Use OpenSSL RAND_bytes for random IV generation

base::RandBytes may not be cryptographically strong.

Bug: 13658504
Change-Id: Id5dcd4e512f05c2f06302654277f2fd11a53f2b7
This commit is contained in:
KongQun Yang 2014-05-07 17:34:11 -07:00
parent 1f315ba921
commit 815b90753f
1 changed files with 7 additions and 1 deletions

View File

@ -7,6 +7,8 @@
#include "media/base/aes_encryptor.h" #include "media/base/aes_encryptor.h"
#include <openssl/aes.h> #include <openssl/aes.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include "base/logging.h" #include "base/logging.h"
#include "base/rand_util.h" #include "base/rand_util.h"
@ -51,7 +53,11 @@ AesCtrEncryptor::~AesCtrEncryptor() {}
bool AesCtrEncryptor::InitializeWithRandomIv(const std::vector<uint8>& key, bool AesCtrEncryptor::InitializeWithRandomIv(const std::vector<uint8>& key,
uint8 iv_size) { uint8 iv_size) {
std::vector<uint8> iv(iv_size, 0); std::vector<uint8> iv(iv_size, 0);
base::RandBytes(&iv[0], iv_size); if (RAND_bytes(&iv[0], iv_size) != 1) {
LOG(ERROR) << "RAND_bytes failed with error: "
<< ERR_error_string(ERR_get_error(), NULL);
return false;
}
return InitializeWithIv(key, iv); return InitializeWithIv(key, iv);
} }