Skip to content

Commit

Permalink
docs: add docblock comments to all libdave class variables (#1286)
Browse files Browse the repository at this point in the history
  • Loading branch information
braindigitalis authored Oct 16, 2024
1 parent 5c6dcec commit 84141aa
Show file tree
Hide file tree
Showing 17 changed files with 270 additions and 36 deletions.
3 changes: 1 addition & 2 deletions src/dpp/dave/array_view.h
Original file line number Diff line number Diff line change
Expand Up @@ -116,5 +116,4 @@ inline array_view<T> make_array_view(std::vector<T>& data)
return array_view<T>(data.data(), data.size());
}

} // namespace dpp::dave

}
3 changes: 1 addition & 2 deletions src/dpp/dave/cipher_interface.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -34,5 +34,4 @@ std::unique_ptr<cipher_interface> create_cipher(dpp::cluster& cl, const encrypti
return cipher->is_valid() ? std::move(cipher) : nullptr;
}

} // namespace dpp::dave

}
3 changes: 1 addition & 2 deletions src/dpp/dave/cipher_interface.h
Original file line number Diff line number Diff line change
Expand Up @@ -99,5 +99,4 @@ class cipher_interface { // NOLINT
*/
std::unique_ptr<cipher_interface> create_cipher(dpp::cluster& cl, const encryption_key& key);

} // namespace dpp::dave

}
3 changes: 1 addition & 2 deletions src/dpp/dave/clock.h
Original file line number Diff line number Diff line change
Expand Up @@ -74,5 +74,4 @@ class clock : public clock_interface {
}
};

} // namespace dpp::dave

}
12 changes: 8 additions & 4 deletions src/dpp/dave/codec_utils.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,7 @@

namespace dpp::dave::codec_utils {

unencrypted_frame_header_size BytesCoveringH264PPS(const uint8_t* payload, const uint64_t size_remaining)
{
unencrypted_frame_header_size bytes_covering_h264_pps(const uint8_t* payload, const uint64_t size_remaining) {
// the payload starts with three exponential golomb encoded values
// (first_mb_in_slice, sps_id, pps_id)
// the depacketizer needs the pps_id unencrypted
Expand Down Expand Up @@ -77,7 +76,12 @@ unencrypted_frame_header_size BytesCoveringH264PPS(const uint8_t* payload, const
}

// return the number of bytes that covers the last exp golomb encoded value
return (payload_bit_index / 8) + 1;
auto result = (payload_bit_index / 8) + 1;
if (result > std::numeric_limits<unencrypted_frame_header_size>::max()) {
// bytes covering H264 PPS result cannot fit into unencrypted frame header size
return 0;
}
return static_cast<unencrypted_frame_header_size>(result);
}

const uint8_t nalu_long_start_code[] = {0, 0, 0, 1};
Expand Down Expand Up @@ -208,7 +212,7 @@ bool process_frame_h264(outbound_frame_processor& processor, array_view<const ui
// once we've hit a slice or an IDR
// we just need to cover getting to the PPS ID
auto nal_unit_payload_start = nal_unit_start_index + nal_unit_header_size;
auto nal_unit_pps_bytes = BytesCoveringH264PPS(frame.data() + nal_unit_payload_start, frame.size() - nal_unit_payload_start);
auto nal_unit_pps_bytes = bytes_covering_h264_pps(frame.data() + nal_unit_payload_start, frame.size() - nal_unit_payload_start);

processor.add_unencrypted_bytes(frame.data() + nal_unit_start_index, nal_unit_header_size + nal_unit_pps_bytes);
processor.add_encrypted_bytes(frame.data() + nal_unit_start_index + nal_unit_header_size + nal_unit_pps_bytes, next_nalu_start - nal_unit_start_index - nal_unit_header_size - nal_unit_pps_bytes);
Expand Down
4 changes: 1 addition & 3 deletions src/dpp/dave/codec_utils.h
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,4 @@ bool process_frame_av1(outbound_frame_processor & processor, array_view<const ui
*/
bool validate_encrypted_frame(outbound_frame_processor& processor, array_view<uint8_t> frame);

} // namespace dpp::dave::codec_utils


}
33 changes: 33 additions & 0 deletions src/dpp/dave/cryptor_manager.h
Original file line number Diff line number Diff line change
Expand Up @@ -149,16 +149,49 @@ class aead_cipher_manager {
*/
void cleanup_expired_ciphers();

