Add rtppacketuil.h/cc

webrtc/p2p/base/rtppacketutil.cc

+/*
+ *  Copyright 2016 The WebRTC Project Authors. All rights reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#include "webrtc/p2p/base/rtppacketutil.h"
+
+#include <string.h>
+
+#include "webrtc/base/asyncpacketsocket.h"
+#include "webrtc/base/byteorder.h"
+#include "webrtc/base/checks.h"
+#include "webrtc/base/messagedigest.h"
+#include "webrtc/base/timeutils.h"
+#include "webrtc/p2p/base/stun.h"
+
+namespace rtc {
+
+namespace {
+
+const size_t kMinRtpHeaderLength = 12;

[pthatcher1, 2016/01/13 23:21:33]

There's a lot of overlap between this and rtputils.cc

[Sergey Ulanov, 2016/01/14 06:02:21]

I didn't know about rtputils.cc. Move all the code there.

+const size_t kMinRtcpHeaderLength = 8;
+const size_t kRtpExtensionHeaderLength = 4;
+const size_t kDtlsRecordHeaderLength = 13;
+const size_t kTurnChannelHeaderLength = 4;
+const size_t kAbsSendTimeExtensionLength = 3;
+const size_t kOneByteHeaderLength = 1;
+const size_t kMaxRtpPacketLength = 2048;
+
+// Fake auth tag written by the render process if external authentication is

[pthatcher1, 2016/01/13 23:21:33]

Does this still make sense being here?  It doesn't make sense having it refer to
"render process".

[Sergey Ulanov, 2016/01/14 06:02:21]

Updated the comment

+// enabled. HMAC in packet will be compared against this value before updating
+// packet with actual HMAC value.
+static const unsigned char kFakeAuthTag[10] = {
+    0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd
+};
+
+bool IsTurnChannelData(const char* data, size_t length) {
+  return length >= kTurnChannelHeaderLength && ((*data & 0xC0) == 0x40);
+}
+
+bool IsTurnSendIndicationPacket(const char* data, size_t length) {
+  if (length < cricket::kStunHeaderSize) {
+    return false;
+  }
+
+  uint16_t type = rtc::GetBE16(data);
+  return (type == cricket::TURN_SEND_INDICATION);
+}

[pthatcher1, 2016/01/13 23:21:33]

The above are not RTP, and so seem awkward being in rtputils/rtppacketutils.cc.

[Sergey Ulanov, 2016/01/14 06:02:21]

Moved to turnutils.cc

+
+bool IsRtpPacket(const char* data, size_t length) {
+  return (length >= kMinRtpHeaderLength) && ((*data & 0xC0) == 0x80);
+}
+
+void UpdateAbsSendTimeExtensionValue(char* extension_data,
+                                     size_t length,
+                                     uint32_t abs_send_time) {
+  // Absolute send time in RTP streams.
+  //
+  // The absolute send time is signaled to the receiver in-band using the
+  // general mechanism for RTP header extensions [RFC5285]. The payload
+  // of this extension (the transmitted value) is a 24-bit unsigned integer
+  // containing the sender's current time in seconds as a fixed point number
+  // with 18 bits fractional part.
+  //
+  // The form of the absolute send time extension block:
+  //
+  //    0                   1                   2                   3
+  //    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+  //   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  //   |  ID   | len=2 |              absolute send time               |
+  //   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  if (length != kAbsSendTimeExtensionLength) {
+    RTC_NOTREACHED();
+    return;
+  }
+
+  // Now() has resolution ~1-15ms
+  uint32_t now_second = abs_send_time;
+  if (!now_second) {
+    uint64_t now_us = rtc::TimeMicros();
+    // Convert second to 24-bit unsigned with 18 bit fractional part
+    now_second = ((now_us << 18) / rtc::kNumMicrosecsPerSec) & 0x00FFFFFF;
+  }

[pthatcher1, 2016/01/13 23:21:33]

It seems like it would be better to pass in the time rather than make this file
depend on rtc::TimeMicros().

[Sergey Ulanov, 2016/01/14 06:02:21]

Done.

+  // TODO(mallinath): Add SetBE24 to byteorder.h.
+  extension_data[0] = static_cast<uint8_t>(now_second >> 16);
+  extension_data[1] = static_cast<uint8_t>(now_second >> 8);
+  extension_data[2] = static_cast<uint8_t>(now_second);
+}
+
+// Assumes |length| is actual packet length + tag length. Updates HMAC at end of
+// the RTP packet.
+void UpdateRtpAuthTag(char* rtp, size_t length, const PacketOptions& options) {

[pthatcher1, 2016/01/13 23:21:33]

It seems like the key and len should be passed in instead of a PacketOptions. 
PacketOptions is strange dependency for an rtputils class.

