Google Git
Sign in
webrtc / src.git / be66d95ab7f9428028806bbf66cb83800bda9241^! / .
commitbe66d95ab7f9428028806bbf66cb83800bda9241[log] [tgz]
authorPhilipp Hancke <philipp.hancke@googlemail.com>Mon Mar 01 13:56:22 2021
committerCommit Bot <commit-bot@chromium.org>Mon Mar 08 08:50:09 2021
treed4195386e2c77e3ebbdfa4342229599891ed820a
parent456a2642d36de9e35242ec50769582252e23b0ae [diff]
srtp: document rationale for srtp overhead calculation

documents why it is safe to not follow libsrtp's advice
to ensure additional SRTP_MAX_TRAILER_LEN bytes are available
when calling srtp_protect (and similar srtcp functions).

BUG=None

Change-Id: I504645d21553160f06133fd8bb3ee79e178247da
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/209064
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Philipp Hancke <philipp.hancke@googlemail.com>
Cr-Commit-Position: refs/heads/master@{#33396}

diff --git a/pc/srtp_session.cc b/pc/srtp_session.cc
index 78ec4e6..dd3b751 100644
--- a/pc/srtp_session.cc
+++ b/pc/srtp_session.cc

@@ -80,6 +80,10 @@
     return false;
   }
 
+  // Note: the need_len differs from the libsrtp recommendatіon to ensure
+  // SRTP_MAX_TRAILER_LEN bytes of free space after the data. WebRTC
+  // never includes a MKI, therefore the amount of bytes added by the
+  // srtp_protect call is known in advance and depends on the cipher suite.
   int need_len = in_len + rtp_auth_tag_len_;  // NOLINT
   if (max_len < need_len) {
     RTC_LOG(LS_WARNING) << "Failed to protect SRTP packet: The buffer length "
@@ -122,6 +126,10 @@
     return false;
   }
 
+  // Note: the need_len differs from the libsrtp recommendatіon to ensure
+  // SRTP_MAX_TRAILER_LEN bytes of free space after the data. WebRTC
+  // never includes a MKI, therefore the amount of bytes added by the
+  // srtp_protect_rtp call is known in advance and depends on the cipher suite.
   int need_len = in_len + sizeof(uint32_t) + rtcp_auth_tag_len_;  // NOLINT
   if (max_len < need_len) {
     RTC_LOG(LS_WARNING) << "Failed to protect SRTCP packet: The buffer length "

diff --git a/pc/srtp_session.h b/pc/srtp_session.h
index 9eede09..0396412 100644
--- a/pc/srtp_session.h
+++ b/pc/srtp_session.h

@@ -126,8 +126,14 @@
 
   webrtc::SequenceChecker thread_checker_;
   srtp_ctx_t_* session_ = nullptr;
+
+  // Overhead of the SRTP auth tag for RTP and RTCP in bytes.
+  // Depends on the cipher suite used and is usually the same with the exception
+  // of the CS_AES_CM_128_HMAC_SHA1_32 cipher suite. The additional four bytes
+  // required for RTCP protection are not included.
   int rtp_auth_tag_len_ = 0;
   int rtcp_auth_tag_len_ = 0;
+
   bool inited_ = false;
   static webrtc::GlobalMutex lock_;
   int last_send_seq_num_ = -1;