zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ac2f3d14e45398930bc35ff05ed7a3b9b617d328
platform-external-webrtc/api/crypto/cryptooptions.cc
Benjamin Wright ac2f3d14e4 Move CryptoOptions to api/crypto from rtc_base/sslstreamadapter.h 
Promotes rtc::CryptoOptions to webrtc::CryptoOptions converting it from class
that only handles SRTP configuration to a more generic structure that can be
used and extended for all per peer connection CryptoOptions that can be on a
given PeerConnection.

Now all SRTP related options are under webrtc::CryptoOptions::Srtp and can be
accessed as crypto_options.srtp.whatever_option_name. This is more inline with
other structures we have in WebRTC such as VideoConfig. As additional features
are added over time this will allow the structure to remain compartmentalized
and concerned components can only request a subset of the overall configuration
structure e.g:

void MySrtpFunction(const webrtc::CryptoOptions::Srtp& srtp_config);

In addition to this it made little sense for sslstreamadapter.h to hold all
Srtp related configuration options. The header has become loo large and takes on
too many responsibilities and spilting this up will lead to more maintainable
code going forward.

This will be used in a future CL to enable configuration options for the newly
supported Frame Crypto.

Change-Id: I99d1be36740c59548c8e62db52d68d738649707f
Bug: webrtc:9681
Reviewed-on: https://webrtc-review.googlesource.com/c/105180
Reviewed-by: Emad Omara <emadomara@webrtc.org>
Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#25130}
2018-10-11 19:14:42 +00:00

53 lines
1.7 KiB
C++
Raw Blame History

/*
* Copyright 2018 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#include "api/crypto/cryptooptions.h"
#include "rtc_base/sslstreamadapter.h"
namespace webrtc {
CryptoOptions::CryptoOptions() {}
CryptoOptions::CryptoOptions(const CryptoOptions& other) {
enable_gcm_crypto_suites = other.enable_gcm_crypto_suites;
enable_encrypted_rtp_header_extensions =
other.enable_encrypted_rtp_header_extensions;
srtp = other.srtp;
}
CryptoOptions::~CryptoOptions() {}
// static
CryptoOptions CryptoOptions::NoGcm() {
CryptoOptions options;
options.srtp.enable_gcm_crypto_suites = false;
return options;
}
std::vector<int> CryptoOptions::GetSupportedDtlsSrtpCryptoSuites() const {
std::vector<int> crypto_suites;
if (srtp.enable_gcm_crypto_suites) {
crypto_suites.push_back(rtc::SRTP_AEAD_AES_256_GCM);
crypto_suites.push_back(rtc::SRTP_AEAD_AES_128_GCM);
}
// Note: SRTP_AES128_CM_SHA1_80 is what is required to be supported (by
// draft-ietf-rtcweb-security-arch), but SRTP_AES128_CM_SHA1_32 is allowed as
// well, and saves a few bytes per packet if it ends up selected.
// As the cipher suite is potentially insecure, it will only be used if
// enabled by both peers.
if (srtp.enable_aes128_sha1_32_crypto_cipher) {
crypto_suites.push_back(rtc::SRTP_AES128_CM_SHA1_32);
}
crypto_suites.push_back(rtc::SRTP_AES128_CM_SHA1_80);
return crypto_suites;
}
} // namespace webrtc
Reference in New Issue View Git Blame Copy Permalink