This CL adds methods to manipulate RTP header extension, particularly

content/browser/renderer_host/p2p/socket_host.cc

Index: content/browser/renderer_host/p2p/socket_host.cc
diff --git a/content/browser/renderer_host/p2p/socket_host.cc b/content/browser/renderer_host/p2p/socket_host.cc
index 4b45e99adad087881aa5f9bff69a1004e727a39f..d43a69a1c345b3826daefdb4648e11dea76fe4d2 100644
--- a/content/browser/renderer_host/p2p/socket_host.cc
+++ b/content/browser/renderer_host/p2p/socket_host.cc
@@ -8,9 +8,113 @@
 #include "content/browser/renderer_host/p2p/socket_host_tcp.h"
 #include "content/browser/renderer_host/p2p/socket_host_tcp_server.h"
 #include "content/browser/renderer_host/p2p/socket_host_udp.h"
+#include "third_party/libjingle/source/talk/base/asyncpacketsocket.h"
+#include "third_party/libjingle/source/talk/base/byteorder.h"
+#include "third_party/libjingle/source/talk/base/messagedigest.h"
+#include "third_party/libjingle/source/talk/p2p/base/stun.h"
 
 namespace {
+
 const uint32 kStunMagicCookie = 0x2112A442;
+const int kMinRtpHdrLen = 12;
+const int kRtpExtnHdrLen = 4;
+const int kAbsSendTimeExtnLen = 3;
+const int kOneByteHdrLen = 1;
+
+// bool IsTurnChannelData(const char* data) {
+//   uint16 type = talk_base::GetBE16(data);
+//   return ((type & 0xC000) == 0x4000);  // MSB are 0b01
+// }
+
+// bool IsDtlsPacket(const char* data, int len) {
+//   const uint8* u = reinterpret_cast<const uint8*>(data);
+//   return (len >= kDtlsRecordHeaderLen && (u[0] > 19 && u[0] < 64));
+// }
+
+bool IsRtcpPacket(const char* data) {
+  int type = (static_cast<uint8>(data[1]) & 0x7F);
+  return (type >= 64 && type < 96);
+}
+
+// bool IsStunPacket(const char* data) {
+//   uint16 type = talk_base::GetBE16(data);
+//   return !(type & 0xC000);
+// }
+
+// bool IsStunDataIndicationPacket(const char* data) {
+//   uint16 type = talk_base::GetBE16(data);
+//   return (type == cricket::TURN_SEND_INDICATION);
+// }
+
+const size_t kBlockSize = 64;  // valid for SHA-256 and down
+
+class HMAC {

[Sergey Ulanov, 2014/02/20 19:30:28]

There is HMAC implamentation in crypto/hmac.h. Is it necessary to duplicate it
here?

[Mallinath (Gone from Chromium), 2014/02/20 19:34:32]

Yea, I saw that. I am also exploring that option, but they all including one in
libjingle(ComputeHmac) all take one message and compute HMAC on it. But in our
case we will have 2 inputs. One message it self and other is SRTP packet index.
That's why I call Update twice below and then call Compute at the end.

On 2014/02/20 19:30:28, Sergey Ulanov wrote:

[juberti2, 2014/02/20 23:43:56]

Update(x + y), Compute is the same as Update(x), Update(y), Compute. So I think
we can make it work with the existing classes.

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Thanks, Let me try that.
On 2014/02/20 23:43:56, juberti2 wrote:

+ public:
+  HMAC();
+  ~HMAC() {}
+
+  bool Init(const void* key, size_t key_len);
+  void Update(const void* input, size_t in_len);
+  void Compute(void* output, size_t out_len);
+
+ private:
+  size_t block_len;
+  scoped_ptr<uint8[]> o_pad_;
+  scoped_ptr<uint8[]> i_pad_;
+  scoped_ptr<uint8[]> inner_;
+  scoped_ptr<talk_base::MessageDigest> digest_;
+};
+
+HMAC::HMAC()
+    : digest_(talk_base::MessageDigestFactory::Create(
+          talk_base::DIGEST_SHA_1)) {
+}
+
+bool HMAC::Init(const void* key, size_t key_len) {
+  if (!digest_) {
+    return false;
+  }
+  block_len = kBlockSize;
+  if (digest_->Size() > 32) {
+    return false;
+  }
+
+  // Copy the key to a block-sized buffer to simplify padding.
+  // If the key is longer than a block, hash it and use the result instead.
+  talk_base::scoped_ptr<uint8[]> new_key(new uint8[block_len]);
+  if (key_len > block_len) {
+    talk_base::ComputeDigest(digest_.get(), key, key_len,
+                             new_key.get(), block_len);
+    memset(new_key.get() + digest_->Size(), 0, block_len - digest_->Size());
+  } else {
+    memcpy(new_key.get(), key, key_len);
+    memset(new_key.get() + key_len, 0, block_len - key_len);
+  }
+
+  // Set up the padding from the key, salting appropriately for each padding.
+  o_pad_.reset(new uint8[block_len]);
+  i_pad_.reset(new uint8[block_len]);
+  for (size_t i = 0; i < block_len; ++i) {
+    o_pad_[i] = 0x5c ^ new_key[i];
+    i_pad_[i] = 0x36 ^ new_key[i];
+  }
+  // Inner hash; hash the inner padding, and then the input buffer.
+  inner_.reset(new uint8[digest_->Size()]);
+  digest_->Update(i_pad_.get(), block_len);
+  return true;
+}
+
+void HMAC::Update(const void* input, size_t in_len) {
+  digest_->Update(input, in_len);
+}
+
+void HMAC::Compute(void* output, size_t out_len) {
+  // Outer hash; hash the outer padding, and then the result of the inner hash.
+  digest_->Update(o_pad_.get(), block_len);
+  digest_->Update(inner_.get(), digest_->Size());
+  digest_->Finish(output, out_len);
+}
+
 }  // namespace
 
 namespace content {
@@ -102,4 +206,186 @@ P2PSocketHost* P2PSocketHost::Create(
   return NULL;
 }
 
+void P2PSocketHost::MaybeUpdateRtpSendTimeExtn(
+    char* data, int length, const talk_base::PacketOptions& options) {
+  // if there is no valid |rtp_sendtime_extension_id| or |srtp_auth_key| in
+  // PacketOptions, nothing to be updated in this packet.
+  if (options.packet_time_params.rtp_sendtime_extension_id == -1 &&

[juberti2, 2014/02/20 23:43:56]

The comment doesn't seem to match the code. || instead of &&?

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

We should update HMAC even if extension is not present. But for debugging
purpose if we disable SRTP, we should still be able to update timestamp before
sending packet. Hence I added &&. Otherwise it should bail out only if keys are
not present.

On 2014/02/20 23:43:56, juberti2 wrote:

+      options.packet_time_params.srtp_auth_key.empty()) {
+    return;
+  }
+
+  char* start = data;
+  int raw_packet_len = options.packet_time_params.payload_len;

[juberti2, 2014/02/20 23:43:56]

Need to split RTP/TURN Channel Data/TURN Send Indication here. This demux is
easy, some work needed to loop through headers when doing the Send Indication.

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+  // If the packet is wrapped in any protocol like TURN/GTURN/ICE-TCP, |length|
+  // will be larger than actual payload length. Skipping wrapper to point to the
+  // raw payload.
+  int wrapper_len = length - raw_packet_len;
+  start += wrapper_len;
+
+  // If there is no valid Absolute sendtime extension id present in options,
+  // we should just update the HMAC and return, if srtp auth key is present.
+  if (options.packet_time_params.rtp_sendtime_extension_id == -1) {
+    // If the packet is a regular STUN packet or a DTLS packet or a RTCP
+    // packet |srtp_auth_key| will be empty.
+    // We may have written a fake HMAC, if it's rtp packet.
+    if (!options.packet_time_params.srtp_auth_key.empty()) {
+      // Should we check if there is fake hmac written and if so, then update
+      // HMAC?
+      UpdateHmac(start, raw_packet_len, options);

[juberti2, 2014/02/20 23:43:56]

Seems like we could structure this logic more cleanly - basically, only update
the extension if there is an extension id, but always update the HMAC

