From cfd371d72e3319895043bd687a2541193677f351 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=94=D0=B8=D0=BB=D1=8F=D0=BD=20=D0=9F=D0=B0=D0=BB=D0=B0?= =?UTF-8?q?=D1=83=D0=B7=D0=BE=D0=B2?= Date: Sat, 11 Feb 2023 19:52:37 +0200 Subject: [PATCH] srtp-utils: Strip padding characters in crypto attribute lines https://www.rfc-editor.org/rfc/rfc4568.html#section-6.1 says: When base64 decoding the key and salt, padding characters (i.e., one or two "=" at the end of the base64-encoded data) are discarded (see [RFC3548] for details). https://www.rfc-editor.org/rfc/rfc3548#section-2.2 says: In some circumstances, the use of padding ("=") in base encoded data is not required nor used. In the general case, when assumptions on size of transported data cannot be made, padding is required to yield correct decoded data. --- plugins/provider/sip/calls-srtp-utils.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/plugins/provider/sip/calls-srtp-utils.c b/plugins/provider/sip/calls-srtp-utils.c index e7e3b92..ba7ac10 100644 --- a/plugins/provider/sip/calls-srtp-utils.c +++ b/plugins/provider/sip/calls-srtp-utils.c @@ -584,8 +584,19 @@ calls_srtp_print_sdp_crypto_attribute (calls_srtp_crypto_attribute *attr, /* key parameters */ for (guint i = 0; i < attr->n_key_params; i++) { calls_srtp_crypto_key_param *key_param = &attr->key_params[i]; + int keylen = strlen (key_param->b64_keysalt); - g_string_append_printf (attr_str, "inline:%s", key_param->b64_keysalt); + /* https://www.rfc-editor.org/rfc/rfc4568.html#section-6.1 says: + When base64 decoding the key and salt, padding characters (i.e., + one or two "=" at the end of the base64-encoded data) are discarded + (see [RFC3548] for details). + */ + if (key_param->b64_keysalt[keylen - 2] == '=') + g_string_append_printf (attr_str, "inline:%.*s", keylen - 2, key_param->b64_keysalt); + else if (key_param->b64_keysalt[keylen - 1] == '=') + g_string_append_printf (attr_str, "inline:%.*s", keylen - 1, key_param->b64_keysalt); + else + g_string_append_printf (attr_str, "inline:%s", key_param->b64_keysalt); if (key_param->lifetime_type == CALLS_SRTP_LIFETIME_AS_DECIMAL_NUMBER) g_string_append_printf (attr_str, "|%" G_GINT64_FORMAT, key_param->lifetime); if (key_param->lifetime_type == CALLS_SRTP_LIFETIME_AS_POWER_OF_TWO)