Google Git
Sign in
webrtc / src / 100321969c6a73a28bc2fe497f14ccfdce7a1d2c^! / .
commit100321969c6a73a28bc2fe497f14ccfdce7a1d2c[log] [tgz]
authorPhilipp Hancke <philipp.hancke@googlemail.com>Thu Apr 08 14:02:40 2021
committerCommit Bot <commit-bot@chromium.org>Mon Apr 12 07:57:03 2021
tree149812ab0adacdbf784909364c8f51cd28806df8
parent569105361286fb39a18fd9f212b4d2c15a4f3e4d [diff]
srtp: compare key length to srtp policy key length

simplifying the code and comparing against the value libsrtp expects
and increase verbosity of error logging related to key length mismatches.

BUG=None

Change-Id: Icc0d0121d2983e23c95b0f972a5f6cac1d158fd7
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/213146
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Philipp Hancke <philipp.hancke@googlemail.com>
Cr-Commit-Position: refs/heads/master@{#33685}

diff --git a/pc/srtp_filter.cc b/pc/srtp_filter.cc
index babcee1..2f8d06c 100644
--- a/pc/srtp_filter.cc
+++ b/pc/srtp_filter.cc

@@ -210,9 +210,9 @@
   int send_key_len, send_salt_len;
   if (!rtc::GetSrtpKeyAndSaltLengths(*send_cipher_suite_, &send_key_len,
                                      &send_salt_len)) {
-    RTC_LOG(LS_WARNING) << "Could not get lengths for crypto suite(s):"
-                           " send cipher_suite "
-                        << send_params.cipher_suite;
+    RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):"
+                         " send cipher_suite "
+                      << send_params.cipher_suite;
     return false;
   }
 
@@ -241,9 +241,9 @@
   int recv_key_len, recv_salt_len;
   if (!rtc::GetSrtpKeyAndSaltLengths(*recv_cipher_suite_, &recv_key_len,
                                      &recv_salt_len)) {
-    RTC_LOG(LS_WARNING) << "Could not get lengths for crypto suite(s):"
-                           " recv cipher_suite "
-                        << recv_params.cipher_suite;
+    RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):"
+                         " recv cipher_suite "
+                      << recv_params.cipher_suite;
     return false;
   }
 

diff --git a/pc/srtp_session.cc b/pc/srtp_session.cc
index 8e89fdf..45f6b67 100644
--- a/pc/srtp_session.cc
+++ b/pc/srtp_session.cc

@@ -278,23 +278,9 @@
     return false;
   }
 
-  int expected_key_len;
-  int expected_salt_len;
-  if (!rtc::GetSrtpKeyAndSaltLengths(cs, &expected_key_len,
-                                     &expected_salt_len)) {
-    // This should never happen.
-    RTC_NOTREACHED();
-    RTC_LOG(LS_WARNING)
-        << "Failed to " << (session_ ? "update" : "create")
-        << " SRTP session: unsupported cipher_suite without length information"
-        << cs;
-    return false;
-  }
-
-  if (!key ||
-      len != static_cast<size_t>(expected_key_len + expected_salt_len)) {
-    RTC_LOG(LS_WARNING) << "Failed to " << (session_ ? "update" : "create")
-                        << " SRTP session: invalid key";
+  if (!key || len != static_cast<size_t>(policy.rtp.cipher_key_len)) {
+    RTC_LOG(LS_ERROR) << "Failed to " << (session_ ? "update" : "create")
+                      << " SRTP session: invalid key";
     return false;
   }