content/browser/renderer_host/p2p/socket_host.cc - Issue 159353002: This CL adds methods to manipulate RTP header extension, particularly

Side by Side Diff: content/browser/renderer_host/p2p/socket_host.cc

Issue 159353002: This CL adds methods to manipulate RTP header extension, particularly (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/renderer_host/p2p/socket_host.h"	5 #include "content/browser/renderer_host/p2p/socket_host.h"

6	6

7 #include "base/sys_byteorder.h"	7 #include "base/sys_byteorder.h"

8 #include "content/browser/renderer_host/p2p/socket_host_tcp.h"	8 #include "content/browser/renderer_host/p2p/socket_host_tcp.h"

9 #include "content/browser/renderer_host/p2p/socket_host_tcp_server.h"	9 #include "content/browser/renderer_host/p2p/socket_host_tcp_server.h"

10 #include "content/browser/renderer_host/p2p/socket_host_udp.h"	10 #include "content/browser/renderer_host/p2p/socket_host_udp.h"

	11 #include "third_party/libjingle/source/talk/base/asyncpacketsocket.h"

	12 #include "third_party/libjingle/source/talk/base/byteorder.h"

	13 #include "third_party/libjingle/source/talk/base/messagedigest.h"

	14 #include "third_party/libjingle/source/talk/p2p/base/stun.h"

11	15

12 namespace {	16 namespace {

	17

13 const uint32 kStunMagicCookie = 0x2112A442;	18 const uint32 kStunMagicCookie = 0x2112A442;

	19 const int kMinRtpHdrLen = 12;

	20 const int kRtpExtnHdrLen = 4;

	21 const int kAbsSendTimeExtnLen = 3;

	22 const int kOneByteHdrLen = 1;

	23

	24 // bool IsTurnChannelData(const char* data) {

	25 // uint16 type = talk_base::GetBE16(data);

	26 // return ((type & 0xC000) == 0x4000); // MSB are 0b01

	27 // }

	28

	29 // bool IsDtlsPacket(const char* data, int len) {

	30 // const uint8* u = reinterpret_cast<const uint8*>(data);

	31 // return (len >= kDtlsRecordHeaderLen && (u[0] > 19 && u[0] < 64));

	32 // }

	33

	34 bool IsRtcpPacket(const char* data) {

	35 int type = (static_cast<uint8>(data[1]) & 0x7F);

	36 return (type >= 64 && type < 96);

	37 }

	38

	39 // bool IsStunPacket(const char* data) {

	40 // uint16 type = talk_base::GetBE16(data);

	41 // return !(type & 0xC000);

	42 // }

	43

	44 // bool IsStunDataIndicationPacket(const char* data) {

	45 // uint16 type = talk_base::GetBE16(data);

	46 // return (type == cricket::TURN_SEND_INDICATION);

