Fix a bug introduced in #559: While full_key_length correctly returned AES_ICM_128_KEYLEN_W_SALT for the key size of a null cipher, the policy setting methods set the key size to 16. As a result, a caller using a null cipher and providing a key of the length recommended by the crypto policy would experience a 14-byte over-read of the buffer.
In general, be more cautious about key lengths to avoid over-reads. Unfortunately, the existing API doesn't provide an explicit length from the key, so we are left to presume that this length is reflected in the RTP / RTCP crypto policies. However, these are settable by the caller, so we need to check that the provided values are correct for the cipher types in use.
The PR also includes fixes to the srtp_driver test, which provided incorrect key lengths for its policies that use null ciphers. The null cipher validation test did not need updating because the key buffer provided actually had enough data, so there was no over-read.
There are two major changes here:
Fix a bug introduced in #559: While
full_key_lengthcorrectly returnedAES_ICM_128_KEYLEN_W_SALTfor the key size of a null cipher, the policy setting methods set the key size to16. As a result, a caller using a null cipher and providing a key of the length recommended by the crypto policy would experience a 14-byte over-read of the buffer.In general, be more cautious about key lengths to avoid over-reads. Unfortunately, the existing API doesn't provide an explicit length from the key, so we are left to presume that this length is reflected in the RTP / RTCP crypto policies. However, these are settable by the caller, so we need to check that the provided values are correct for the cipher types in use.
The PR also includes fixes to the
srtp_drivertest, which provided incorrect key lengths for its policies that use null ciphers. The null cipher validation test did not need updating because the key buffer provided actually had enough data, so there was no over-read.