/**
* @brief chrono clock
*/
const clock_interface& current_clock;

/**
* @brief key ratchet for cryptor
*/
std::unique_ptr<key_ratchet_interface> current_key_ratchet;

/**
* @brief Cryptor for each generation with expiry
*/
std::unordered_map<key_generation, expiring_cipher> cryptor_generations;

/**
* @brief Time ratchet was created
*/
time_point ratchet_creation;

/**
* @brief Time ratchet expired
*/
time_point ratchet_expiry;

/**
* @brief Oldest generation for ratchet
*/
key_generation oldest_generation{0};

/**
* @brief Newest generation for ratchet
*/
key_generation newest_generation{0};

/**
* @brief Newest nonce
*/
std::optional<big_nonce> newest_processed_nonce;

/**
* @brief List of missing nonces from sequence
*/
std::deque<big_nonce> missing_nonces;

/**
Expand Down
24 changes: 24 additions & 0 deletions src/dpp/dave/decryptor.h
Original file line number Diff line number Diff line change
Expand Up @@ -177,15 +177,39 @@ class decryptor {
*/
void return_frame_processor(std::unique_ptr<inbound_frame_processor> frame_processor);

/**
* @brief Chrono clock
*/
clock current_clock;

/**
* @brief Cryptor manager list
*/
std::deque<aead_cipher_manager> cryptor_managers;

/**
* @brief Mutex for thread safety of frame processor list
*/
std::mutex frame_processors_mutex;

/**
* @brief List of frame processors
*/
std::vector<std::unique_ptr<inbound_frame_processor>> frame_processors;

/**
* @brief Passthrough expiry time
*/
time_point allow_pass_through_until{time_point::min()};

/**
* @brief Last stats generation time
*/
time_point last_stats_time{time_point::min()};

/**
* @brief Stats for audio and video decryption
*/
std::array<decryption_stats, 2> stats;

/**
Expand Down
9 changes: 8 additions & 1 deletion src/dpp/dave/encryptor.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,14 @@ encryptor::result_code encryptor::encrypt(media_type this_media_type, uint32_t s
}

// write the supplemental bytes size
supplemental_bytes_size supplemental_bytes = SUPPLEMENTAL_BYTES + size + ranges_size;
uint64_t supplemental_bytes_large = SUPPLEMENTAL_BYTES + size + ranges_size;

if (supplemental_bytes_large > std::numeric_limits<supplemental_bytes_size>::max()) {
result = rc_encryption_failure;
break;
}

supplemental_bytes_size supplemental_bytes = supplemental_bytes_large;
std::memcpy(supplemental_bytes_buffer.data(), &supplemental_bytes, sizeof(supplemental_bytes_size));

// write the marker bytes, ends the frame
Expand Down
60 changes: 57 additions & 3 deletions src/dpp/dave/encryptor.h
Original file line number Diff line number Diff line change
Expand Up @@ -77,9 +77,9 @@ struct encryption_stats {
class encryptor {
public:
/**
* @brief Constructor
* @param cl Creator
*/
* @brief Constructor
* @param cl Creator
*/
encryptor(dpp::cluster& cl) : creator(cl) { };

/**
Expand Down Expand Up @@ -219,25 +219,79 @@ class encryptor {
*/
void update_current_protocol_version(protocol_version version);

/**
* @brief True if passthrough is enabled
*/
std::atomic_bool passthrough_mode_enable{false};

/**
* @brief Key generation mutex for thread safety
*/
std::mutex key_gen_mutex;

/**
* @brief Current encryption (send) ratchet
*/
std::unique_ptr<key_ratchet_interface> ratchet;

/**
* @brief Current encryption cipher
*/
std::shared_ptr<cipher_interface> cryptor;

/**
* @brief Current key generation number
*/
key_generation current_key_generation{0};

/**
* @brief Current truncated sync nonce
*/
truncated_sync_nonce truncated_nonce{0};

/**
* @brief Frame processor list mutex
*/
std::mutex frame_processors_mutex;

/**
* @brief List of outbound frame processors
*/
std::vector<std::unique_ptr<outbound_frame_processor>> frame_processors;

/**
* @brief A pair of 32 bit SSRC and codec in use for that SSRC
*/
using ssrc_codec_pair = std::pair<uint32_t, codec>;

