number of
118		// repeats than the last two unique cases, count that as entropy
119		// and proceed to the next index.
120	0	buffer[++i & 511] += (repeats[0] + repeats[1] + repeats[2]) % 3294638521U;
121	0	incremented_i = 1;
122	0	} else {
123	0	buffer[i & 511] = 1664525*buffer[i & 511] + 1013904223 + (cur_td % 3294638521U);
124	0	}
125	0	if (incremented_i && (t - init_t) >= CLOCKS_PER_SEC>>5) {
126	0	if (last_i && i - last_i > 4 \|\| i - last_i > 64 \|\| TEST && i - last_i > 8)
127	0	break;
128	0	}
129	0	if (t == last_t) {
130	0	repeats[0]++;
131	0	} else {
132		// If we got a new unique number of repeats, update the history.
133	0	if (repeats[0] != repeats[1]) {
134	0	repeats[2] = repeats[1];
135	0	repeats[1] = repeats[0];
136	0	}
137	0	repeats[0] = 0;
138	0	}
139	0	last_t = t;
140	0	last_td = cur_td;
141	0	if (!init_t)
142	0	init_t = t;
143	0	}
144
145	0	if(TEST) {
146	0	buffer[0] = buffer[1] = 0;
147	0	} else {
148	0	#ifdef AV_READ_TIME
149	0	buffer[111] += AV_READ_TIME();
150	0	#endif
151	0	}
152
153	0	av_sha_init(sha, 160);
154	0	av_sha_update(sha, (const uint8_t *)buffer, sizeof(buffer));
155	0	av_sha_final(sha, digest);
156	0	return AV_RB32(digest) + AV_RB32(digest + 16);
157	0	}
158
159		int av_random_bytes(uint8_t* buf, size_t len)
160	0	{
161	0	int err;
162
163		#if HAVE_BCRYPT
164		BCRYPT_ALG_HANDLE algo_handle;
165		NTSTATUS ret = BCryptOpenAlgorithmProvider(&algo_handle, BCRYPT_RNG_ALGORITHM,
166		MS_PRIMITIVE_PROVIDER, 0);
167		if (BCRYPT_SUCCESS(ret)) {
168		NTSTATUS ret = BCryptGenRandom(algo_handle, (PUCHAR)buf, len, 0);
169		BCryptCloseAlgorithmProvider(algo_handle, 0);
170		if (BCRYPT_SUCCESS(ret))
171		return 0;
172		}
173		#endif
174
175		#if HAVE_ARC4RANDOM_BUF
176		arc4random_buf(buf, len);
177		return 0;
178		#endif
179
180	0	err = read_random(buf, len, "/dev/urandom");
181	0	if (!err)
182	0	return err;
183
184		#if CONFIG_GCRYPT
185		gcry_randomize(buf, len, GCRY_VERY_STRONG_RANDOM);
186		return 0;
187		#elif CONFIG_OPENSSL
188		if (RAND_bytes(buf, len) == 1)
189		return 0;
190		return AVERROR_EXTERNAL;
191		#else
192	0	return err;
193	0	#endif
194	0	}
195
196		uint32_t av_get_random_seed(void)
197	0	{
198	0	uint32_t seed;
199
200	0	if (av_random_bytes((uint8_t *)&seed, sizeof(seed)) < 0)
201	0	return get_generic_seed();
202
203	0	return seed;
204	0	}