7914b8cb41
Before this CL, we would negotiate: - No crypto suites for data m= sections. - A full set for audio m= sections. - The full set, minus SRTP_AES128_CM_SHA1_32 for video m= sections. However, this doesn't make sense with BUNDLE, since any DTLS association could end up being used for any type of media. If video is "bundled on" the audio transport (which is typical), it will actually end up using SRTP_AES128_CM_SHA1_32. So, this CL moves the responsibility of deciding SRTP crypto suites out of BaseChannel and into DtlsTransport. The only two possibilities are now "normal set" or "normal set + GCM", if enabled by the PC factory options. This fixes an issue (see linked bug) that was occurring when audio/video were "bundled onto" the data transport. Since the data transport wasn't negotiating any SRTP crypto suites, none were available to use for audio/video, so the application would get black video/no audio. This CL doesn't affect the SDES SRTP crypto suite negotiation; it only affects the negotiation in the DLTS handshake, through the use_srtp extension. BUG=chromium:711243 Review-Url: https://codereview.webrtc.org/2815513012 Cr-Commit-Position: refs/heads/master@{#17810}
166 lines
5.4 KiB
C++
166 lines
5.4 KiB
C++
/*
|
|
* Copyright 2004 The WebRTC Project Authors. All rights reserved.
|
|
*
|
|
* Use of this source code is governed by a BSD-style license
|
|
* that can be found in the LICENSE file in the root of the source
|
|
* tree. An additional intellectual property rights grant can be found
|
|
* in the file PATENTS. All contributing project authors may
|
|
* be found in the AUTHORS file in the root of the source tree.
|
|
*/
|
|
|
|
#include "webrtc/base/sslstreamadapter.h"
|
|
|
|
#include "webrtc/base/opensslstreamadapter.h"
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
namespace rtc {
|
|
|
|
// TODO(guoweis): Move this to SDP layer and use int form internally.
|
|
// webrtc:5043.
|
|
const char CS_AES_CM_128_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80";
|
|
const char CS_AES_CM_128_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32";
|
|
const char CS_AEAD_AES_128_GCM[] = "AEAD_AES_128_GCM";
|
|
const char CS_AEAD_AES_256_GCM[] = "AEAD_AES_256_GCM";
|
|
|
|
std::string SrtpCryptoSuiteToName(int crypto_suite) {
|
|
switch (crypto_suite) {
|
|
case SRTP_AES128_CM_SHA1_32:
|
|
return CS_AES_CM_128_HMAC_SHA1_32;
|
|
case SRTP_AES128_CM_SHA1_80:
|
|
return CS_AES_CM_128_HMAC_SHA1_80;
|
|
case SRTP_AEAD_AES_128_GCM:
|
|
return CS_AEAD_AES_128_GCM;
|
|
case SRTP_AEAD_AES_256_GCM:
|
|
return CS_AEAD_AES_256_GCM;
|
|
default:
|
|
return std::string();
|
|
}
|
|
}
|
|
|
|
int SrtpCryptoSuiteFromName(const std::string& crypto_suite) {
|
|
if (crypto_suite == CS_AES_CM_128_HMAC_SHA1_32)
|
|
return SRTP_AES128_CM_SHA1_32;
|
|
if (crypto_suite == CS_AES_CM_128_HMAC_SHA1_80)
|
|
return SRTP_AES128_CM_SHA1_80;
|
|
if (crypto_suite == CS_AEAD_AES_128_GCM)
|
|
return SRTP_AEAD_AES_128_GCM;
|
|
if (crypto_suite == CS_AEAD_AES_256_GCM)
|
|
return SRTP_AEAD_AES_256_GCM;
|
|
return SRTP_INVALID_CRYPTO_SUITE;
|
|
}
|
|
|
|
bool GetSrtpKeyAndSaltLengths(int crypto_suite, int *key_length,
|
|
int *salt_length) {
|
|
switch (crypto_suite) {
|
|
case SRTP_AES128_CM_SHA1_32:
|
|
case SRTP_AES128_CM_SHA1_80:
|
|
// SRTP_AES128_CM_HMAC_SHA1_32 and SRTP_AES128_CM_HMAC_SHA1_80 are defined
|
|
// in RFC 5764 to use a 128 bits key and 112 bits salt for the cipher.
