From 100321969c6a73a28bc2fe497f14ccfdce7a1d2c Mon Sep 17 00:00:00 2001
From: Philipp Hancke <philipp.hancke@googlemail.com>
Date: Thu, 8 Apr 2021 16:02:40 +0200
Subject: [PATCH] srtp: compare key length to srtp policy key length

simplifying the code and comparing against the value libsrtp expects
and increase verbosity of error logging related to key length mismatches.

BUG=None

Change-Id: Icc0d0121d2983e23c95b0f972a5f6cac1d158fd7
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/213146
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Philipp Hancke <philipp.hancke@googlemail.com>
Cr-Commit-Position: refs/heads/master@{#33685}
---
 pc/srtp_filter.cc  | 12 ++++++------
 pc/srtp_session.cc | 20 +++-----------------
 2 files changed, 9 insertions(+), 23 deletions(-)

diff --git a/pc/srtp_filter.cc b/pc/srtp_filter.cc
index babcee1157..2f8d06cbea 100644
--- a/pc/srtp_filter.cc
+++ b/pc/srtp_filter.cc
@@ -210,9 +210,9 @@ bool SrtpFilter::ApplySendParams(const CryptoParams& send_params) {
   int send_key_len, send_salt_len;
   if (!rtc::GetSrtpKeyAndSaltLengths(*send_cipher_suite_, &send_key_len,
                                      &send_salt_len)) {
-    RTC_LOG(LS_WARNING) << "Could not get lengths for crypto suite(s):"
-                           " send cipher_suite "
-                        << send_params.cipher_suite;
+    RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):"
+                         " send cipher_suite "
+                      << send_params.cipher_suite;
     return false;
   }
 
@@ -241,9 +241,9 @@ bool SrtpFilter::ApplyRecvParams(const CryptoParams& recv_params) {
   int recv_key_len, recv_salt_len;
   if (!rtc::GetSrtpKeyAndSaltLengths(*recv_cipher_suite_, &recv_key_len,
                                      &recv_salt_len)) {
-    RTC_LOG(LS_WARNING) << "Could not get lengths for crypto suite(s):"
-                           " recv cipher_suite "
-                        << recv_params.cipher_suite;
+    RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):"
+                         " recv cipher_suite "
+                      << recv_params.cipher_suite;
     return false;
   }
 
diff --git a/pc/srtp_session.cc b/pc/srtp_session.cc
index 8e89fdfa68..45f6b67d12 100644
--- a/pc/srtp_session.cc
+++ b/pc/srtp_session.cc
@@ -278,23 +278,9 @@ bool SrtpSession::DoSetKey(int type,
     return false;
   }
 
-  int expected_key_len;
-  int expected_salt_len;
-  if (!rtc::GetSrtpKeyAndSaltLengths(cs, &expected_key_len,
-                                     &expected_salt_len)) {
-    // This should never happen.
-    RTC_NOTREACHED();
-    RTC_LOG(LS_WARNING)
-        << "Failed to " << (session_ ? "update" : "create")
-        << " SRTP session: unsupported cipher_suite without length information"
-        << cs;
-    return false;
-  }
-
-  if (!key ||
-      len != static_cast<size_t>(expected_key_len + expected_salt_len)) {
-    RTC_LOG(LS_WARNING) << "Failed to " << (session_ ? "update" : "create")
-                        << " SRTP session: invalid key";
+  if (!key || len != static_cast<size_t>(policy.rtp.cipher_key_len)) {
+    RTC_LOG(LS_ERROR) << "Failed to " << (session_ ? "update" : "create")
+                      << " SRTP session: invalid key";
     return false;
   }