	47 // }

	48

	49 const size_t kBlockSize = 64; // valid for SHA-256 and down

	50

	51 class HMAC {
	Sergey Ulanov 2014/02/20 19:30:28 There is HMAC implamentation in crypto/hmac.h. Is There is HMAC implamentation in crypto/hmac.h. Is it necessary to duplicate it here? Mallinath (Gone from Chromium) 2014/02/20 19:34:32 Yea, I saw that. I am also exploring that option, Yea, I saw that. I am also exploring that option, but they all including one in libjingle(ComputeHmac) all take one message and compute HMAC on it. But in our case we will have 2 inputs. One message it self and other is SRTP packet index. That's why I call Update twice below and then call Compute at the end. On 2014/02/20 19:30:28, Sergey Ulanov wrote: Show quoted text > There is HMAC implamentation in crypto/hmac.h. Is it necessary to duplicate it > here? juberti2 2014/02/20 23:43:56 Update(x + y), Compute is the same as Update(x), U Show quoted text On 2014/02/20 19:34:32, mallinath2 wrote: > Yea, I saw that. I am also exploring that option, but they all including one in > libjingle(ComputeHmac) all take one message and compute HMAC on it. But in our > case we will have 2 inputs. One message it self and other is SRTP packet index. > That's why I call Update twice below and then call Compute at the end. > > On 2014/02/20 19:30:28, Sergey Ulanov wrote: > > There is HMAC implamentation in crypto/hmac.h. Is it necessary to duplicate it > > here? > Update(x + y), Compute is the same as Update(x), Update(y), Compute. So I think we can make it work with the existing classes. Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Thanks, Let me try that. On 2014/02/20 23:43:56, j Thanks, Let me try that. On 2014/02/20 23:43:56, juberti2 wrote: Show quoted text > On 2014/02/20 19:34:32, mallinath2 wrote: > > Yea, I saw that. I am also exploring that option, but they all including one > in > > libjingle(ComputeHmac) all take one message and compute HMAC on it. But in our > > case we will have 2 inputs. One message it self and other is SRTP packet > index. > > That's why I call Update twice below and then call Compute at the end. > > > > On 2014/02/20 19:30:28, Sergey Ulanov wrote: > > > There is HMAC implamentation in crypto/hmac.h. Is it necessary to duplicate > it > > > here? > > > > Update(x + y), Compute is the same as Update(x), Update(y), Compute. So I think > we can make it work with the existing classes.
	52 public:

	53 HMAC();

	54 ~HMAC() {}

	55

	56 bool Init(const void* key, size_t key_len);

	57 void Update(const void* input, size_t in_len);

	58 void Compute(void* output, size_t out_len);

	59

	60 private:

	61 size_t block_len;

	62 scoped_ptr<uint8[]> o_pad_;

	63 scoped_ptr<uint8[]> i_pad_;

	64 scoped_ptr<uint8[]> inner_;

	65 scoped_ptr<talk_base::MessageDigest> digest_;

	66 };

	67

	68 HMAC::HMAC()

	69 : digest_(talk_base::MessageDigestFactory::Create(

	70 talk_base::DIGEST_SHA_1)) {

	71 }

	72

	73 bool HMAC::Init(const void* key, size_t key_len) {

	74 if (!digest_) {

	75 return false;

	76 }

	77 block_len = kBlockSize;

	78 if (digest_->Size() > 32) {

	79 return false;

	80 }

	81

	82 // Copy the key to a block-sized buffer to simplify padding.

	83 // If the key is longer than a block, hash it and use the result instead.

	84 talk_base::scoped_ptr<uint8[]> new_key(new uint8[block_len]);

	85 if (key_len > block_len) {

	86 talk_base::ComputeDigest(digest_.get(), key, key_len,

	87 new_key.get(), block_len);

	88 memset(new_key.get() + digest_->Size(), 0, block_len - digest_->Size());

	89 } else {

	90 memcpy(new_key.get(), key, key_len);

	91 memset(new_key.get() + key_len, 0, block_len - key_len);

	92 }

	93

	94 // Set up the padding from the key, salting appropriately for each padding.

	95 o_pad_.reset(new uint8[block_len]);

	96 i_pad_.reset(new uint8[block_len]);

	97 for (size_t i = 0; i < block_len; ++i) {

	98 o_pad_[i] = 0x5c ^ new_key[i];

	99 i_pad_[i] = 0x36 ^ new_key[i];

	100 }

	101 // Inner hash; hash the inner padding, and then the input buffer.

	102 inner_.reset(new uint8[digest_->Size()]);

	103 digest_->Update(i_pad_.get(), block_len);

	104 return true;

	105 }

	106

	107 void HMAC::Update(const void* input, size_t in_len) {

	108 digest_->Update(input, in_len);

	109 }

	110

	111 void HMAC::Compute(void* output, size_t out_len) {

	112 // Outer hash; hash the outer padding, and then the result of the inner hash.