|
|
*key_length = 16;
|
|
*salt_length = 14;
|
|
break;
|
|
case SRTP_AEAD_AES_128_GCM:
|
|
// SRTP_AEAD_AES_128_GCM is defined in RFC 7714 to use a 128 bits key and
|
|
// a 96 bits salt for the cipher.
|
|
*key_length = 16;
|
|
*salt_length = 12;
|
|
break;
|
|
case SRTP_AEAD_AES_256_GCM:
|
|
// SRTP_AEAD_AES_256_GCM is defined in RFC 7714 to use a 256 bits key and
|
|
// a 96 bits salt for the cipher.
|
|
*key_length = 32;
|
|
*salt_length = 12;
|
|
break;
|
|
default:
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
bool IsGcmCryptoSuite(int crypto_suite) {
|
|
return (crypto_suite == SRTP_AEAD_AES_256_GCM ||
|
|
crypto_suite == SRTP_AEAD_AES_128_GCM);
|
|
}
|
|
|
|
bool IsGcmCryptoSuiteName(const std::string& crypto_suite) {
|
|
return (crypto_suite == CS_AEAD_AES_256_GCM ||
|
|
crypto_suite == CS_AEAD_AES_128_GCM);
|
|
}
|
|
|
|
// static
|
|
CryptoOptions CryptoOptions::NoGcm() {
|
|
CryptoOptions options;
|
|
options.enable_gcm_crypto_suites = false;
|
|
return options;
|
|
}
|
|
|
|
std::vector<int> GetSupportedDtlsSrtpCryptoSuites(
|
|
const rtc::CryptoOptions& crypto_options) {
|
|
std::vector<int> crypto_suites;
|
|
if (crypto_options.enable_gcm_crypto_suites) {
|
|
crypto_suites.push_back(rtc::SRTP_AEAD_AES_256_GCM);
|
|
crypto_suites.push_back(rtc::SRTP_AEAD_AES_128_GCM);
|
|
}
|
|
// Note: SRTP_AES128_CM_SHA1_80 is what is required to be supported (by
|
|
// draft-ietf-rtcweb-security-arch), but SRTP_AES128_CM_SHA1_32 is allowed as
|
|
// well, and saves a few bytes per packet if it ends up selected.
|
|
crypto_suites.push_back(rtc::SRTP_AES128_CM_SHA1_32);
|
|
crypto_suites.push_back(rtc::SRTP_AES128_CM_SHA1_80);
|
|
return crypto_suites;
|
|
}
|
|
|
|
SSLStreamAdapter* SSLStreamAdapter::Create(StreamInterface* stream) {
|
|
return new OpenSSLStreamAdapter(stream);
|
|
}
|
|
|
|
SSLStreamAdapter::SSLStreamAdapter(StreamInterface* stream)
|
|
: StreamAdapterInterface(stream),
|
|
ignore_bad_cert_(false),
|
|
client_auth_enabled_(true) {}
|
|
|
|
SSLStreamAdapter::~SSLStreamAdapter() {}
|
|
|
|
bool SSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) {
|
|
return false;
|
|
}
|
|
|
|
bool SSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
|
|
const uint8_t* context,
|
|
size_t context_len,
|
|
bool use_context,
|
|
uint8_t* result,
|
|
size_t result_len) {
|
|
return false; // Default is unsupported
|
|
}
|
|
|
|
bool SSLStreamAdapter::SetDtlsSrtpCryptoSuites(
|
|
const std::vector<int>& crypto_suites) {
|
|
return false;
|
|
}
|
|
|
|
bool SSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
|
|
return false;
|
|
}
|
|
|
|
bool SSLStreamAdapter::IsBoringSsl() {
|
|
return OpenSSLStreamAdapter::IsBoringSsl();
|
|
}
|
|
bool SSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) {
|
|
return OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type);
|
|
}
|
|
bool SSLStreamAdapter::IsAcceptableCipher(const std::string& cipher,
|
|
KeyType key_type) {
|
|
return OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type);
|
|
}
|
|
std::string SSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
|
|
return OpenSSLStreamAdapter::SslCipherSuiteToName(cipher_suite);
|
|
}
|
|
void SSLStreamAdapter::enable_time_callback_for_testing() {
|
|
OpenSSLStreamAdapter::enable_time_callback_for_testing();
|
|
}
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
} // namespace rtc
|