Support encrypted RTP extensions (RFC 6904)

webrtc/pc/srtpfilter_unittest.cc

 /*
  *  Copyright 2004 The WebRTC project authors. All Rights Reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
+#include <algorithm>
+
 #include "webrtc/pc/srtpfilter.h"
 
 #include "third_party/libsrtp/include/srtp.h"
 #include "webrtc/base/buffer.h"
 #include "webrtc/base/byteorder.h"
 #include "webrtc/base/constructormagic.h"
 #include "webrtc/base/gunit.h"
 #include "webrtc/base/thread.h"
 #include "webrtc/media/base/cryptoparams.h"
 #include "webrtc/media/base/fakertp.h"
@@ skipping 39 matching lines @@
 static const cricket::CryptoParams kTestCryptoParams2(
     1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams2, "");
 static const cricket::CryptoParams kTestCryptoParamsGcm1(
     1, "AEAD_AES_256_GCM", kTestKeyParamsGcm1, "");
 static const cricket::CryptoParams kTestCryptoParamsGcm2(
     1, "AEAD_AES_256_GCM", kTestKeyParamsGcm2, "");
 static const cricket::CryptoParams kTestCryptoParamsGcm3(
     1, "AEAD_AES_128_GCM", kTestKeyParamsGcm3, "");
 static const cricket::CryptoParams kTestCryptoParamsGcm4(
     1, "AEAD_AES_128_GCM", kTestKeyParamsGcm4, "");
+static const char kDummyExtensionUri1[] = "dummy-extension-uri-1";
+static const char kDummyExtensionUri4[] = "dummy-extension-uri-4";
 
 static int rtp_auth_tag_len(const std::string& cs) {
   if (cs == CS_AES_CM_128_HMAC_SHA1_32) {
     return 4;
   } else if (cs == CS_AEAD_AES_128_GCM || cs == CS_AEAD_AES_256_GCM) {
     return 16;
   } else {
     return 10;
   }
 }
@@ skipping 106 matching lines @@
 
