This CL adds methods to manipulate RTP header extension, particularly

content/browser/renderer_host/p2p/socket_host.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/renderer_host/p2p/socket_host.h"
 
 #include "base/sys_byteorder.h"
 #include "content/browser/renderer_host/p2p/socket_host_tcp.h"
 #include "content/browser/renderer_host/p2p/socket_host_tcp_server.h"
 #include "content/browser/renderer_host/p2p/socket_host_udp.h"
+#include "crypto/hmac.h"
+#include "third_party/libjingle/source/talk/base/asyncpacketsocket.h"
+#include "third_party/libjingle/source/talk/base/byteorder.h"
+#include "third_party/libjingle/source/talk/base/messagedigest.h"
+#include "third_party/libjingle/source/talk/p2p/base/stun.h"
 
 namespace {
+
 const uint32 kStunMagicCookie = 0x2112A442;
+const int kMinRtpHdrLen = 12;
+const int kRtpExtnHdrLen = 4;
+const int kDtlsRecordHeaderLen = 13;
+const int kTurnChannelHdrLen = 4;
+const int kAbsSendTimeExtnLen = 3;
+const int kOneByteHdrLen = 1;
+
+// Fake auth tag written by the render process if external authentication is
+// enabled. HMAC in packet will be compared against this value before updating
+// packet with actual HMAC value.
+static const unsigned char kFakeAuthTag[10] = {
+    0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd
+};
+
+bool IsTurnChannelData(const char* data) {
+  return ((*data & 0xC0) == 0x40);
+}
+
+bool IsDtlsPacket(const char* data, int len) {
+  const uint8* u = reinterpret_cast<const uint8*>(data);
+  return (len >= kDtlsRecordHeaderLen && (u[0] > 19 && u[0] < 64));
+}
+
+bool IsRtcpPacket(const char* data) {
+  int type = (static_cast<uint8>(data[1]) & 0x7F);
+  return (type >= 64 && type < 96);
+}
+
+bool IsStunPacket(const char* data) {
+  return ((*data & 0xC0) == 0);
+}
+
+bool IsTurnSendIndicationPacket(const char* data) {
+  uint16 type = talk_base::GetBE16(data);
+  return (type == cricket::TURN_SEND_INDICATION);
+}
+
+bool IsRtpPacket(const char* data, int len) {
+  return ((*data & 0xC0) == 0x80);
+}
+
 }  // namespace
 
 namespace content {
 
 P2PSocketHost::P2PSocketHost(IPC::Sender* message_sender,
                              int id)
     : message_sender_(message_sender),
       id_(id),
       state_(STATE_UNINITIALIZED) {
 }
@@ skipping 71 matching lines @@
     case P2P_SOCKET_STUN_TCP_CLIENT:
     case P2P_SOCKET_STUN_SSLTCP_CLIENT:
     case P2P_SOCKET_STUN_TLS_CLIENT:
       return new P2PSocketHostStunTcp(message_sender, id, type, url_context);
   }
 
   NOTREACHED();
   return NULL;
 }
 
+void P2PSocketHost::MaybeUpdatePacketSendTimeExtn(
+    char* data, int length, const talk_base::PacketOptions& options) {
+  if (length <= 0) {
+    return;
+  }
+
+  // if there is no valid |rtp_sendtime_extension_id| and |srtp_auth_key| in
+  // PacketOptions, nothing to be updated in this packet.
+  if (options.packet_time_params.rtp_sendtime_extension_id == -1 &&
+      options.packet_time_params.srtp_auth_key.empty()) {
+    return;
+  }
+
+  DCHECK(!IsDtlsPacket(data, length));
+  DCHECK(!IsRtcpPacket(data));
+
+  // If there is a srtp auth key present then packet must be a RTP packet.
+  // RTP packet may have been wrapped in a TURN Channel Data or
+  // TURN send indication.
+  int rtp_start_pos;
+  int rtp_length;
+  if (!GetRtpPacketStartPositionAndLength(
+      data, length, &rtp_start_pos, &rtp_length)) {
+    // This method should never return false.
+    NOTREACHED();
+    return;
+  }
+
+  // Skip to rtp packet.
+  char* start = data + rtp_start_pos;
+  // If there a non negetive sendtime extension id present in packet options,
+  // then we should parse the rtp packet to update the timestamp. Otherwise
+  // just calculate HMAC and update packet with it.
+  if (options.packet_time_params.rtp_sendtime_extension_id != -1) {

