func (c *Context) decryptRTCP(dst, encrypted []byte) ([]byte, error) {
out := allocateIfMismatch(dst, encrypted)
authTagLen, err := c.cipher.rtcpAuthTagLen()
if err != nil {
return nil, err
}
aeadAuthTagLen, err := c.cipher.aeadAuthTagLen()
if err != nil {
return nil, err
}
tailOffset := len(encrypted) - (authTagLen + srtcpIndexSize)
if tailOffset < aeadAuthTagLen {
return nil, fmt.Errorf("%w: %d", errTooShortRTCP, len(encrypted))
} else if isEncrypted := encrypted[tailOffset] >> 7; isEncrypted == 0 {
return out, nil
}
index := c.cipher.getRTCPIndex(encrypted)
ssrc := binary.BigEndian.Uint32(encrypted[4:])
s := c.getSRTCPSSRCState(ssrc)
markAsValid, ok := s.replayDetector.Check(uint64(index))
if !ok {
return nil, &duplicatedError{Proto: "srtcp", SSRC: ssrc, Index: index}
}
out, err = c.cipher.decryptRTCP(out, encrypted, index, ssrc)
if err != nil {
return nil, err
}
markAsValid()
return out, nil
}
srtcp data length min length should be 8 + aeadAuthTagLen + authTagLen + srtcpIndexSize
8 is rtcp header(4 bytes + 4 bytes ssrc)
ssrc := binary.BigEndian.Uint32(encrypted[4:])
will get a wrong value. so need check if len(encrypted) >= min length in decryptRTCP function