From ee8be938555a47957b5813a9453d5b4954badc08 Mon Sep 17 00:00:00 2001
From: Jonas Herzig <me@johni0702.de>
Date: Mon, 10 Dec 2018 21:00:11 +0100
Subject: [PATCH] Fix panic in SRTP crypto when the most significant byte of IV
 is 0

---
 src/rfc3711.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/rfc3711.rs b/src/rfc3711.rs
index 77ff66a..d7fb96b 100644
--- a/src/rfc3711.rs
+++ b/src/rfc3711.rs
@@ -471,7 +471,8 @@ where
         let iv = BigUint::from_bytes_be(&context.session_salt_key) << 16;
         let iv = iv ^ (BigUint::from(ssrc) << 64);
         let iv = iv ^ (index.into() << 16);
-        let iv = &iv.to_bytes_be()[0..context.session_encr_key.len()];
+        let iv = iv ^ (BigUint::from(1_u8) << (context.session_encr_key.len() * 8));
+        let iv = &iv.to_bytes_be()[1..context.session_encr_key.len() + 1];
 
         let mut ctr = crypto::aes::ctr(
             crypto::aes::KeySize::KeySize128,
@@ -506,7 +507,8 @@ where
         let iv = BigUint::from_bytes_be(&context.session_salt_key) << 16;
         let iv = iv ^ (BigUint::from(ssrc) << 64);
         let iv = iv ^ (index.into() << 16);
-        let iv = &iv.to_bytes_be()[0..context.session_encr_key.len()];
+        let iv = iv ^ (BigUint::from(1_u8) << (context.session_encr_key.len() * 8));
+        let iv = &iv.to_bytes_be()[1..context.session_encr_key.len() + 1];
 
         let mut ctr = crypto::aes::ctr(
             crypto::aes::KeySize::KeySize128,