[Solis, 2014/02/26 15:49:34]

You know this from the check at the beginning of the function.

[Mallinath (Gone from Chromium), 2014/02/26 19:59:20]

At the beginning i am checking both extension id and srtp auth params. So we can
be here if extn id = -1 and non empty srtp auth params, i.e. function beginning
condition will fail.
On 2014/02/26 15:49:34, Solis wrote:

+    if (!MaybeUpdateRtpSendTimeExtn(
+        start, rtp_length,
+        options.packet_time_params.rtp_sendtime_extension_id)) {
+      // We should find an extension id in the rtp packet.
+      NOTREACHED();
+      return;
+    }
+  }
+
+  MaybeUpdateRtpAuthTag(start, rtp_length, options);
+}
+
+bool P2PSocketHost::GetRtpPacketStartPositionAndLength(
+    char* packet, int length, int* rtp_start_pos, int* rtp_packet_length) {
+  if (IsTurnChannelData(packet)) {
+    // Turn Channel Message header format.
+    //   0                   1                   2                   3
+    //  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |         Channel Number        |            Length             |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |                                                               |
+    // /                       Application Data                        /
+    // /                                                               /
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    if (length < kTurnChannelHdrLen) {
+      return false;
+    }
+
+    *rtp_start_pos = kTurnChannelHdrLen;

[Solis, 2014/02/26 15:49:34]

I strongly advise against changing an output parameter unless the function
succeeds. You should keep the start pos and length on the stack and only write
to rtp_start_pos and rtp_packet_length on success.

[Mallinath (Gone from Chromium), 2014/02/26 19:59:20]

Done.