	113 digest_->Update(o_pad_.get(), block_len);

	114 digest_->Update(inner_.get(), digest_->Size());

	115 digest_->Finish(output, out_len);

	116 }

	117

14 } // namespace	118 } // namespace

15	119

16 namespace content {	120 namespace content {

17	121

18 P2PSocketHost::P2PSocketHost(IPC::Sender* message_sender,	122 P2PSocketHost::P2PSocketHost(IPC::Sender* message_sender,

19 int id)	123 int id)

20 : message_sender_(message_sender),	124 : message_sender_(message_sender),

21 id_(id),	125 id_(id),

22 state_(STATE_UNINITIALIZED) {	126 state_(STATE_UNINITIALIZED) {

23 }	127 }

(...skipping 71 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
95 case P2P_SOCKET_STUN_TCP_CLIENT:	199 case P2P_SOCKET_STUN_TCP_CLIENT:

96 case P2P_SOCKET_STUN_SSLTCP_CLIENT:	200 case P2P_SOCKET_STUN_SSLTCP_CLIENT:

97 case P2P_SOCKET_STUN_TLS_CLIENT:	201 case P2P_SOCKET_STUN_TLS_CLIENT:

98 return new P2PSocketHostStunTcp(message_sender, id, type, url_context);	202 return new P2PSocketHostStunTcp(message_sender, id, type, url_context);

99 }	203 }

100	204

101 NOTREACHED();	205 NOTREACHED();

102 return NULL;	206 return NULL;

103 }	207 }

104	208

	209 void P2PSocketHost::MaybeUpdateRtpSendTimeExtn(

	210 char* data, int length, const talk_base::PacketOptions& options) {

	211 // if there is no valid \|rtp_sendtime_extension_id\| or \|srtp_auth_key\| in

	212 // PacketOptions, nothing to be updated in this packet.

	213 if (options.packet_time_params.rtp_sendtime_extension_id == -1 &&
	juberti2 2014/02/20 23:43:56 The comment doesn't seem to match the code. \|\| ins The comment doesn't seem to match the code. \|\| instead of &&? Mallinath (Gone from Chromium) 2014/02/21 22:45:21 We should update HMAC even if extension is not pre We should update HMAC even if extension is not present. But for debugging purpose if we disable SRTP, we should still be able to update timestamp before sending packet. Hence I added &&. Otherwise it should bail out only if keys are not present. On 2014/02/20 23:43:56, juberti2 wrote: Show quoted text > The comment doesn't seem to match the code. \|\| instead of &&?
	214 options.packet_time_params.srtp_auth_key.empty()) {

	215 return;

	216 }

	217

	218 char* start = data;

	219 int raw_packet_len = options.packet_time_params.payload_len;
	juberti2 2014/02/20 23:43:56 Need to split RTP/TURN Channel Data/TURN Send Indi Need to split RTP/TURN Channel Data/TURN Send Indication here. This demux is easy, some work needed to loop through headers when doing the Send Indication. Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > Need to split RTP/TURN Channel Data/TURN Send Indication here. This demux is > easy, some work needed to loop through headers when doing the Send Indication. Done. Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > Need to split RTP/TURN Channel Data/TURN Send Indication here. This demux is > easy, some work needed to loop through headers when doing the Send Indication. Done.
	220 // If the packet is wrapped in any protocol like TURN/GTURN/ICE-TCP, \|length\|

	221 // will be larger than actual payload length. Skipping wrapper to point to the

	222 // raw payload.

	223 int wrapper_len = length - raw_packet_len;

	224 start += wrapper_len;

	225

	226 // If there is no valid Absolute sendtime extension id present in options,

	227 // we should just update the HMAC and return, if srtp auth key is present.

	228 if (options.packet_time_params.rtp_sendtime_extension_id == -1) {

	229 // If the packet is a regular STUN packet or a DTLS packet or a RTCP

	230 // packet \|srtp_auth_key\| will be empty.

	231 // We may have written a fake HMAC, if it's rtp packet.