[Sergey Ulanov, 2016/01/14 06:02:21]

Updated it to pass rtc::PacketTimeUpdateParams. There are 4 separate values that
would need to be passed without this struct.

+  // If there is no key, return.
+  if (options.packet_time_params.srtp_auth_key.empty()) {
+    return;
+  }
+
+  size_t tag_length = options.packet_time_params.srtp_auth_tag_len;
+
+  // ROC (rollover counter) is at the beginning of the auth tag.
+  const size_t kRocLength = 4;
+  if (tag_length < kRocLength || tag_length > length) {
+    RTC_NOTREACHED();
+    return;
+  }
+
+  char* auth_tag = rtp + (length - tag_length);
+
+  // We should have a fake HMAC value @ auth_tag.
+  RTC_DCHECK_EQ(0, memcmp(auth_tag, kFakeAuthTag, tag_length));
+
+  // Copy ROC after end of rtp packet.
+  memcpy(auth_tag, &options.packet_time_params.srtp_packet_index, kRocLength);
+  // Authentication of a RTP packet will have RTP packet + ROC size.
+  int auth_required_length = length - tag_length + kRocLength;
+
+  unsigned char output[64];
+
+  size_t result = ComputeHmac(
+      rtc::DIGEST_SHA_1, &options.packet_time_params.srtp_auth_key[0],
+      options.packet_time_params.srtp_auth_key.size(), rtp,
+      auth_required_length, output, sizeof(output));
+
+  if (result < tag_length) {
+    RTC_NOTREACHED();
+    return;
+  }
+
+  // Copy HMAC from output to packet. This is required as auth tag length
+  // may not be equal to the actual HMAC length.
+  memcpy(auth_tag, output, tag_length);
+}
+
+}  // namespace
+
+bool IsDtlsPacket(const char* data, size_t length) {
+  const uint8_t* u = reinterpret_cast<const uint8_t*>(data);
+  return (length >= kDtlsRecordHeaderLength && (u[0] > 19 && u[0] < 64));
+}

[pthatcher1, 2016/01/13 23:21:33]

This doesn't seem to belong in an rtputils file either.

[Sergey Ulanov, 2016/01/14 06:02:21]

Done.

+
+bool IsRtcpPacket(const char* data, size_t length) {
+  if (length < kMinRtcpHeaderLength) {
+    return false;
+  }
+
+  int type = (static_cast<uint8_t>(data[1]) & 0x7F);
+  return (type >= 64 && type < 96);
+}
+
+bool ValidateRtpHeader(const char* rtp, size_t length, size_t* header_length) {
+  if (header_length) {
+    *header_length = 0;
+  }
+
+  if (length < kMinRtpHeaderLength) {
+    return false;
+  }
+
+  size_t cc_count = rtp[0] & 0x0F;
+  size_t header_length_without_extension = kMinRtpHeaderLength + 4 * cc_count;
+  if (header_length_without_extension > length) {
+    return false;
+  }
+
+  // If extension bit is not set, we are done with header processing, as input
+  // length is verified above.
+  if (!(rtp[0] & 0x10)) {
+    if (header_length)
+      *header_length = header_length_without_extension;
+
+    return true;
+  }
+
+  rtp += header_length_without_extension;
+
+  if (header_length_without_extension + kRtpExtensionHeaderLength > length) {
+    return false;
+  }
+
+  // Getting extension profile length.
+  // Length is in 32 bit words.
+  uint16_t extension_length_in_32bits = rtc::GetBE16(rtp + 2);
+  size_t extension_length = extension_length_in_32bits * 4;
+
+  size_t rtp_header_length = extension_length +
+                             header_length_without_extension +
+                             kRtpExtensionHeaderLength;
+
+  // Verify input length against total header size.
+  if (rtp_header_length > length) {
+    return false;
+  }
+
+  if (header_length) {
+    *header_length = rtp_header_length;
+  }
+  return true;
+}
+
+bool ApplyPacketOptions(char* data,
+                        size_t length,
+                        const rtc::PacketOptions& options,
+                        uint32_t abs_send_time) {

[pthatcher1, 2016/01/13 23:21:33]

This seems like it should be UpdateRtpPacket, with time, key and length passed
in, instead of taking a PacketOptions.