+    *rtp_packet_length = talk_base::GetBE16(&packet[2]);
+    if (length < *rtp_packet_length + kTurnChannelHdrLen) {
+      return false;
+    }
+  } else if (IsTurnSendIndicationPacket(packet)) {
+    if (length <= kStunHeaderSize) {
+      // Message must be greater than 20 bytes, if it's carrying any payload.
+      return false;
+    }
+    // Validate STUN message length.
+    int stun_msg_len = talk_base::GetBE16(&packet[2]);
+    if (stun_msg_len + kStunHeaderSize != length) {
+      return false;
+    }
+
+    // First skip mandatory stun header which is of 20 bytes.
+    *rtp_start_pos = kStunHeaderSize;
+    // Loop through STUN attributes until we find STUN DATA attribute.
+    char* start = packet + *rtp_start_pos;
+    bool data_attr_present = false;
+    while ((packet + *rtp_start_pos) - start < length) {
+      // Keep reading STUN attributes until we hit DATA attribute.
+      // Attribute will be a TLV structure.
+      // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      // |         Type                  |            Length             |
+      // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      // |                         Value (variable)                ....
+      // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      // The value in the length field MUST contain the length of the Value
+      // part of the attribute, prior to padding, measured in bytes.  Since
+      // STUN aligns attributes on 32-bit boundaries, attributes whose content
+      // is not a multiple of 4 bytes are padded with 1, 2, or 3 bytes of
+      // padding so that its value contains a multiple of 4 bytes.  The
+      // padding bits are ignored, and may be any value.
+      uint16 attr_type, attr_length;
+      // Getting attribute type and length.
+      attr_type = talk_base::GetBE16(&packet[*rtp_start_pos]);
+      attr_length = talk_base::GetBE16(
+          &packet[*rtp_start_pos + sizeof(attr_type)]);
+      // Checking for bogus attribute length.
+      if (length < attr_length + *rtp_start_pos) {
+        return false;
+      }
+      if (attr_type != cricket::STUN_ATTR_DATA) {
+        *rtp_start_pos += sizeof(attr_type) + sizeof(attr_length) + attr_length;
+        if ((attr_length % 4) != 0) {
+          *rtp_start_pos += (4 - (attr_length % 4));
+        }
+        continue;
+      }
+      data_attr_present = true;
+      *rtp_start_pos += 4;  // Skip STUN_DATA_ATTR header.
+      *rtp_packet_length = attr_length;
+      // One final check of length before exiting.
+      if (length < *rtp_packet_length + *rtp_start_pos)
+        return false;
+
+      // We found STUN_DATA_ATTR. We can skip parsing rest of the packet.
+      break;
+    }
+
+    if (!data_attr_present) {
+      // There is no data attribute present in the message. We can't do anything
+      // with the message.
+      return false;
+    }
+
+  } else {
+    // This is a raw RTP packet.
+    *rtp_start_pos = 0;
+    *rtp_packet_length = length;
+  }
+
+  return (IsRtpPacket(packet + *rtp_start_pos, *rtp_packet_length)) ?
+      ValidateRtpHeader(packet + *rtp_start_pos, *rtp_packet_length) : false;
+}
+
+// Verifies rtp header and message length.
+bool P2PSocketHost::ValidateRtpHeader(char* rtp, int length) {
+  int cc_count = rtp[0] & 0x0F;
+  int rtp_hdr_len_without_extn = kMinRtpHdrLen + 4 * cc_count;
+  if (rtp_hdr_len_without_extn > length) {
+    return false;
+  }
+
+  bool X = (rtp[0] & 0x10);
+  if (!X)   // Return if extension bit is not set.
+    return true;
+
+  rtp += rtp_hdr_len_without_extn;
+
+  // Getting extension profile length.
+  // Length is in 32 bit words.
+  uint16 extn_length = talk_base::GetBE16(rtp + 2) * 4;
+
+  // Verify input length against total header size.
+  if (rtp_hdr_len_without_extn + kRtpExtnHdrLen + extn_length > length) {
+    return false;
+  }
+  return true;
+}
+
+// ValidateRtpHeader must be called before this method to make sure, we have
+// a sane rtp packet.
+bool P2PSocketHost::MaybeUpdateRtpSendTimeExtn(char* rtp, int length,
+                                               int extension_id) {
+   //  0                   1                   2                   3
+   //  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+   // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+   // |V=2|P|X|  CC   |M|     PT      |       sequence number         |
+   // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+   // |                           timestamp                           |
+   // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+   // |           synchronization source (SSRC) identifier            |
+   // +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+   // |            contributing source (CSRC) identifiers             |
+   // |                             ....                              |
