Fix RTP header extension encryption

Reland of commit a743303211b89bbcf4cea438ee797bbbc7b59e80

Previously, RTP header extensions with encryption had been filtered
if the encryption had been activated (not the other way around) which
was likely an unintended logic inversion.

In addition, it ensures that encrypted RTP header extensions are only
negotiated if RTP header extension encryption is turned on. Formerly,
which extensions had been negotiated depended on the order in which
they were inserted, regardless of whether or not header encryption was
actually enabled, leading to no extensions being sent on the wire.

Further changes:

- If RTP header encryption enabled, prefer encrypted extensions over
  non-encrypted extensions
- Add most extensions to list of extensions supported for encryption
- Discard encrypted extensions in a session description in case encryption
  is not supported for that extension
- Mark FindHeaderExtensionByUri without filter argument as deprecated

Bug: webrtc:11713
Change-Id: I52a5ade1b94bc01d1c2a35cb56023684fcaf9982
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/219081
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#34129}

api/rtp_parameters.h

@@ -246,6 +246,18 @@ struct RTC_EXPORT RtpHeaderExtensionCapability {
 
 // RTP header extension, see RFC8285.
 struct RTC_EXPORT RtpExtension {
+  enum Filter {
+    // Encrypted extensions will be ignored and only non-encrypted extensions
+    // will be considered.
+    kDiscardEncryptedExtension,
+    // Encrypted extensions will be preferred but will fall back to
+    // non-encrypted extensions if necessary.
+    kPreferEncryptedExtension,
+    // Encrypted extensions will be required, so any non-encrypted extensions
+    // will be discarded.
+    kRequireEncryptedExtension,
+  };
+
   RtpExtension();
   RtpExtension(absl::string_view uri, int id);
   RtpExtension(absl::string_view uri, int id, bool encrypt);
@@ -260,17 +272,28 @@ struct RTC_EXPORT RtpExtension {
   // Return "true" if the given RTP header extension URI may be encrypted.
   static bool IsEncryptionSupported(absl::string_view uri);
 
-  // Returns the named header extension if found among all extensions,
-  // nullptr otherwise.
+  // Returns the header extension with the given URI or nullptr if not found.
+  static const RtpExtension* FindHeaderExtensionByUri(
+      const std::vector<RtpExtension>& extensions,
+      absl::string_view uri,
+      Filter filter);
+  ABSL_DEPRECATED(
+      "Use RtpExtension::FindHeaderExtensionByUri with filter argument")
   static const RtpExtension* FindHeaderExtensionByUri(
       const std::vector<RtpExtension>& extensions,
       absl::string_view uri);
 
-  // Return a list of RTP header extensions with the non-encrypted extensions
-  // removed if both the encrypted and non-encrypted extension is present for
-  // the same URI.
-  static std::vector<RtpExtension> FilterDuplicateNonEncrypted(
-      const std::vector<RtpExtension>& extensions);
+  // Returns the header extension with the given URI and encrypt parameter,
+  // if found, otherwise nullptr.
+  static const RtpExtension* FindHeaderExtensionByUriAndEncryption(
+      const std::vector<RtpExtension>& extensions,
+      absl::string_view uri,
+      bool encrypt);
+
+  // Returns a list of extensions where any extension URI is unique.
+  static const std::vector<RtpExtension> DeduplicateHeaderExtensions(
+      const std::vector<RtpExtension>& extensions,
+      Filter filter);
 
   // Encryption of Header Extensions, see RFC 6904 for details:
   // https://tools.ietf.org/html/rfc6904