[Sergey Ulanov, 2016/01/14 06:02:21]

Changed it to use rtc::PacketTimeUpdateParams

+  RTC_DCHECK(data != NULL);
+  RTC_DCHECK(length > 0);
+  // if there is no valid |rtp_sendtime_extension_id| and |srtp_auth_key| in
+  // PacketOptions, nothing to be updated in this packet.
+  if (options.packet_time_params.rtp_sendtime_extension_id == -1 &&
+      options.packet_time_params.srtp_auth_key.empty()) {
+    return true;
+  }
+
+  RTC_DCHECK(!IsDtlsPacket(data, length));
+  RTC_DCHECK(!IsRtcpPacket(data, length));
+
+  // If there is a srtp auth key present then packet must be a RTP packet.
+  // RTP packet may have been wrapped in a TURN Channel Data or
+  // TURN send indication.
+  size_t rtp_start_pos;
+  size_t rtp_length;
+  if (!GetRtpPacketStartPositionAndLength(
+      data, length, &rtp_start_pos, &rtp_length)) {
+    // This method should never return false.
+    RTC_NOTREACHED();
+    return false;
+  }
+
+  // Skip to rtp packet.
+  char* start = data + rtp_start_pos;
+  // If packet option has non default value (-1) for sendtime extension id,
+  // then we should parse the rtp packet to update the timestamp. Otherwise
+  // just calculate HMAC and update packet with it.
+  if (options.packet_time_params.rtp_sendtime_extension_id != -1) {
+    UpdateRtpAbsSendTimeExtension(
+        start,
+        rtp_length,
+        options.packet_time_params.rtp_sendtime_extension_id,
+        abs_send_time);
+  }
+
+  UpdateRtpAuthTag(start, rtp_length, options);
+  return true;
+}
+
+bool GetRtpPacketStartPositionAndLength(const char* packet,
+                                        size_t length,
+                                        size_t* rtp_start_pos,
+                                        size_t* rtp_packet_length) {

[pthatcher1, 2016/01/13 23:21:33]

This is kind of a funny function.  "Find an RTP packet in this random packet". 
Is that really for something in rtputils? It seems like it would belong more in
STUN or TURN specific code.

[Sergey Ulanov, 2016/01/14 06:02:21]

Moved to turnutils.cc and renamed to UnwrapTurnPacket()