+   // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+  bool X = (rtp[0] & 0x10);
+  if (!X)   // Return if extension bit is not set.
+    return true;
+
+  int cc_count = rtp[0] & 0x0F;
+  int rtp_hdr_len_without_extn = kMinRtpHdrLen + 4 * cc_count;
+
+  rtp += rtp_hdr_len_without_extn;
+
+  // Getting extension profile ID and length.
+  uint16 profile_id = talk_base::GetBE16(rtp);
+  // Length is in 32 bit words.
+  uint16 extn_length = talk_base::GetBE16(rtp + 2) * 4;
+
+  rtp += kRtpExtnHdrLen;  // Moving past extn header.
+
+  bool found = false;
+  // WebRTC is using one byte header extension.
+  // TODO(mallinath) - Handle two byte header extension.
+  if (profile_id == 0xBEDE) {  // OneByte extension header
+    //  0
+    //  0 1 2 3 4 5 6 7
+    // +-+-+-+-+-+-+-+-+
+    // |  ID   |  len  |
+    // +-+-+-+-+-+-+-+-+
+
+    //  0                   1                   2                   3
+    //  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |       0xBE    |    0xDE       |           length=3            |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |  ID   | L=0   |     data      |  ID   |  L=1  |   data...
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    //       ...data   |    0 (pad)    |    0 (pad)    |  ID   | L=3   |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |                          data                                 |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    char* extn_start = rtp;
+    while (rtp - extn_start < extn_length) {
+      const int id = (*rtp & 0xF0) >> 4;
+      const int len = (*rtp & 0x0F) + 1;
+      // The 4-bit length is the number minus one of data bytes of this header
+      // extension element following the one-byte header.
+      if (id == extension_id) {
+        UpdateSendTimeExtnValue(rtp + kOneByteHdrLen, len);
+        found = true;
+        break;
+      }
+      rtp += kOneByteHdrLen + len;
+      // Counting padding bytes
+      while ((*rtp != 0) && (rtp - extn_start < extn_length)) {
+        ++rtp;
+      }
+    }
+  }
+  return found;
+}
+
+void P2PSocketHost::UpdateSendTimeExtnValue(char* extn_data, int len) {
+  // Absolute send time in RTP streams.
+  //
+  // The absolute send time is signaled to the receiver in-band using the
+  // general mechanism for RTP header extensions [RFC5285]. The payload
+  // of this extension (the transmitted value) is a 24-bit unsigned integer
+  // containing the sender's current time in seconds as a fixed point number
+  // with 18 bits fractional part.
+  //
+  // The form of the absolute send time extension block:
+  //
+  //    0                   1                   2                   3
+  //    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+  //   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  //   |  ID   | len=2 |              absolute send time               |
+  //   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  DCHECK_EQ(len, kAbsSendTimeExtnLen);
+  // Now() has resolution ~1-15ms, using HighResNow(). But it is warned not to
+  // use it unless necessary, as it is expensive than Now().
+  uint64 now_us =
+      (base::TimeTicks::HighResNow() - base::TimeTicks()).InMicroseconds();
+  // Convert second to 24-bit unsigned with 18 bit fractional part
+  uint32 now_second = ((now_us << 18) / base::Time::kMicrosecondsPerSecond) &
+                       0x00FFFFFF;
+  // TODO(mallinath) - Add SetBE24 to byteorder.h in libjingle.
+  extn_data[0] = static_cast<uint8>(now_second >> 16);
+  extn_data[1] = static_cast<uint8>(now_second >> 8);
+  extn_data[2] = static_cast<uint8>(now_second);
+}
+
+// Assumes |len| is actual packet length + tag length.
+void P2PSocketHost::MaybeUpdateRtpAuthTag(
+    char* rtp, int len, const talk_base::PacketOptions& options) {
+  size_t tag_length = options.packet_time_params.srtp_auth_tag_len;
+  char* auth_tag = rtp + (len - tag_length);
+
+  // We should have a fake HMAC value @ auth_tag.
+  DCHECK_EQ(0, memcmp(auth_tag, kFakeAuthTag, tag_length));
+
+  crypto::HMAC hmac(crypto::HMAC::SHA1);
+  if (!hmac.Init(reinterpret_cast<const unsigned char*>(
+                    &options.packet_time_params.srtp_auth_key[0]),
+                 options.packet_time_params.srtp_auth_key.size())) {
+    NOTREACHED();
+    return;
+  }
+
+  if (hmac.DigestLength() < tag_length) {
+    NOTREACHED();
+    return;
+  }
+
+  // Copy ROC after end of rtp packet.
+  memcpy(auth_tag, &options.packet_time_params.srtp_packet_index, 4);
+
+  unsigned char output[64];
+  size_t out_len = sizeof(output);
+  DCHECK(!hmac.Sign(rtp, output, out_len));
+
+  // Copy HMAC from output to packet. This is required as auth tag length
+  // may not be equal to the actual HMAC length.
+  memcpy(auth_tag, output, tag_length);
+}
+
 }  // namespace content