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+    }
+    return;
+  }
+
+  // Skip if the wrapped packet is RTCP packet.
+  if (IsRtcpPacket(start)) {
+    // RTCP packet must have rtp_sendtime_extension_id == -1 and empty
+    // srtp_auth_key.
+    DCHECK(false);

[juberti2, 2014/02/20 23:43:56]

DCHECK(!IsRtcpPacket(start)) right after we check that there is a id and key
(above)

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+    return;
+  }
+
+  if (!FindAndUpdateRtpAbsSendTimeExtension(start, raw_packet_len, options)) {
+    // We should find an extension id in the rtp packet.
+    DCHECK(false);
+  }
+  UpdateHmac(start, raw_packet_len, options);
+}
+
+bool P2PSocketHost::FindAndUpdateRtpAbsSendTimeExtension(
+    char* data, int in_len, const talk_base::PacketOptions& options) {
+   //  0                   1                   2                   3
+   //  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+   // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+   // |V=2|P|X|  CC   |M|     PT      |       sequence number         |
+   // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+   // |                           timestamp                           |
+   // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+   // |           synchronization source (SSRC) identifier            |
+   // +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+   // |            contributing source (CSRC) identifiers             |
+   // |                             ....                              |
+   // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+  int cc_count = data[0] & 0x0F;
+  int rtp_hdr_len_without_extn = kMinRtpHdrLen + 4 * cc_count;
+  if (rtp_hdr_len_without_extn > in_len) {
+    DCHECK(false);
+    return false;
+  }
+
+  bool X = (data[0] & 0x10);
+  if (!X)   // Return if extension bit is not set.
+    return true;
+
+  data += rtp_hdr_len_without_extn;
+
+  // Getting extension profile ID and length.
+  uint16 profile_id = talk_base::GetBE16(data);
+  // Length is in 32 bit words.
+  uint16 extn_length = talk_base::GetBE16(data + 2) * 4;
+
+  // Verify input length against total header size.
+  if (rtp_hdr_len_without_extn + kRtpExtnHdrLen + extn_length > in_len) {
+    DCHECK(false);
+    return false;
+  }
+
+  data += kRtpExtnHdrLen;  // Moving past extn header.
+
+  // WebRTC is using one byte header extension.
+  // TODO(mallinath) - Handle two byte header extension.
+  if (profile_id == 0xBEDE) {  // OneByte extension header
+    //  0
+    //  0 1 2 3 4 5 6 7
+    // +-+-+-+-+-+-+-+-+
+    // |  ID   |  len  |
+    // +-+-+-+-+-+-+-+-+
+
+    //  0                   1                   2                   3
+    //  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |       0xBE    |    0xDE       |           length=3            |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |  ID   | L=0   |     data      |  ID   |  L=1  |   data...
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    //       ...data   |    0 (pad)    |    0 (pad)    |  ID   | L=3   |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    // |                          data                                 |
+    // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    uint16 consumed = 0;
+    while(extn_length - consumed > 0) {
+      const int id = (*data & 0xF0) >> 4;
+      const int len = (*data & 0x0F) + 1;
+      // The 4-bit length is the number minus one of data bytes of this header
+      // extension element following the one-byte header.
+      if (id == options.packet_time_params.rtp_sendtime_extension_id) {
+        UpdateRtpAbsSendTimeExtension(data + kOneByteHdrLen, len);
+        return true;

[juberti2, 2014/02/20 23:43:56]

can just break here

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+      }
+      consumed += kOneByteHdrLen + len;
+      data += consumed;

[juberti2, 2014/02/20 23:43:56]

I don't think this is right  - this should increment data by the same amount as
consumed. Overall it seems like we should not be incrementing two counters - can
you get rid of consumed by having something like char* extn_start = data and
while (data - extn_start < extn_length)

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+      // Count padding bytes
+      while(*data != 0) {

[juberti2, 2014/02/20 23:43:56]

while (*data)