	232 if (!options.packet_time_params.srtp_auth_key.empty()) {

	233 // Should we check if there is fake hmac written and if so, then update

	234 // HMAC?

	235 UpdateHmac(start, raw_packet_len, options);
	juberti2 2014/02/20 23:43:56 Seems like we could structure this logic more clea Seems like we could structure this logic more cleanly - basically, only update the extension if there is an extension id, but always update the HMAC Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > Seems like we could structure this logic more cleanly - basically, only update > the extension if there is an extension id, but always update the HMAC Done.
	236 }

	237 return;

	238 }

	239

	240 // Skip if the wrapped packet is RTCP packet.

	241 if (IsRtcpPacket(start)) {

	242 // RTCP packet must have rtp_sendtime_extension_id == -1 and empty

	243 // srtp_auth_key.

	244 DCHECK(false);
	juberti2 2014/02/20 23:43:56 DCHECK(!IsRtcpPacket(start)) right after we check DCHECK(!IsRtcpPacket(start)) right after we check that there is a id and key (above) Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > DCHECK(!IsRtcpPacket(start)) right after we check that there is a id and key > (above) Done.
	245 return;

	246 }

	247

	248 if (!FindAndUpdateRtpAbsSendTimeExtension(start, raw_packet_len, options)) {

	249 // We should find an extension id in the rtp packet.

	250 DCHECK(false);

	251 }

	252 UpdateHmac(start, raw_packet_len, options);

	253 }

	254

	255 bool P2PSocketHost::FindAndUpdateRtpAbsSendTimeExtension(

	256 char* data, int in_len, const talk_base::PacketOptions& options) {

	257 // 0 1 2 3

	258 // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

	259 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	260 // \|V=2\|P\|X\| CC \|M\| PT \| sequence number \|

	261 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	262 // \| timestamp \|

	263 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	264 // \| synchronization source (SSRC) identifier \|

	265 // +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

	266 // \| contributing source (CSRC) identifiers \|

	267 // \| .... \|

	268 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	269

	270 int cc_count = data[0] & 0x0F;

	271 int rtp_hdr_len_without_extn = kMinRtpHdrLen + 4 * cc_count;

	272 if (rtp_hdr_len_without_extn > in_len) {

	273 DCHECK(false);

	274 return false;

	275 }

	276

	277 bool X = (data[0] & 0x10);

	278 if (!X) // Return if extension bit is not set.

	279 return true;

	280

	281 data += rtp_hdr_len_without_extn;

	282

	283 // Getting extension profile ID and length.

	284 uint16 profile_id = talk_base::GetBE16(data);

	285 // Length is in 32 bit words.

	286 uint16 extn_length = talk_base::GetBE16(data + 2) * 4;

	287

	288 // Verify input length against total header size.

	289 if (rtp_hdr_len_without_extn + kRtpExtnHdrLen + extn_length > in_len) {

	290 DCHECK(false);

	291 return false;

	292 }

	293

	294 data += kRtpExtnHdrLen; // Moving past extn header.

	295

	296 // WebRTC is using one byte header extension.

	297 // TODO(mallinath) - Handle two byte header extension.

	298 if (profile_id == 0xBEDE) { // OneByte extension header

	299 // 0

	300 // 0 1 2 3 4 5 6 7

	301 // +-+-+-+-+-+-+-+-+

	302 // \| ID \| len \|

	303 // +-+-+-+-+-+-+-+-+

	304

	305 // 0 1 2 3

	306 // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

	307 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	308 // \| 0xBE \| 0xDE \| length=3 \|

	309 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	310 // \| ID \| L=0 \| data \| ID \| L=1 \| data...

	311 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	312 // ...data \| 0 (pad) \| 0 (pad) \| ID \| L=3 \|

	313 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	314 // \| data \|

	315 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	316 uint16 consumed = 0;

	317 while(extn_length - consumed > 0) {

	318 const int id = (*data & 0xF0) >> 4;

	319 const int len = (*data & 0x0F) + 1;

	320 // The 4-bit length is the number minus one of data bytes of this header

	321 // extension element following the one-byte header.

