admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
webrtc_m130/p2p/dtls/dtls_utils.cc
Philipp Hancke 89b0f2ef71 Introduce p2p DTLS utils 
for (partially) parsing DTLS packets and extracting the msg_seqs

BUG=webrtc:367395350

Change-Id: Ieb0fc121c6dc82118ced5939c1a9ebe2d72e3cb3
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/370181
Commit-Queue: Philipp Hancke <phancke@meta.com>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Jonas Oreland <jonaso@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#43501}
2024-12-05 17:08:59 +00:00

110 lines
3.7 KiB
C++
Raw Blame History

/*
* Copyright 2024 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#include "p2p/dtls/dtls_utils.h"
#include <cstdint>
#include <optional>
#include <vector>
#include "api/array_view.h"
#include "rtc_base/byte_buffer.h"
#include "rtc_base/checks.h"
namespace {
// https://datatracker.ietf.org/doc/html/rfc5246#appendix-A.1
const uint8_t kDtlsHandshakeRecord = 22;
const uint8_t kDtlsChangeCipherSpecRecord = 20;
} // namespace
namespace cricket {
bool IsDtlsPacket(rtc::ArrayView<const uint8_t> payload) {
const uint8_t* u = payload.data();
return (payload.size() >= kDtlsRecordHeaderLen && (u[0] > 19 && u[0] < 64));
}
bool IsDtlsClientHelloPacket(rtc::ArrayView<const uint8_t> payload) {
if (!IsDtlsPacket(payload)) {
return false;
}
const uint8_t* u = payload.data();
return payload.size() > 17 && u[0] == kDtlsHandshakeRecord && u[13] == 1;
}
bool IsDtlsHandshakePacket(rtc::ArrayView<const uint8_t> payload) {
if (!IsDtlsPacket(payload)) {
return false;
}
// change cipher spec is not a handshake packet. This used
// to work because it was aggregated with the session ticket
// which is no more. It is followed by the encrypted handshake
// message which starts with a handshake record (22) again.
return payload.size() > 17 && (payload[0] == kDtlsHandshakeRecord ||
payload[0] == kDtlsChangeCipherSpecRecord);
}
// Returns a (unsorted) list of (msg_seq) received as part of the handshake.
std::optional<std::vector<uint16_t>> GetDtlsHandshakeAcks(
rtc::ArrayView<const uint8_t> dtls_packet) {
std::vector<uint16_t> acks;
rtc::ByteBufferReader record_buf(dtls_packet);
// https://datatracker.ietf.org/doc/html/rfc6347#section-4.1
while (record_buf.Length() >= kDtlsRecordHeaderLen) {
uint8_t content_type;
uint64_t epoch_and_seq;
uint16_t len;
// Read content_type(1), skip version(2), read epoch+seq(2+6),
// read len(2)
if (!(record_buf.ReadUInt8(&content_type) && record_buf.Consume(2) &&
record_buf.ReadUInt64(&epoch_and_seq) &&
record_buf.ReadUInt16(&len) && record_buf.Length() >= len)) {
return std::nullopt;
}
if (content_type != kDtlsHandshakeRecord) {
record_buf.Consume(len);
continue;
}
// Epoch 1+ is encrypted so we can not parse it.
if (epoch_and_seq >> 6 != 0) {
record_buf.Consume(len);
continue;
}
// https://www.rfc-editor.org/rfc/rfc6347.html#section-4.2.2
rtc::ByteBufferReader handshake_buf(record_buf.DataView().subview(0, len));
while (handshake_buf.Length() > 0) {
uint16_t msg_seq;
uint32_t fragment_len;
uint32_t fragment_offset;
// Skip msg_type(1) and length(3), read msg_seq(2), skip
// fragment_offset(3), read fragment_length(3) and consume it.
if (!(handshake_buf.Consume(1 + 3) &&
handshake_buf.ReadUInt16(&msg_seq) &&
handshake_buf.ReadUInt24(&fragment_offset) &&
handshake_buf.ReadUInt24(&fragment_len) &&
handshake_buf.Consume(fragment_len))) {
return std::nullopt;
}
acks.push_back(msg_seq);
// Advance outer buffer.
record_buf.Consume(12 + fragment_len);
}
RTC_DCHECK(handshake_buf.Length() == 0);
}
// Should have consumed everything.
if (record_buf.Length() != 0) {
return std::nullopt;
}
return acks;
}
} // namespace cricket
Reference in New Issue View Git Blame Copy Permalink