1 /*
2 * Copyright (c) 2011 The WebRTC project authors. All Rights Reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11 #include "media/base/rtp_utils.h"
12
13 #include <string.h>
14
15 #include <vector>
16
17 // PacketTimeUpdateParams is defined in asyncpacketsocket.h.
18 // TODO(sergeyu): Find more appropriate place for PacketTimeUpdateParams.
19 #include "media/base/turn_utils.h"
20 #include "modules/rtp_rtcp/source/rtp_util.h"
21 #include "rtc_base/async_packet_socket.h"
22 #include "rtc_base/byte_order.h"
23 #include "rtc_base/checks.h"
24 #include "rtc_base/message_digest.h"
25
26 namespace cricket {
27
28 static const size_t kRtcpPayloadTypeOffset = 1;
29 static const size_t kRtpExtensionHeaderLen = 4;
30 static const size_t kAbsSendTimeExtensionLen = 3;
31 static const size_t kOneByteExtensionHeaderLen = 1;
32 static const size_t kTwoByteExtensionHeaderLen = 2;
33
34 namespace {
35
36 // Fake auth tag written by the sender when external authentication is enabled.
37 // HMAC in packet will be compared against this value before updating packet
38 // with actual HMAC value.
39 static const uint8_t kFakeAuthTag[10] = {0xba, 0xdd, 0xba, 0xdd, 0xba,
40 0xdd, 0xba, 0xdd, 0xba, 0xdd};
41
UpdateAbsSendTimeExtensionValue(uint8_t * extension_data,size_t length,uint64_t time_us)42 void UpdateAbsSendTimeExtensionValue(uint8_t* extension_data,
43 size_t length,
44 uint64_t time_us) {
45 // Absolute send time in RTP streams.
46 //
47 // The absolute send time is signaled to the receiver in-band using the
48 // general mechanism for RTP header extensions [RFC5285]. The payload
49 // of this extension (the transmitted value) is a 24-bit unsigned integer
50 // containing the sender's current time in seconds as a fixed point number
51 // with 18 bits fractional part.
52 //
53 // The form of the absolute send time extension block:
54 //
55 // 0 1 2 3
56 // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
57 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
58 // | ID | len=2 | absolute send time |
59 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
60 if (length != kAbsSendTimeExtensionLen) {
61 RTC_DCHECK_NOTREACHED();
62 return;
63 }
64
65 // Convert microseconds to a 6.18 fixed point value in seconds.
66 uint32_t send_time = ((time_us << 18) / 1000000) & 0x00FFFFFF;
67 extension_data[0] = static_cast<uint8_t>(send_time >> 16);
68 extension_data[1] = static_cast<uint8_t>(send_time >> 8);
69 extension_data[2] = static_cast<uint8_t>(send_time);
70 }
71
72 // Assumes `length` is actual packet length + tag length. Updates HMAC at end of
73 // the RTP packet.
UpdateRtpAuthTag(uint8_t * rtp,size_t length,const rtc::PacketTimeUpdateParams & packet_time_params)74 void UpdateRtpAuthTag(uint8_t* rtp,
75 size_t length,
76 const rtc::PacketTimeUpdateParams& packet_time_params) {
77 // If there is no key, return.
78 if (packet_time_params.srtp_auth_key.empty()) {
79 return;
80 }
81
82 size_t tag_length = packet_time_params.srtp_auth_tag_len;
83
84 // ROC (rollover counter) is at the beginning of the auth tag.
85 const size_t kRocLength = 4;
86 if (tag_length < kRocLength || tag_length > length) {
87 RTC_DCHECK_NOTREACHED();
88 return;
89 }
90
91 uint8_t* auth_tag = rtp + (length - tag_length);
92
93 // We should have a fake HMAC value @ auth_tag.
94 RTC_DCHECK_EQ(0, memcmp(auth_tag, kFakeAuthTag, tag_length));
95
96 // Copy ROC after end of rtp packet.
