Index: webrtc/base/sslstreamadapter.h |
diff --git a/webrtc/base/sslstreamadapter.h b/webrtc/base/sslstreamadapter.h |
index 4fb238a290482d13d00569bc57ccc5cdc45389f8..660b9668a8301f858c60d913149fc5364c102209 100644 |
--- a/webrtc/base/sslstreamadapter.h |
+++ b/webrtc/base/sslstreamadapter.h |
@@ -19,6 +19,23 @@ |
namespace rtc { |
+// Constants for SRTP profiles. |
+const uint16_t SRTP_AES128_CM_SHA1_80 = 0x0001; |
+const uint16_t SRTP_AES128_CM_SHA1_32 = 0x0002; |
+ |
+// Cipher suite to use for SRTP. Typically a 80-bit HMAC will be used, except |
+// in applications (voice) where the additional bandwidth may be significant. |
+// A 80-bit HMAC is always used for SRTCP. |
+// 128-bit AES with 80-bit SHA-1 HMAC. |
+extern const char CS_AES_CM_128_HMAC_SHA1_80[]; |
+// 128-bit AES with 32-bit SHA-1 HMAC. |
+extern const char CS_AES_CM_128_HMAC_SHA1_32[]; |
+ |
+// Returns the DTLS-SRTP protection profile ID, as defined in |
+// https://tools.ietf.org/html/rfc5764#section-4.1.2, for the given SRTP |
+// Crypto-suite, as defined in https://tools.ietf.org/html/rfc4568#section-6.2 |
+uint16_t GetSrtpCipherByRfcName(const std::string& cipher_rfc_name); |
pthatcher1
2015/09/30 18:39:35
I think a good name here would be GetSrtpCrypoSuit
guoweis_webrtc
2015/09/30 20:14:21
Done.
|
+ |
// SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS. |
// After SSL has been started, the stream will only open on successful |
// SSL verification of certificates, and the communication is |
@@ -135,7 +152,7 @@ class SSLStreamAdapter : public StreamAdapterInterface { |
// Retrieves the name of the cipher suite used for the connection |
// (e.g. "TLS_RSA_WITH_AES_128_CBC_SHA"). |
- virtual bool GetSslCipher(std::string* cipher); |
+ virtual bool GetSslCipher(uint16_t* cipher); |
// Key Exporter interface from RFC 5705 |
// Arguments are: |
@@ -167,9 +184,14 @@ class SSLStreamAdapter : public StreamAdapterInterface { |
// Returns the default Ssl cipher used between streams of this class |
// for the given protocol version. This is used by the unit tests. |
- // TODO(torbjorng@webrtc.org): Fix callers to avoid default parameter. |
- static std::string GetDefaultSslCipher(SSLProtocolVersion version, |
- KeyType key_type = KT_DEFAULT); |
+ // TODO(guoweis): Move this away from a static class method. |
+ static uint16_t GetDefaultSslCipherForTest(SSLProtocolVersion version, |
+ KeyType key_type); |
+ |
+ // TODO(guoweis): Move this away from a static class method. Currently this is |
+ // introduced such that any caller could depend on sslstreamadapter.h without |
+ // depending on specific SSL implementation. |
+ static std::string GetSslCipherRfcNameById(uint16_t cipher); |
private: |
// If true, the server certificate need not match the configured |