From b2f0f37d242f1194fe1f886557cf6cefdf98caf6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Storsj=C3=B6?= <martin@martin.st>
Date: Fri, 29 May 2015 10:14:39 +0300
Subject: [PATCH] rtmpdh: Generate the whole private exponent using
 av_get_random_seed() with nettle/gmp
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Don't use a PRNG for generating it; that defies the intended use
within the cryptograhic handshake.

Signed-off-by: Martin Storsjö <martin@martin.st>
---
 libavformat/rtmpdh.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/libavformat/rtmpdh.c b/libavformat/rtmpdh.c
index 5cc66c9ec1..12a64bcdd9 100644
--- a/libavformat/rtmpdh.c
+++ b/libavformat/rtmpdh.c
@@ -81,13 +81,15 @@
             ret = 1;                                \
     } while (0)
 #define bn_modexp(bn, y, q, p)      mpz_powm(bn, y, q, p)
-#define bn_random(bn, num_bits)                     \
-    do {                                            \
-        gmp_randstate_t rs;                         \
-        gmp_randinit_mt(rs);                        \
-        gmp_randseed_ui(rs, av_get_random_seed());  \
-        mpz_urandomb(bn, rs, num_bits);             \
-        gmp_randclear(rs);                          \
+#define bn_random(bn, num_bits)                       \
+    do {                                              \
+        int bits = num_bits;                          \
+        mpz_set_ui(bn, 0);                            \
+        for (bits = num_bits; bits > 0; bits -= 32) { \
+            mpz_mul_2exp(bn, bn, 32);                 \
+            mpz_add_ui(bn, bn, av_get_random_seed()); \
+        }                                             \
+        mpz_fdiv_r_2exp(bn, bn, num_bits);            \
     } while (0)
 #elif CONFIG_GCRYPT
 #define bn_new(bn)                  bn = gcry_mpi_new(1)