srtp: compare key length to srtp policy key length
simplifying the code and comparing against the value libsrtp expects
and increase verbosity of error logging related to key length mismatches.
BUG=None
Change-Id: Icc0d0121d2983e23c95b0f972a5f6cac1d158fd7
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/213146
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Philipp Hancke <philipp.hancke@googlemail.com>
Cr-Commit-Position: refs/heads/master@{#33685}
diff --git a/pc/srtp_filter.cc b/pc/srtp_filter.cc
index babcee1..2f8d06c 100644
--- a/pc/srtp_filter.cc
+++ b/pc/srtp_filter.cc
@@ -210,9 +210,9 @@
int send_key_len, send_salt_len;
if (!rtc::GetSrtpKeyAndSaltLengths(*send_cipher_suite_, &send_key_len,
&send_salt_len)) {
- RTC_LOG(LS_WARNING) << "Could not get lengths for crypto suite(s):"
- " send cipher_suite "
- << send_params.cipher_suite;
+ RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):"
+ " send cipher_suite "
+ << send_params.cipher_suite;
return false;
}
@@ -241,9 +241,9 @@
int recv_key_len, recv_salt_len;
if (!rtc::GetSrtpKeyAndSaltLengths(*recv_cipher_suite_, &recv_key_len,
&recv_salt_len)) {
- RTC_LOG(LS_WARNING) << "Could not get lengths for crypto suite(s):"
- " recv cipher_suite "
- << recv_params.cipher_suite;
+ RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):"
+ " recv cipher_suite "
+ << recv_params.cipher_suite;
return false;
}
diff --git a/pc/srtp_session.cc b/pc/srtp_session.cc
index 8e89fdf..45f6b67 100644
--- a/pc/srtp_session.cc
+++ b/pc/srtp_session.cc
@@ -278,23 +278,9 @@
return false;
}
- int expected_key_len;
- int expected_salt_len;
- if (!rtc::GetSrtpKeyAndSaltLengths(cs, &expected_key_len,
- &expected_salt_len)) {
- // This should never happen.
- RTC_NOTREACHED();
- RTC_LOG(LS_WARNING)
- << "Failed to " << (session_ ? "update" : "create")
- << " SRTP session: unsupported cipher_suite without length information"
- << cs;
- return false;
- }
-
- if (!key ||
- len != static_cast<size_t>(expected_key_len + expected_salt_len)) {
- RTC_LOG(LS_WARNING) << "Failed to " << (session_ ? "update" : "create")
- << " SRTP session: invalid key";
+ if (!key || len != static_cast<size_t>(policy.rtp.cipher_key_len)) {
+ RTC_LOG(LS_ERROR) << "Failed to " << (session_ ? "update" : "create")
+ << " SRTP session: invalid key";
return false;
}