	322 if (id == options.packet_time_params.rtp_sendtime_extension_id) {

	323 UpdateRtpAbsSendTimeExtension(data + kOneByteHdrLen, len);

	324 return true;
	juberti2 2014/02/20 23:43:56 can just break here can just break here Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > can just break here Done.
	325 }

	326 consumed += kOneByteHdrLen + len;

	327 data += consumed;
	juberti2 2014/02/20 23:43:56 I don't think this is right - this should increme I don't think this is right - this should increment data by the same amount as consumed. Overall it seems like we should not be incrementing two counters - can you get rid of consumed by having something like char* extn_start = data and while (data - extn_start < extn_length) Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > I don't think this is right - this should increment data by the same amount as > consumed. Overall it seems like we should not be incrementing two counters - can > you get rid of consumed by having something like char* extn_start = data and > while (data - extn_start < extn_length) Done.
	328 // Count padding bytes

	329 while(*data != 0) {
	juberti2 2014/02/20 23:43:56 while (data) while (data) Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > while (*data) Done.
	330 ++data;

	331 ++consumed;

	332 }

	333 }

	334 }

	335 return true;

	336 }

	337

	338 void P2PSocketHost::UpdateRtpAbsSendTimeExtension(char* data, int len) {

	339 // Absolute send time in RTP streams.

	340 //

	341 // The absolute send time is signaled to the receiver in-band using the

	342 // general mechanism for RTP header extensions [RFC5285]. The payload

	343 // of this extension (the transmitted value) is a 24-bit unsigned integer

	344 // containing the sender's current time in seconds as a fixed point number

	345 // with 18 bits fractional part.

	346 //

	347 // The form of the absolute send time extension block:

	348 //

	349 // 0 1 2 3

	350 // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

	351 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	352 // \| ID \| len=2 \| absolute send time \|

	353 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	354 DCHECK_EQ(len, kAbsSendTimeExtnLen);

	355 uint64 now_ms = base::TimeTicks::Now().ToInternalValue();
	Stefan 2014/02/20 11:22:58 TimeTicks::Now() seems to have a resolution of 1-1 TimeTicks::Now() seems to have a resolution of 1-15 ms. That sounds pretty bad... If we get 15 ms jitter just from the inaccuracy of the clock we are in trouble. Maybe we should consider using TimeTicks::HighResNow() instead? It is more expensive, but I don't have a good understanding of how expensive... Note that this function returns the time in microseconds, so you'll have to divide by 1000 to get milliseconds. Or just change the unit. Mallinath (Gone from Chromium) 2014/02/20 19:34:32 OK. After some searching in code base, HighResNow OK. After some searching in code base, HighResNow is used in some media code bases. Also HighResNow implement differs from Now() only on Windows. Sergey, any insights? On 2014/02/20 11:22:58, Stefan wrote: Show quoted text > TimeTicks::Now() seems to have a resolution of 1-15 ms. That sounds pretty > bad... If we get 15 ms jitter just from the inaccuracy of the clock we are in > trouble. > > Maybe we should consider using TimeTicks::HighResNow() instead? It is more > expensive, but I don't have a good understanding of how expensive... > > Note that this function returns the time in microseconds, so you'll have to > divide by 1000 to get milliseconds. Or just change the unit. Sergey Ulanov 2014/02/20 19:46:10 I'm not an expert, but I think it should be accept Show quoted text On 2014/02/20 19:34:32, mallinath2 wrote: > OK. After some searching in code base, HighResNow is used in some media code > bases. Also HighResNow implement differs from Now() only on Windows. > > Sergey, any insights? I'm not an expert, but I think it should be acceptable to use HighResNow() here, just make sure it's not called more than once per package. Also use InMicroseconds() instead of ToInternalValue() as you don't want to depend on internal details of TimeTicks (e.g. it may be changed to measure time in nanoseconds in the future) Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 19:46:10, Sergey Ulanov wrote: > On 2014/02/20 19:34:32, mallinath2 wrote: > > OK. After some searching in code base, HighResNow is used in some media code > > bases. Also HighResNow implement differs from Now() only on Windows. > > > > Sergey, any insights? > > I'm not an expert, but I think it should be acceptable to use HighResNow() here, > just make sure it's not called more than once per package. > Also use InMicroseconds() instead of ToInternalValue() as you don't want to > depend on internal details of TimeTicks (e.g. it may be changed to measure time > in nanoseconds in the future) Done.
	356 // Convert second to 24-bit unsigned with 18 bit fractional part

