Commit Graph

25 Commits

Author SHA1 Message Date
Ricardo Constantino
d50b5d547f rtmpdh: Initialize gcrypt before using it
Either disabling or init'ing secure memory is required after the use
of gcry_check_version. From a look at the functions rtmpdh uses, I
noticed none require the use of secure memory, so we disable it [1][2].

This resolves some errors returned by rtmpdh code with uninitialized
gcrypt, especifically:
Fatal: failed to create the RNG lock: Invalid argument
FATAL: failed to acquire the FSM lock in libgrypt: Invalid argument

Version "1.5.4" was arbitrarily chosen. An older version probably works
as well, but I couldn't compile older versions to test on my machine.

[1]
https://gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
[2]
https://www.gnupg.org/documentation/manuals/gcrypt/Controlling-the-library.html

Signed-off-by: Ricardo Constantino <wiiaboo@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2016-01-12 00:56:02 +01:00
Michael Niedermayer
589d39c768 Merge commit '63ce9fd23cfa5ac0d9a862be0da138108dc1c505'
* commit '63ce9fd23cfa5ac0d9a862be0da138108dc1c505':
  rtmpdh: Use GMP functions directly, instead of nettle wrappers

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-06-01 11:29:05 +02:00
Martin Storsjö
63ce9fd23c rtmpdh: Use GMP functions directly, instead of nettle wrappers
mpz_import and mpz_export were added in GMP 4.1, in 2002.

This simplifies the DH code by clarifying that it only uses pure
bignum functions, no other parts of nettle/hogweed.

Signed-off-by: Martin Storsjö <martin@martin.st>
2015-06-01 10:38:54 +03:00
Michael Niedermayer
2e15f07cfd Merge commit 'b2f0f37d242f1194fe1f886557cf6cefdf98caf6'
* commit 'b2f0f37d242f1194fe1f886557cf6cefdf98caf6':
  rtmpdh: Generate the whole private exponent using av_get_random_seed() with nettle/gmp

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-30 00:59:57 +02:00
Martin Storsjö
b2f0f37d24 rtmpdh: Generate the whole private exponent using av_get_random_seed() with nettle/gmp
Don't use a PRNG for generating it; that defies the intended use
within the cryptograhic handshake.

Signed-off-by: Martin Storsjö <martin@martin.st>
2015-05-29 23:33:03 +03:00
Michael Niedermayer
4b8b3efb1e Merge commit 'e9e86d9ef637f5a600c76b352ffe5a82b71b25d1'
* commit 'e9e86d9ef637f5a600c76b352ffe5a82b71b25d1':
  rtmpdh: Create sufficiently long private keys for gcrypt/nettle

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-29 11:42:43 +02:00
Michael Niedermayer
42a6a38418 Merge commit '8016a1bd3b60e917e1b12748dd80c06c3462c286'
* commit '8016a1bd3b60e917e1b12748dd80c06c3462c286':
  rtmpdh: Remove an unnecessary check in the gcrypt/nettle dh_compute_key

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-29 11:42:22 +02:00
Michael Niedermayer
48e02e258c Merge commit '063f7467e4d14ab7fe01b2845dab60cc75df8b53'
* commit '063f7467e4d14ab7fe01b2845dab60cc75df8b53':
  rtmpdh: Add fate test for the DH handshake routine

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-29 11:38:37 +02:00
Michael Niedermayer
fbeb3fa999 Merge commit '0508faaa11bf7507ffdd655aee57c9dc5a8203f4'
* commit '0508faaa11bf7507ffdd655aee57c9dc5a8203f4':
  rtmpdh: Pass the actual buffer size of the output secret key

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-29 11:32:07 +02:00
Michael Niedermayer
beecbe13a2 Merge commit '9f1b3050d9e31e9283d818f3640f3460ac8cfb5b'
* commit '9f1b3050d9e31e9283d818f3640f3460ac8cfb5b':
  rtmpdh: Check the output buffer size in the openssl version of dh_compute_key

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-29 11:31:43 +02:00
Michael Niedermayer
4c0b30b07a Merge commit '127d813bcb5705202b7100cf1eccd1e26d72ba14'
* commit '127d813bcb5705202b7100cf1eccd1e26d72ba14':
  rtmpdh: Fix a local variable name in the nettle/gcrypt codepath

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-29 11:31:26 +02:00
Michael Niedermayer
392832fc3a Merge commit '78efc69e7c990226f4b913721ef1b308ca5bfa04'
* commit '78efc69e7c990226f4b913721ef1b308ca5bfa04':
  rtmpdh: Make sure ret is initialized in the nettle version of bn_hex2bn

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-29 11:21:35 +02:00
Martin Storsjö
e9e86d9ef6 rtmpdh: Create sufficiently long private keys for gcrypt/nettle
There was a misunderstanding betewen bits and bytes for the parameter
value for generating random big numbers.

Signed-off-by: Martin Storsjö <martin@martin.st>
2015-05-29 09:42:41 +03:00
Martin Storsjö
8016a1bd3b rtmpdh: Remove an unnecessary check in the gcrypt/nettle dh_compute_key
Signed-off-by: Martin Storsjö <martin@martin.st>
2015-05-29 09:42:38 +03:00
Martin Storsjö
063f7467e4 rtmpdh: Add fate test for the DH handshake routine
This helps if these functions need to be implemented using another
crypto API.