97 memcpy(auth_tag, &packet_time_params.srtp_packet_index, kRocLength);
98 // Authentication of a RTP packet will have RTP packet + ROC size.
99 size_t auth_required_length = length - tag_length + kRocLength;
100
101 uint8_t output[64];
102 size_t result =
103 rtc::ComputeHmac(rtc::DIGEST_SHA_1, &packet_time_params.srtp_auth_key[0],
104 packet_time_params.srtp_auth_key.size(), rtp,
105 auth_required_length, output, sizeof(output));
106
107 if (result < tag_length) {
108 RTC_DCHECK_NOTREACHED();
109 return;
110 }
111
112 // Copy HMAC from output to packet. This is required as auth tag length
113 // may not be equal to the actual HMAC length.
114 memcpy(auth_tag, output, tag_length);
115 }
116
GetUint8(const void * data,size_t offset,int * value)117 bool GetUint8(const void* data, size_t offset, int* value) {
118 if (!data || !value) {
119 return false;
120 }
121 *value = *(static_cast<const uint8_t*>(data) + offset);
122 return true;
123 }
124
125 } // namespace
126
GetRtcpType(const void * data,size_t len,int * value)127 bool GetRtcpType(const void* data, size_t len, int* value) {
128 if (len < kMinRtcpPacketLen) {
129 return false;
130 }
131 return GetUint8(data, kRtcpPayloadTypeOffset, value);
132 }
133
134 // This method returns SSRC first of RTCP packet, except if packet is SDES.
135 // TODO(mallinath) - Fully implement RFC 5506. This standard doesn't restrict
136 // to send non-compound packets only to feedback messages.
GetRtcpSsrc(const void * data,size_t len,uint32_t * value)137 bool GetRtcpSsrc(const void* data, size_t len, uint32_t* value) {
138 // Packet should be at least of 8 bytes, to get SSRC from a RTCP packet.
139 if (!data || len < kMinRtcpPacketLen + 4 || !value)
140 return false;
141 int pl_type;
142 if (!GetRtcpType(data, len, &pl_type))
143 return false;
144 // SDES packet parsing is not supported.
145 if (pl_type == kRtcpTypeSDES)
146 return false;
147 *value = rtc::GetBE32(static_cast<const uint8_t*>(data) + 4);
148 return true;
149 }
150
IsValidRtpPayloadType(int payload_type)151 bool IsValidRtpPayloadType(int payload_type) {
152 return payload_type >= 0 && payload_type <= 127;
153 }
154
IsValidRtpPacketSize(RtpPacketType packet_type,size_t size)155 bool IsValidRtpPacketSize(RtpPacketType packet_type, size_t size) {
156 RTC_DCHECK_NE(RtpPacketType::kUnknown, packet_type);
157 size_t min_packet_length = packet_type == RtpPacketType::kRtcp
158 ? kMinRtcpPacketLen
159 : kMinRtpPacketLen;
160 return size >= min_packet_length && size <= kMaxRtpPacketLen;
161 }
162
RtpPacketTypeToString(RtpPacketType packet_type)163 absl::string_view RtpPacketTypeToString(RtpPacketType packet_type) {
164 switch (packet_type) {
165 case RtpPacketType::kRtp:
166 return "RTP";
167 case RtpPacketType::kRtcp:
168 return "RTCP";
169 case RtpPacketType::kUnknown:
170 return "Unknown";
171 }
172 RTC_CHECK_NOTREACHED();
173 }
174
InferRtpPacketType(rtc::ArrayView<const char> packet)175 RtpPacketType InferRtpPacketType(rtc::ArrayView<const char> packet) {
176 if (webrtc::IsRtcpPacket(
177 rtc::reinterpret_array_view<const uint8_t>(packet))) {
178 return RtpPacketType::kRtcp;
179 }
180 if (webrtc::IsRtpPacket(rtc::reinterpret_array_view<const uint8_t>(packet))) {
181 return RtpPacketType::kRtp;
182 }
183 return RtpPacketType::kUnknown;
184 }
185
ValidateRtpHeader(const uint8_t * rtp,size_t length,size_t * header_length)186 bool ValidateRtpHeader(const uint8_t* rtp,
187 size_t length,
188 size_t* header_length) {
189 if (header_length) {
190 *header_length = 0;
191 }
192
193 if (length < kMinRtpPacketLen) {
194 return false;
195 }
196
197 size_t cc_count = rtp[0] & 0x0F;
198 size_t header_length_without_extension = kMinRtpPacketLen + 4 * cc_count;
199 if (header_length_without_extension > length) {
200 return false;
201 }
202
203 // If extension bit is not set, we are done with header processing, as input
204 // length is verified above.