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+        ++data;
+        ++consumed;
+      }
+    }
+  }
+  return true;
+}
+
+void P2PSocketHost::UpdateRtpAbsSendTimeExtension(char* data, int len) {
+  // Absolute send time in RTP streams.
+  //
+  // The absolute send time is signaled to the receiver in-band using the
+  // general mechanism for RTP header extensions [RFC5285]. The payload
+  // of this extension (the transmitted value) is a 24-bit unsigned integer
+  // containing the sender's current time in seconds as a fixed point number
+  // with 18 bits fractional part.
+  //
+  // The form of the absolute send time extension block:
+  //
+  //    0                   1                   2                   3
+  //    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+  //   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  //   |  ID   | len=2 |              absolute send time               |
+  //   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+  DCHECK_EQ(len, kAbsSendTimeExtnLen);
+  uint64 now_ms = base::TimeTicks::Now().ToInternalValue();

[Stefan, 2014/02/20 11:22:58]

TimeTicks::Now() seems to have a resolution of 1-15 ms. That sounds pretty
bad... If we get 15 ms jitter just from the inaccuracy of the clock we are in
trouble.

Maybe we should consider using TimeTicks::HighResNow() instead? It is more
expensive, but I don't have a good understanding of how expensive...

Note that this function returns the time in microseconds, so you'll have to
divide by 1000 to get milliseconds. Or just change the unit.

[Mallinath (Gone from Chromium), 2014/02/20 19:34:32]

OK. After some searching in code base, HighResNow is used in some media code
bases. Also HighResNow implement differs from Now() only on Windows. 

Sergey, any insights?

On 2014/02/20 11:22:58, Stefan wrote:

[Sergey Ulanov, 2014/02/20 19:46:10]

I'm not an expert, but I think it should be acceptable to use HighResNow() here,
just make sure it's not called more than once per package. 
Also use InMicroseconds() instead of ToInternalValue() as you don't want to
depend on internal details of TimeTicks (e.g. it may be changed to measure time
in nanoseconds in the future)

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+  // Convert second to 24-bit unsigned with 18 bit fractional part
+  uint32 now_second = ((now_ms << 18) / base::Time::kMicrosecondsPerSecond) &
+                       0x00FFFFFF;
+  // TODO(mallinath) - Add SetBE24 to byteorder.h in libjingle.
+  data[0] = static_cast<uint8>(now_second >> 16);
+  data[1] = static_cast<uint8>(now_second >> 8);
+  data[2] = static_cast<uint8>(now_second);
+}
+
+// Assumes |len| is actual packet length + tag length.
+void P2PSocketHost::UpdateHmac(char* packet, int len,
+                               const talk_base::PacketOptions& options) {
+  char* auth_tag = packet +

[juberti2, 2014/02/20 23:43:56]

DCHECK that the tag is 0xbaddbaddbaddbadd, and srtp_auth_tag_len is < len, and <
HMAC output size

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+                    (len - options.packet_time_params.srtp_auth_tag_len);
+  HMAC hmac;

[juberti2, 2014/02/20 23:43:56]

Just realized - not an issue now, but we will need to pass down the HMAC
algorithm in the PacketOptions to handle non-SHA-1 HMACs in the future

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Agree.
On 2014/02/20 23:43:56, juberti2 wrote:

+  if (!hmac.Init(&options.packet_time_params.srtp_auth_key[0],
+                 options.packet_time_params.srtp_auth_key.size())) {
+    DCHECK(false);
+    return;
+  }
+
+  char output[20];

[juberti2, 2014/02/20 23:43:56]

In the future, this buffer may need to be bigger (e.g. for SHA-256). Suggest
making this 64 bytes or more

[Mallinath (Gone from Chromium), 2014/02/21 22:45:21]

Done.

+  size_t out_len = sizeof(output);
+
+  // First we should compute on the message and then packet index.
+  hmac.Update(packet, len - options.packet_time_params.srtp_auth_tag_len);
+  hmac.Update(reinterpret_cast<void*>(
+      options.packet_time_params.srtp_packet_index), 4);  // Use only ROC.
+
+  hmac.Compute(output, out_len);
+  // Copy HMAC from output to packet. This is required as auth tag length
+  // may not be equal to the actual HMAC length.
+  memcpy(auth_tag, output, options.packet_time_params.srtp_auth_tag_len);
+}
+
 }  // namespace content