     EXPECT_TRUE(f2_.ProtectRtcp(rtcp_packet, rtcp_len,
                                 static_cast<int>(rtcp_buffer.size()),
                                 &out_len));
     EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs2));  // NOLINT
     EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len));
     EXPECT_TRUE(f1_.UnprotectRtcp(rtcp_packet, out_len, &out_len));
     EXPECT_EQ(rtcp_len, out_len);
     EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len));
   }
+  // This expects both packets to be based on kPcmuFrameWithExtensions.
+  // Header extensions with an id in "encrypted_headers" are expected to be
+  // different in the packets unless "expect_equal" is set to "true".
+  void CompareHeaderExtensions(const char* packet1, const char* packet2,
+      const std::vector<int> encrypted_headers,
+      bool expect_equal) {
+    // RTP header + extension header are the same.
+    EXPECT_EQ(0, memcmp(packet1, packet2, 12 + 4));
+    // Check for one-byte header extensions.
+    EXPECT_EQ('\xBE', packet1[12]);
+    EXPECT_EQ('\xDE', packet1[13]);
+    // Determine position and size of extension headers.
+    size_t extension_words = packet1[14] << 8 | packet1[15];
+    const char* extension_data1 = packet1 + 12 + 4;
+    const char* extension_end1 = extension_data1 + extension_words * 4;
+    const char* extension_data2 = packet2 + 12 + 4;
+    while (extension_data1 < extension_end1) {
+      uint8_t id = (*extension_data1 & 0xf0) >> 4;
+      uint8_t len = (*extension_data1 & 0x0f) +1;
+      extension_data1++;
+      extension_data2++;
+      EXPECT_LE(extension_data1, extension_end1);
+      if (id == 15) {
+        // Finished parsing.
+        break;
+      }
+
+      // The header extension doesn't get encrypted if the id not in the list
+      // of header extensions to encrypt.
+      if (expect_equal ||
+          std::find(encrypted_headers.begin(), encrypted_headers.end(), id) ==
+              encrypted_headers.end()) {
+        EXPECT_EQ(0, memcmp(extension_data1, extension_data2, len));
+      } else {
+        EXPECT_NE(0, memcmp(extension_data1, extension_data2, len));
+      }
+
+      extension_data1 += len;
+      extension_data2 += len;
+      // Skip padding.
+      while (extension_data1 < extension_end1 && *extension_data1 == 0) {
+        extension_data1++;
+        extension_data2++;
+      }
+    }
+  }
+  void TestProtectUnprotectHeaderEncryption(const std::string& cs1,
+      const std::string& cs2,
+      const std::vector<webrtc::RtpExtension>& encrypted_headers) {
+    rtc::Buffer rtp_buffer(sizeof(kPcmuFrameWithExtensions) +
+        rtp_auth_tag_len(cs1));
+    char* rtp_packet = rtp_buffer.data<char>();
+    char original_rtp_packet[sizeof(kPcmuFrameWithExtensions)];
+    int rtp_len = sizeof(kPcmuFrameWithExtensions), out_len;
+    memcpy(rtp_packet, kPcmuFrameWithExtensions, rtp_len);
+    // In order to be able to run this test function multiple times we can not
+    // use the same sequence number twice. Increase the sequence number by one.
+    rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet) + 2,
+                 ++sequence_number_);
+    memcpy(original_rtp_packet, rtp_packet, rtp_len);
+
+    std::vector<int> encrypted_header_ids;
+    for (const webrtc::RtpExtension& extension : encrypted_headers) {
+      EXPECT_TRUE(extension.encrypt);
+      encrypted_header_ids.push_back(extension.id);
+    }
+
+    EXPECT_TRUE(f1_.ProtectRtp(rtp_packet, rtp_len,
+                               static_cast<int>(rtp_buffer.size()),
+                               &out_len));
+    EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs1));
+    EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
+    CompareHeaderExtensions(rtp_packet, original_rtp_packet,
+        encrypted_header_ids, false);
+    EXPECT_TRUE(f2_.UnprotectRtp(rtp_packet, out_len, &out_len));
+    EXPECT_EQ(rtp_len, out_len);
+    EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
+    CompareHeaderExtensions(rtp_packet, original_rtp_packet,
+        encrypted_header_ids, true);
+
+    EXPECT_TRUE(f2_.ProtectRtp(rtp_packet, rtp_len,
+                               static_cast<int>(rtp_buffer.size()),
+                               &out_len));
+    EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs2));
+    EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
+    CompareHeaderExtensions(rtp_packet, original_rtp_packet,
+        encrypted_header_ids, false);
+    EXPECT_TRUE(f1_.UnprotectRtp(rtp_packet, out_len, &out_len));
+    EXPECT_EQ(rtp_len, out_len);
+    EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
+    CompareHeaderExtensions(rtp_packet, original_rtp_packet,
+        encrypted_header_ids, true);
+  }
   void TestProtectSetParamsDirect(bool enable_external_auth, int cs,
       const uint8_t* key1, int key1_len, const uint8_t* key2, int key2_len,
       const std::string& cs_name) {
     EXPECT_EQ(key1_len, key2_len);
     EXPECT_EQ(cs_name, rtc::SrtpCryptoSuiteToName(cs));
     if (enable_external_auth) {
       f1_.EnableExternalAuth();
       f2_.EnableExternalAuth();
     }
     EXPECT_TRUE(f1_.SetRtpParams(cs, key1, key1_len, cs, key2, key2_len));
     EXPECT_TRUE(f2_.SetRtpParams(cs, key2, key2_len, cs, key1, key1_len));
     EXPECT_TRUE(f1_.SetRtcpParams(cs, key1, key1_len, cs, key2, key2_len));
     EXPECT_TRUE(f2_.SetRtcpParams(cs, key2, key2_len, cs, key1, key1_len));
     EXPECT_TRUE(f1_.IsActive());
     EXPECT_TRUE(f2_.IsActive());
     if (rtc::IsGcmCryptoSuite(cs)) {
       EXPECT_FALSE(f1_.IsExternalAuthActive());
       EXPECT_FALSE(f2_.IsExternalAuthActive());
     } else if (enable_external_auth) {
       EXPECT_TRUE(f1_.IsExternalAuthActive());
       EXPECT_TRUE(f2_.IsExternalAuthActive());
     }
     TestProtectUnprotect(cs_name, cs_name);
   }
+  void TestProtectSetParamsDirectHeaderEncryption(int cs,
+      const uint8_t* key1, int key1_len, const uint8_t* key2, int key2_len,
+      const std::string& cs_name) {
+    std::vector<webrtc::RtpExtension> encrypted_headers;
+    encrypted_headers.push_back(
+        webrtc::RtpExtension(kDummyExtensionUri1, 1, true));
+    // Don't encrypt header ids 2 and 3.
+    encrypted_headers.push_back(
+        webrtc::RtpExtension(kDummyExtensionUri4, 4, true));
+    EXPECT_EQ(key1_len, key2_len);
+    EXPECT_EQ(cs_name, rtc::SrtpCryptoSuiteToName(cs));
+    f1_.SetEncryptedHeaderExtensions(CS_LOCAL, encrypted_headers);
+    f1_.SetEncryptedHeaderExtensions(CS_REMOTE, encrypted_headers);
+    f2_.SetEncryptedHeaderExtensions(CS_LOCAL, encrypted_headers);
+    f2_.SetEncryptedHeaderExtensions(CS_REMOTE, encrypted_headers);
+    EXPECT_TRUE(f1_.SetRtpParams(cs, key1, key1_len, cs, key2, key2_len));
+    EXPECT_TRUE(f2_.SetRtpParams(cs, key2, key2_len, cs, key1, key1_len));
+    EXPECT_TRUE(f1_.IsActive());
+    EXPECT_TRUE(f2_.IsActive());
+    EXPECT_FALSE(f1_.IsExternalAuthActive());
+    EXPECT_FALSE(f2_.IsExternalAuthActive());
+    TestProtectUnprotectHeaderEncryption(cs_name, cs_name, encrypted_headers);
+  }
   cricket::SrtpFilter f1_;
   cricket::SrtpFilter f2_;
   int sequence_number_;
 };
 