Signed-off-by: Martin Storsjö <martin@martin.st>
2015-05-29 09:42:35 +03:00
Martin Storsjö
0508faaa11 rtmpdh: Pass the actual buffer size of the output secret key
Signed-off-by: Martin Storsjö <martin@martin.st>
2015-05-29 09:42:32 +03:00
Martin Storsjö
9f1b3050d9 rtmpdh: Check the output buffer size in the openssl version of dh_compute_key
Signed-off-by: Martin Storsjö <martin@martin.st>
2015-05-29 09:42:30 +03:00
Martin Storsjö
127d813bcb rtmpdh: Fix a local variable name in the nettle/gcrypt codepath
Signed-off-by: Martin Storsjö <martin@martin.st>
2015-05-29 09:42:28 +03:00
Martin Storsjö
78efc69e7c rtmpdh: Make sure ret is initialized in the nettle version of bn_hex2bn
Signed-off-by: Martin Storsjö <martin@martin.st>
2015-05-29 09:42:24 +03:00
Michael Niedermayer
6c180b35c4 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  mpegvideo_enc: don't use deprecated avcodec_encode_video().
  cmdutils: refactor -codecs option.
  avconv: make -shortest a per-output file option.
  lavc: add avcodec_descriptor_get_by_name().
  lavc: add const to AVCodec* function parameters.
  swf(dec): replace CODEC_ID with AV_CODEC_ID
  dvenc: don't use deprecated AVCODEC_MAX_AUDIO_FRAME_SIZE
  rtmpdh: Do not generate the same private key every time when using libnettle
  rtp: remove ff_rtp_get_rtcp_file_handle().
  rtsp.c: use ffurl_get_multi_file_handle() instead of ff_rtp_get_rtcp_file_handle()
  avio: add (ff)url_get_multi_file_handle() for getting more than one fd
  h264: vdpau: fix crash with unsupported colorspace
  amrwbdec: Decode the fr_quality bit properly

Conflicts:
	Changelog
	cmdutils.c
	cmdutils_common_opts.h
	doc/ffmpeg.texi
	ffmpeg.c
	ffmpeg.h
	ffmpeg_opt.c
	libavcodec/h264.c
	libavcodec/options.c
	libavcodec/utils.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-08-18 15:20:32 +02:00
Samuel Pitoiset
8337b5db96 rtmpdh: Do not generate the same private key every time when using libnettle
Replace mpz_random by mpz_urandomb with a random state initialization in
order to improve the randomness.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-08-17 23:51:53 +03:00
Michael Niedermayer
93342de1d8 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  rtmp: Add credit/copyright to librtmp authors for parts of the RTMPE code
  rtmp: Move the CONFIG_ condition into the if conditions
  aac: Mention abbreviation as well in long_name
  build: Skip compiling rtmpdh.h if ffrtmpcrypt protocol is not enabled
  doc: Add Git configuration section
  configure: Add a dependency on https for rtmpts
  rtp: Only choose static payload types if the sample rate and channels are right

Conflicts:
	doc/git-howto.texi
	libavformat/rtmpproto.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-07-24 21:15:57 +02:00
Martin Storsjö
6a433fdba8 rtmp: Add credit/copyright to librtmp authors for parts of the RTMPE code
Our implementation of RTMPE is heavily based on librtmp.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-07-24 18:13:26 +03:00
Michael Niedermayer
2cb4d51654 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  v410dec: Implement explode mode support
  zerocodec: fix direct rendering.
  wav: init st to NULL to avoid a false-positive warning.
  wavpack: set bits_per_raw_sample for S32 samples to properly identify 24-bit
  h264: refactor NAL decode loop
  RTMPTE protocol support
  RTMPE protocol support
  rtmp: Add ff_rtmp_calc_digest_pos()
  rtmp: Rename rtmp_calc_digest to ff_rtmp_calc_digest and make it global
  swscale: add missing HAVE_INLINE_ASM check.
  lavfi: place x86 inline assembly under HAVE_INLINE_ASM.
  vc1: Add a test for interlaced field pictures
  swscale: Mark all init functions as av_cold
  swscale: x86: Drop pointless _mmx suffix from filenames
  lavf: use conditional notation for default codec in muxer declarations.
  swscale: place inline assembly bilinear scaler under HAVE_INLINE_ASM.
  dsputil: ppc: cosmetics: pretty-print
  dsputil: x86: add SHUFFLE_MASK_W macro
  configure: respect CC_O setting in check_cc

Conflicts:
	Changelog
	configure
	libavcodec/v410dec.c
	libavcodec/zerocodec.c
	libavformat/asfenc.c
	libavformat/version.h
	libswscale/utils.c
	libswscale/x86/swscale.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-07-23 21:25:09 +02:00
Samuel Pitoiset
acd554c103 RTMPE protocol support
This adds two protocols, but one of them is an internal implementation
detail just used as an abstraction layer/generalization in the code. The
RTMPE protocol implementation uses ffrtmpcrypt:// as an alternative to the
tcp:// protocol. This allows moving most of the lower level logic out
from the higher level generic rtmp code.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-07-23 16:32:07 +03:00