admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

srtp: compare key length to srtp policy key length

Browse Source 
simplifying the code and comparing against the value libsrtp expects
and increase verbosity of error logging related to key length mismatches.

BUG=None

Change-Id: Icc0d0121d2983e23c95b0f972a5f6cac1d158fd7
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/213146
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Philipp Hancke <philipp.hancke@googlemail.com>
Cr-Commit-Position: refs/heads/master@{#33685}
This commit is contained in:
Philipp Hancke 2021-04-08 16:02:40 +02:00 committed by Commit Bot
parent 5691053612
commit 100321969c
2 changed files with 9 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pc/srtp_filter.cc
View File

@ -210,9 +210,9 @@ bool SrtpFilter::ApplySendParams(const CryptoParams& send_params) {
int send_key_len, send_salt_len; int send_key_len, send_salt_len;
if (!rtc::GetSrtpKeyAndSaltLengths(*send_cipher_suite_, &send_key_len, if (!rtc::GetSrtpKeyAndSaltLengths(*send_cipher_suite_, &send_key_len,
&send_salt_len)) { &send_salt_len)) {
RTC_LOG(LS_WARNING) << "Could not get lengths for crypto suite(s):" RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):"
" send cipher_suite " " send cipher_suite "
<< send_params.cipher_suite; << send_params.cipher_suite;
return false; return false;
} }
@ -241,9 +241,9 @@ bool SrtpFilter::ApplyRecvParams(const CryptoParams& recv_params) {
int recv_key_len, recv_salt_len; int recv_key_len, recv_salt_len;
if (!rtc::GetSrtpKeyAndSaltLengths(*recv_cipher_suite_, &recv_key_len, if (!rtc::GetSrtpKeyAndSaltLengths(*recv_cipher_suite_, &recv_key_len,
&recv_salt_len)) { &recv_salt_len)) {
RTC_LOG(LS_WARNING) << "Could not get lengths for crypto suite(s):" RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):"
" recv cipher_suite " " recv cipher_suite "
<< recv_params.cipher_suite; << recv_params.cipher_suite;
return false; return false;
} }

20
pc/srtp_session.cc
View File

@ -278,23 +278,9 @@ bool SrtpSession::DoSetKey(int type,
return false; return false;
} }
int expected_key_len; if (!key || len != static_cast<size_t>(policy.rtp.cipher_key_len)) {
int expected_salt_len; RTC_LOG(LS_ERROR) << "Failed to " << (session_ ? "update" : "create")
if (!rtc::GetSrtpKeyAndSaltLengths(cs, &expected_key_len, << " SRTP session: invalid key";
&expected_salt_len)) {
// This should never happen.
RTC_NOTREACHED();
RTC_LOG(LS_WARNING)
<< "Failed to " << (session_ ? "update" : "create")
<< " SRTP session: unsupported cipher_suite without length information"
<< cs;
return false;
}
if (!key ||
len != static_cast<size_t>(expected_key_len + expected_salt_len)) {
RTC_LOG(LS_WARNING) << "Failed to " << (session_ ? "update" : "create")
<< " SRTP session: invalid key";
return false; return false;
} }