 // Test that we can set up the session and keys properly.
 TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuite) {
   EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL));
   EXPECT_FALSE(f1_.IsActive());
   EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE));
@@ skipping 382 matching lines @@
 };
 
 // Test directly setting the params with AES_CM_128_HMAC_SHA1_80.
 TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_AES_CM_128_HMAC_SHA1_80) {
   bool enable_external_auth = GetParam();
   TestProtectSetParamsDirect(enable_external_auth, rtc::SRTP_AES128_CM_SHA1_80,
       kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen,
       CS_AES_CM_128_HMAC_SHA1_80);
 }
 
+TEST_F(SrtpFilterTest,
+    TestProtectSetParamsDirectHeaderEncryption_AES_CM_128_HMAC_SHA1_80) {
+  TestProtectSetParamsDirectHeaderEncryption(rtc::SRTP_AES128_CM_SHA1_80,
+      kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen,
+      CS_AES_CM_128_HMAC_SHA1_80);
+}
+
 // Test directly setting the params with AES_CM_128_HMAC_SHA1_32.
 TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_AES_CM_128_HMAC_SHA1_32) {
   bool enable_external_auth = GetParam();
   TestProtectSetParamsDirect(enable_external_auth, rtc::SRTP_AES128_CM_SHA1_32,
       kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen,
       CS_AES_CM_128_HMAC_SHA1_32);
 }
 
+TEST_F(SrtpFilterTest,
+    TestProtectSetParamsDirectHeaderEncryption_AES_CM_128_HMAC_SHA1_32) {
+  TestProtectSetParamsDirectHeaderEncryption(rtc::SRTP_AES128_CM_SHA1_32,
+      kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen,
+      CS_AES_CM_128_HMAC_SHA1_32);
+}
+
 // Test directly setting the params with SRTP_AEAD_AES_128_GCM.
 TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_SRTP_AEAD_AES_128_GCM) {
   bool enable_external_auth = GetParam();
   TestProtectSetParamsDirect(enable_external_auth, rtc::SRTP_AEAD_AES_128_GCM,
       kTestKeyGcm128_1, kTestKeyGcm128Len, kTestKeyGcm128_2, kTestKeyGcm128Len,
       CS_AEAD_AES_128_GCM);
 }
 
+TEST_F(SrtpFilterTest,
+    TestProtectSetParamsDirectHeaderEncryption_SRTP_AEAD_AES_128_GCM) {
+  TestProtectSetParamsDirectHeaderEncryption(rtc::SRTP_AEAD_AES_128_GCM,
+      kTestKeyGcm128_1, kTestKeyGcm128Len, kTestKeyGcm128_2, kTestKeyGcm128Len,
+      CS_AEAD_AES_128_GCM);
+}
+
 // Test directly setting the params with SRTP_AEAD_AES_256_GCM.
 TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_SRTP_AEAD_AES_256_GCM) {
   bool enable_external_auth = GetParam();
   TestProtectSetParamsDirect(enable_external_auth, rtc::SRTP_AEAD_AES_256_GCM,
       kTestKeyGcm256_1, kTestKeyGcm256Len, kTestKeyGcm256_2, kTestKeyGcm256Len,
       CS_AEAD_AES_256_GCM);
 }
 
+TEST_F(SrtpFilterTest,
+    TestProtectSetParamsDirectHeaderEncryption_SRTP_AEAD_AES_256_GCM) {
+  TestProtectSetParamsDirectHeaderEncryption(rtc::SRTP_AEAD_AES_256_GCM,
+      kTestKeyGcm256_1, kTestKeyGcm256Len, kTestKeyGcm256_2, kTestKeyGcm256Len,
+      CS_AEAD_AES_256_GCM);
+}
+
 // Run all tests both with and without external auth enabled.
 INSTANTIATE_TEST_CASE_P(ExternalAuth,
                         SrtpFilterProtectSetParamsDirectTest,
                         ::testing::Values(true, false));
 
 // Test directly setting the params with bogus keys.
 TEST_F(SrtpFilterTest, TestSetParamsKeyTooShort) {
   EXPECT_FALSE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1,
                                 kTestKeyLen - 1, rtc::SRTP_AES128_CM_SHA1_80,
                                 kTestKey1, kTestKeyLen - 1));
@@ skipping 347 matching lines @@
   srtp_stat_.AddUnprotectRtcpResult(srtp_err_status_fail);
   EXPECT_EQ(-1, mode_);
   EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_);
   // Now the error will be triggered again.
   Reset();
   rtc::Thread::Current()->SleepMs(210);
   srtp_stat_.AddUnprotectRtcpResult(srtp_err_status_fail);
   EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_);
   EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_);
 }