/**
* @brief List of codec pairs for SSRCs
*/
std::vector<ssrc_codec_pair> ssrc_codec_pairs;

/**
* @brief A chrono time point
*/
using time_point = std::chrono::time_point<std::chrono::steady_clock>;

/**
* @brief Last time stats were updated
*/
time_point last_stats_time{time_point::min()};

/**
* @brief Stores audio/video encryption stats
*/
std::array<encryption_stats, 2> stats;

/**
* @brief Callback for version change, if any
*/
protocol_version_changed_callback changed_callback;

/**
* Current protocol version supported
*/
protocol_version current_protocol_version{max_protocol_version()};

/**
Expand Down
17 changes: 8 additions & 9 deletions src/dpp/dave/frame_processors.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ namespace dpp::dave {
}
#endif

std::pair<bool, size_t> OverflowAdd(size_t a, size_t b)
std::pair<bool, size_t> overflow_add(size_t a, size_t b)
{
size_t res;
#if defined(_MSC_VER) && defined(_M_X64)
Expand Down Expand Up @@ -97,10 +97,10 @@ uint8_t serialize_unencrypted_ranges(const ranges& unencrypted_ranges, uint8_t*
write_at += write_leb128(range.offset, write_at);
write_at += write_leb128(range.size, write_at);
}
return write_at - buffer;
return static_cast<uint8_t>(write_at - buffer);
}

uint8_t deserialize_unencrypted_ranges(const uint8_t*& read_at, const size_t buffer_size, ranges& unencrypted_ranges)
uint8_t deserialize_unencrypted_ranges(const uint8_t*& read_at, const uint8_t buffer_size, ranges& unencrypted_ranges)
{
auto start = read_at;
auto end = read_at + buffer_size;
Expand All @@ -123,7 +123,7 @@ uint8_t deserialize_unencrypted_ranges(const uint8_t*& read_at, const size_t buf
return 0;
}

return read_at - start;
return static_cast<uint8_t>(read_at - start);
}

bool validate_unencrypted_ranges(const ranges& unencrypted_ranges, size_t frame_size)
Expand All @@ -140,7 +140,7 @@ bool validate_unencrypted_ranges(const ranges& unencrypted_ranges, size_t frame_
auto max_end =
i + 1 < unencrypted_ranges.size() ? unencrypted_ranges[i + 1].offset : frame_size;

auto [did_overflow, current_end] = OverflowAdd(current.offset, current.size);
auto [did_overflow, current_end] = overflow_add(current.offset, current.size);
if (did_overflow || current_end > max_end) {
return false;
}
Expand Down Expand Up @@ -197,8 +197,7 @@ void inbound_frame_processor::parse_frame(array_view<const uint8_t> frame)
{
clear();

constexpr auto min_supplemental_bytes_size =
AES_GCM_127_TRUNCATED_TAG_BYTES + sizeof(supplemental_bytes_size) + sizeof(magic_marker);
constexpr auto min_supplemental_bytes_size = AES_GCM_127_TRUNCATED_TAG_BYTES + sizeof(supplemental_bytes_size) + sizeof(magic_marker);
if (frame.size() < min_supplemental_bytes_size) {
creator.log(dpp::ll_warning, "Encrypted frame is too small to contain min supplemental bytes");
return;
Expand Down Expand Up @@ -236,14 +235,14 @@ void inbound_frame_processor::parse_frame(array_view<const uint8_t> frame)
auto nonce_buffer = supplemental_bytes_buffer + AES_GCM_127_TRUNCATED_TAG_BYTES;
auto read_at = nonce_buffer;
auto end = bytes_size_buffer;
truncated_nonce = read_leb128(read_at, end);
truncated_nonce = static_cast<uint32_t>(read_leb128(read_at, end));
if (read_at == nullptr) {
creator.log(dpp::ll_warning, "Failed to read truncated nonce");
return;
}

// Read the unencrypted ranges
auto ranges_size = end - read_at;
auto ranges_size = static_cast<uint8_t>(end - read_at);
deserialize_unencrypted_ranges(read_at, ranges_size, unencrypted_ranges);
if (read_at == nullptr) {
creator.log(dpp::ll_warning, "Failed to read unencrypted ranges");
Expand Down
Loading

0 comments on commit 84141aa

Please sign in to comment.