	357 uint32 now_second = ((now_ms << 18) / base::Time::kMicrosecondsPerSecond) &

	358 0x00FFFFFF;

	359 // TODO(mallinath) - Add SetBE24 to byteorder.h in libjingle.

	360 data[0] = static_cast<uint8>(now_second >> 16);

	361 data[1] = static_cast<uint8>(now_second >> 8);

	362 data[2] = static_cast<uint8>(now_second);

	363 }

	364

	365 // Assumes \|len\| is actual packet length + tag length.

	366 void P2PSocketHost::UpdateHmac(char* packet, int len,

	367 const talk_base::PacketOptions& options) {

	368 char* auth_tag = packet +
	juberti2 2014/02/20 23:43:56 DCHECK that the tag is 0xbaddbaddbaddbadd, and srt DCHECK that the tag is 0xbaddbaddbaddbadd, and srtp_auth_tag_len is < len, and < HMAC output size Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > DCHECK that the tag is 0xbaddbaddbaddbadd, and srtp_auth_tag_len is < len, and < > HMAC output size Done.
	369 (len - options.packet_time_params.srtp_auth_tag_len);

	370 HMAC hmac;
	juberti2 2014/02/20 23:43:56 Just realized - not an issue now, but we will need Just realized - not an issue now, but we will need to pass down the HMAC algorithm in the PacketOptions to handle non-SHA-1 HMACs in the future Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Agree. On 2014/02/20 23:43:56, juberti2 wrote: Agree. On 2014/02/20 23:43:56, juberti2 wrote: Show quoted text > Just realized - not an issue now, but we will need to pass down the HMAC > algorithm in the PacketOptions to handle non-SHA-1 HMACs in the future
	371 if (!hmac.Init(&options.packet_time_params.srtp_auth_key[0],

	372 options.packet_time_params.srtp_auth_key.size())) {

	373 DCHECK(false);

	374 return;

	375 }

	376

	377 char output[20];
	juberti2 2014/02/20 23:43:56 In the future, this buffer may need to be bigger ( In the future, this buffer may need to be bigger (e.g. for SHA-256). Suggest making this 64 bytes or more Mallinath (Gone from Chromium) 2014/02/21 22:45:21 Done. Show quoted text On 2014/02/20 23:43:56, juberti2 wrote: > In the future, this buffer may need to be bigger (e.g. for SHA-256). Suggest > making this 64 bytes or more Done.
	378 size_t out_len = sizeof(output);

	379

	380 // First we should compute on the message and then packet index.

	381 hmac.Update(packet, len - options.packet_time_params.srtp_auth_tag_len);

	382 hmac.Update(reinterpret_cast<void*>(

	383 options.packet_time_params.srtp_packet_index), 4); // Use only ROC.

	384

	385 hmac.Compute(output, out_len);

	386 // Copy HMAC from output to packet. This is required as auth tag length

	387 // may not be equal to the actual HMAC length.

	388 memcpy(auth_tag, output, options.packet_time_params.srtp_auth_tag_len);

	389 }

	390

105 } // namespace content	391 } // namespace content

OLD	NEW

« no previous file with comments | « content/browser/renderer_host/p2p/socket_host.h ('k') | content/browser/renderer_host/p2p/socket_host_tcp.cc » ('j') | no next file with comments »