Adds new CryptoOption crypto_options.frame.require_frame_encryption.

This change adds a new subcategory to the public native webrtc::CryptoOptions structure: webrtc::CryptoOptions::Frame. This new structure has a single off by default property: crypto_options.frame.require_frame_encryption. This new flag if set prevents RtpSenders from sending outgoing payloads unless a frame_encryptor_ is attached and prevents RtpReceivers from receiving incoming payloads unless a frame_decryptor_ is attached. This option is important to enforce no unencrypted data can ever leave the device or be received. I have also attached bindings for Java and Objective-C. I have implemented this functionality for E2EE audio but not E2EE video since the changes are still in review. Bug: webrtc:9681 Change-Id: Ie184711190e0cdf5ac781f69e9489ceec904736f Reviewed-on: https://webrtc-review.googlesource.com/c/105540 Reviewed-by: Niels Moller <nisse@webrtc.org> Reviewed-by: Steve Anton <steveanton@webrtc.org> Reviewed-by: Oskar Sundbom <ossu@webrtc.org> Reviewed-by: Sami Kalliomäki <sakal@webrtc.org> Reviewed-by: Kári Helgason <kthelgason@webrtc.org> Commit-Queue: Benjamin Wright <benwright@webrtc.org> Cr-Commit-Position: refs/heads/master@{#25238}
2018-10-15 10:20:24 -07:00
parent d932fba3bc
commit bfb444ce2c
24 changed files with 258 additions and 110 deletions
--- a/sdk/android/api/org/webrtc/PeerConnectionFactory.java
+++ b/sdk/android/api/org/webrtc/PeerConnectionFactory.java
@ -122,9 +122,27 @@ public class PeerConnectionFactory {
    public int networkIgnoreMask;
    public boolean disableEncryption;
    public boolean disableNetworkMonitor;
+
+    /**
+     * If set to true, the (potentially insecure) crypto cipher SRTP_AES128_CM_SHA1_32
+     * will be included in the list of supported ciphers during negotiation. It will only
+     * be used if both peers support it and no other ciphers get preferred.
+     */
    public boolean enableAes128Sha1_32CryptoCipher;
+
+    /**
+     * Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used if both sides enable
+     * it.
+     */
    public boolean enableGcmCryptoSuites;

+    /**
+     * If set all RtpSenders must have an FrameEncryptor attached to them before they are allowed to
+     * send packets. All RtpReceivers must have a FrameDecryptor attached to them before they are
+     * able to receive packets.
+     */
+    public boolean requireFrameEncryption;
+
    @CalledByNative("Options")
    int getNetworkIgnoreMask() {
      return networkIgnoreMask;
@ -149,6 +167,11 @@ public class PeerConnectionFactory {
    boolean getEnableGcmCryptoSuites() {
      return enableGcmCryptoSuites;
    }
+
+    @CalledByNative("Options")
+    boolean getRequireFrameEncryption() {
+      return requireFrameEncryption;
+    }
  }

  public static class Builder {