Add AEAD support to Frame Encryption API. Add Contribuitng Source To Decryptor.

This change allows supporting additional data for authentication and adds a requirement for the contributing source to be provided during decryption. Change-Id: Ifc19cb2d8a7d6c3715c83c95cf12f64df0bca454 Bug: webrtc:9681 Reviewed-on: https://webrtc-review.googlesource.com/100001 Reviewed-by: Steve Anton <steveanton@webrtc.org> Commit-Queue: Benjamin Wright <benwright@webrtc.org> Cr-Commit-Position: refs/heads/master@{#24712}
2018-09-12 13:29:08 -07:00
parent 7d687b13ed
commit 1f87ec6813
2 changed files with 10 additions and 5 deletions
--- a/api/crypto/framedecryptorinterface.h
+++ b/api/crypto/framedecryptorinterface.h
@ -11,6 +11,8 @@
 #ifndef API_CRYPTO_FRAMEDECRYPTORINTERFACE_H_
 #define API_CRYPTO_FRAMEDECRYPTORINTERFACE_H_

+#include <vector>
+
 #include "api/array_view.h"
 #include "api/mediatypes.h"
 #include "rtc_base/refcount.h"
@ -24,21 +26,23 @@ namespace webrtc {
 // addition to the standard SRTP mechanism and is not intended to be used
 // without it. You may assume that this interface will have the same lifetime
 // as the RTPReceiver it is attached to. It must only be attached to one
-// RTPReceiver.
+// RTPReceiver. Additional data may be null.
 // Note: This interface is not ready for production use.
 class FrameDecryptorInterface : public rtc::RefCountInterface {
 public:
  ~FrameDecryptorInterface() override {}

  // Attempts to decrypt the encrypted frame. You may assume the frame size will
-  // be allocated to the size returned from GetOutputSize. You may assume that
-  // the frames are in order if SRTP is enabled. The stream is not provided here
-  // and it is up to the implementor to transport this information to the
+  // be allocated to the size returned from GetMaxPlaintextSize. You may assume
+  // that the frames are in order if SRTP is enabled. The stream is not provided
+  // here and it is up to the implementor to transport this information to the
  // receiver if they care about it. You must set bytes_written to how many
  // bytes you wrote to in the frame buffer. 0 must be returned if successful
  // all other numbers can be selected by the implementer to represent error
  // codes.
  virtual int Decrypt(cricket::MediaType media_type,
+                      const std::vector<uint32_t>& csrcs,
+                      rtc::ArrayView<const uint8_t> additional_data,
                      rtc::ArrayView<const uint8_t> encrypted_frame,
                      rtc::ArrayView<uint8_t> frame,
                      size_t* bytes_written) = 0;
--- a/api/crypto/frameencryptorinterface.h
+++ b/api/crypto/frameencryptorinterface.h
@ -23,7 +23,7 @@ namespace webrtc {
 // the receiving device. Note this is an additional layer of encryption in
 // addition to the standard SRTP mechanism and is not intended to be used
 // without it. Implementations of this interface will have the same lifetime as
-// the RTPSenders it is attached to.
+// the RTPSenders it is attached to. Additional data may be null.
 // Note: This interface is not ready for production use.
 class FrameEncryptorInterface : public rtc::RefCountInterface {
 public:
@ -38,6 +38,7 @@ class FrameEncryptorInterface : public rtc::RefCountInterface {
  // selected by the implementer to represent error codes.
  virtual int Encrypt(cricket::MediaType media_type,
                      uint32_t ssrc,
+                      rtc::ArrayView<const uint8_t> additional_data,
                      rtc::ArrayView<const uint8_t> frame,
                      rtc::ArrayView<uint8_t> encrypted_frame,
                      size_t* bytes_written) = 0;