+  if (length < kMinRtpHeaderLength || length > kMaxRtpPacketLength) {
+    return false;
+  }
+
+  size_t rtp_begin;
+  size_t rtp_length = 0;
+  if (IsTurnChannelData(packet, length)) {
+    // Turn Channel Message header format.
+    //   0                   1                   2                   3
+    //  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |         Channel Number        |            Length             |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |                                                               |
+    // /                       Application Data                        /
+    // /                                                               /
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    rtp_begin = kTurnChannelHeaderLength;
+    rtp_length = rtc::GetBE16(&packet[2]);
+    if (length < rtp_length + kTurnChannelHeaderLength) {
+      return false;
+    }
+  } else if (IsTurnSendIndicationPacket(packet, length)) {
+    // Validate STUN message length.
+    const size_t stun_message_length = rtc::GetBE16(&packet[2]);
+    if (stun_message_length + cricket::kStunHeaderSize != length) {
+      return false;
+    }
+
+    // First skip mandatory stun header which is of 20 bytes.
+    rtp_begin = cricket::kStunHeaderSize;
+    // Loop through STUN attributes until we find STUN DATA attribute.
+    bool data_attr_present = false;
+    while (rtp_begin < length) {
+      // Keep reading STUN attributes until we hit DATA attribute.
+      // Attribute will be a TLV structure.
+      // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      // |         Type                  |            Length             |
+      // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      // |                         Value (variable)                ....
+      // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      // The value in the length field MUST contain the length of the Value
+      // part of the attribute, prior to padding, measured in bytes.  Since
+      // STUN aligns attributes on 32-bit boundaries, attributes whose content
+      // is not a multiple of 4 bytes are padded with 1, 2, or 3 bytes of
+      // padding so that its value contains a multiple of 4 bytes.  The
+      // padding bits are ignored, and may be any value.
+      uint16_t attr_type, attr_length;
+      const int kAttrHeaderLength = sizeof(attr_type) + sizeof(attr_length);
+
+      if (length < rtp_begin + kAttrHeaderLength) {
+        return false;
+      }
+
+      // Getting attribute type and length.
+      attr_type = rtc::GetBE16(&packet[rtp_begin]);
+      attr_length = rtc::GetBE16(
+          &packet[rtp_begin + sizeof(attr_type)]);
+
+      rtp_begin += kAttrHeaderLength;  // Skip STUN_DATA_ATTR header.
+
+      // Checking for bogus attribute length.
+      if (length < rtp_begin + attr_length) {
+        return false;
+      }
+
+      if (attr_type != cricket::STUN_ATTR_DATA) {
+        rtp_begin += attr_length;
+        if ((attr_length % 4) != 0) {
+          rtp_begin += (4 - (attr_length % 4));
+        }
+        continue;
+      }
+
+      data_attr_present = true;
+      rtp_length = attr_length;
+
+      // We found STUN_DATA_ATTR. We can skip parsing rest of the packet.
+      break;
+    }
+
+    if (!data_attr_present) {
+      // There is no data attribute present in the message. We can't do anything
+      // with the message.
+      return false;
+    }
+
+  } else {
+    // This is a raw RTP packet.
+    rtp_begin = 0;
+    rtp_length = length;
+  }
+
+  // Making sure we have a valid RTP packet at the end.
+  if (IsRtpPacket(packet + rtp_begin, rtp_length) &&
+      ValidateRtpHeader(packet + rtp_begin, rtp_length, NULL)) {
+    *rtp_start_pos = rtp_begin;
+    *rtp_packet_length = rtp_length;
+    return true;
+  }
+  return false;
+}
+
+// ValidateRtpHeader must be called before this method to make sure, we have
+// a sane rtp packet.
+bool UpdateRtpAbsSendTimeExtension(char* rtp,
+                                   size_t length,
+                                   int extension_id,
+                                   uint32_t abs_send_time) {
+  //  0                   1                   2                   3
+  //  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+  // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  // |V=2|P|X|  CC   |M|     PT      |       sequence number         |
+  // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  // |                           timestamp                           |
+  // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  // |           synchronization source (SSRC) identifier            |
+  // +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+  // |            contributing source (CSRC) identifiers             |
+  // |                             ....                              |
+  // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+  // Return if extension bit is not set.
+  if (!(rtp[0] & 0x10)) {
+    return true;
+  }
+
+  size_t cc_count = rtp[0] & 0x0F;
+  size_t header_length_without_extension = kMinRtpHeaderLength + 4 * cc_count;
+
+  rtp += header_length_without_extension;
+
+  // Getting extension profile ID and length.
+  uint16_t profile_id = rtc::GetBE16(rtp);
+  // Length is in 32 bit words.
+  uint16_t extension_length_in_32bits = rtc::GetBE16(rtp + 2);
+  size_t extension_length = extension_length_in_32bits * 4;
+
+  rtp += kRtpExtensionHeaderLength;  // Moving past extension header.
+
+  bool found = false;
+  // WebRTC is using one byte header extension.
+  // TODO(mallinath) - Handle two byte header extension.
+  if (profile_id == 0xBEDE) {  // OneByte extension header
+    //  0
+    //  0 1 2 3 4 5 6 7
+    // +-+-+-+-+-+-+-+-+
+    // |  ID   |length |
+    // +-+-+-+-+-+-+-+-+
+
+    //  0                   1                   2                   3
+    //  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |       0xBE    |    0xDE       |           length=3            |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |  ID   | L=0   |     data      |  ID   |  L=1  |   data...
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    //       ...data   |    0 (pad)    |    0 (pad)    |  ID   | L=3   |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |                          data                                 |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    const char* extension_start = rtp;
+    const char* extension_end = extension_start + extension_length;
+
+    while (rtp < extension_end) {
+      const int id = (*rtp & 0xF0) >> 4;
+      const size_t length = (*rtp & 0x0F) + 1;
+      if (rtp + kOneByteHeaderLength + length > extension_end) {
+        return false;
+      }
+      // The 4-bit length is the number minus one of data bytes of this header
+      // extension element following the one-byte header.
+      if (id == extension_id) {
+        UpdateAbsSendTimeExtensionValue(
+            rtp + kOneByteHeaderLength, length, abs_send_time);
+        found = true;
+        break;
+      }
+      rtp += kOneByteHeaderLength + length;
+      // Counting padding bytes.
+      while ((rtp < extension_end) && (*rtp == 0)) {
+        ++rtp;
+      }
+    }
+  }
+  return found;
+}
+
+}  // namespace rtc