205 if (!(rtp[0] & 0x10)) {
206 if (header_length)
207 *header_length = header_length_without_extension;
208
209 return true;
210 }
211
212 rtp += header_length_without_extension;
213
214 if (header_length_without_extension + kRtpExtensionHeaderLen > length) {
215 return false;
216 }
217
218 // Getting extension profile length.
219 // Length is in 32 bit words.
220 uint16_t extension_length_in_32bits = rtc::GetBE16(rtp + 2);
221 size_t extension_length = extension_length_in_32bits * 4;
222
223 size_t rtp_header_length = extension_length +
224 header_length_without_extension +
225 kRtpExtensionHeaderLen;
226
227 // Verify input length against total header size.
228 if (rtp_header_length > length) {
229 return false;
230 }
231
232 if (header_length) {
233 *header_length = rtp_header_length;
234 }
235 return true;
236 }
237
238 // ValidateRtpHeader() must be called before this method to make sure, we have
239 // a sane rtp packet.
UpdateRtpAbsSendTimeExtension(uint8_t * rtp,size_t length,int extension_id,uint64_t time_us)240 bool UpdateRtpAbsSendTimeExtension(uint8_t* rtp,
241 size_t length,
242 int extension_id,
243 uint64_t time_us) {
244 // 0 1 2 3
245 // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
246 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
247 // |V=2|P|X| CC |M| PT | sequence number |
248 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
249 // | timestamp |
250 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
251 // | synchronization source (SSRC) identifier |
252 // +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
253 // | contributing source (CSRC) identifiers |
254 // | .... |
255 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
256
257 // Return if extension bit is not set.
258 if (!(rtp[0] & 0x10)) {
259 return true;
260 }
261
262 size_t cc_count = rtp[0] & 0x0F;
263 size_t header_length_without_extension = kMinRtpPacketLen + 4 * cc_count;
264
265 rtp += header_length_without_extension;
266
267 // Getting extension profile ID and length.
268 uint16_t profile_id = rtc::GetBE16(rtp);
269 // Length is in 32 bit words.
270 uint16_t extension_length_in_32bits = rtc::GetBE16(rtp + 2);
271 size_t extension_length = extension_length_in_32bits * 4;
272
273 rtp += kRtpExtensionHeaderLen; // Moving past extension header.
274
275 constexpr uint16_t kOneByteExtensionProfileId = 0xBEDE;
276 constexpr uint16_t kTwoByteExtensionProfileId = 0x1000;
277
278 bool found = false;
279 if (profile_id == kOneByteExtensionProfileId ||
280 profile_id == kTwoByteExtensionProfileId) {
281 // OneByte extension header
282 // 0
283 // 0 1 2 3 4 5 6 7
284 // +-+-+-+-+-+-+-+-+
285 // | ID |length |
286 // +-+-+-+-+-+-+-+-+
287
288 // 0 1 2 3
289 // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
290 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
291 // | 0xBE | 0xDE | length=3 |
292 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
293 // | ID | L=0 | data | ID | L=1 | data...
294 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
295 // ...data | 0 (pad) | 0 (pad) | ID | L=3 |
296 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
297 // | data |
298 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
299
300 // TwoByte extension header
301 // 0
302 // 0 1 2 3 4 5 6 7
303 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
304 // | ID | length |
305 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
306
307 // 0 1 2 3
308 // 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
309 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
310 // | 0x10 | 0x00 | length=3 |
311 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
312 // | ID | L=1 | data | ID |
313 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
314 // | L=2 | data | 0 (pad) |
315 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
316 // | ID | L=2 | data |
317 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
318
319 size_t extension_header_length = profile_id == kOneByteExtensionProfileId
320 ? kOneByteExtensionHeaderLen
321 : kTwoByteExtensionHeaderLen;
322
323 const uint8_t* extension_start = rtp;
324 const uint8_t* extension_end = extension_start + extension_length;
325
326 // rtp + 1 since the minimum size per header extension is two bytes for both
327 // one- and two-byte header extensions.
328 while (rtp + 1 < extension_end) {
329 // See RFC8285 Section 4.2-4.3 for more information about one- and
330 // two-byte header extensions.
331 const int id =
332 profile_id == kOneByteExtensionProfileId ? (*rtp & 0xF0) >> 4 : *rtp;
333 const size_t length = profile_id == kOneByteExtensionProfileId
334 ? (*rtp & 0x0F) + 1
335 : *(rtp + 1);
336 if (rtp + extension_header_length + length > extension_end) {
337 return false;
338 }
339 if (id == extension_id) {
340 UpdateAbsSendTimeExtensionValue(rtp + extension_header_length, length,
341 time_us);
342 found = true;
343 break;
344 }
345 rtp += extension_header_length + length;
346 // Counting padding bytes.
347 while ((rtp < extension_end) && (*rtp == 0)) {
348 ++rtp;
349 }
350 }
351 }
352 return found;
353 }
354
ApplyPacketOptions(uint8_t * data,size_t length,const rtc::PacketTimeUpdateParams & packet_time_params,uint64_t time_us)355 bool ApplyPacketOptions(uint8_t* data,
356 size_t length,
357 const rtc::PacketTimeUpdateParams& packet_time_params,
358 uint64_t time_us) {
359 RTC_DCHECK(data);
360 RTC_DCHECK(length);
361
362 // if there is no valid `rtp_sendtime_extension_id` and `srtp_auth_key` in
363 // PacketOptions, nothing to be updated in this packet.
364 if (packet_time_params.rtp_sendtime_extension_id == -1 &&
365 packet_time_params.srtp_auth_key.empty()) {
366 return true;
367 }
368
369 // If there is a srtp auth key present then the packet must be an RTP packet.
370 // RTP packet may have been wrapped in a TURN Channel Data or TURN send
371 // indication.
372 size_t rtp_start_pos;
373 size_t rtp_length;
374 if (!UnwrapTurnPacket(data, length, &rtp_start_pos, &rtp_length)) {
375 RTC_DCHECK_NOTREACHED();
376 return false;
377 }
378
379 // Making sure we have a valid RTP packet at the end.
380 auto packet = rtc::MakeArrayView(data + rtp_start_pos, rtp_length);
381 if (!webrtc::IsRtpPacket(packet) ||
382 !ValidateRtpHeader(data + rtp_start_pos, rtp_length, nullptr)) {
383 RTC_DCHECK_NOTREACHED();
384 return false;
385 }
386
387 uint8_t* start = data + rtp_start_pos;
388 // If packet option has non default value (-1) for sendtime extension id,
389 // then we should parse the rtp packet to update the timestamp. Otherwise
390 // just calculate HMAC and update packet with it.
391 if (packet_time_params.rtp_sendtime_extension_id != -1) {
392 UpdateRtpAbsSendTimeExtension(start, rtp_length,
393 packet_time_params.rtp_sendtime_extension_id,
394 time_us);
395 }
396
397 UpdateRtpAuthTag(start, rtp_length, packet_time_params);
398 return true;
399 }
400
401 } // namespace cricket
402