Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(405)

Side by Side Diff: webrtc/base/opensslstreamadapter.cc

Issue 1416673006: Convert internal representation of Srtp cryptos from string to int. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc@master
Patch Set: change srtp crypto name conversion Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « webrtc/base/opensslstreamadapter.h ('k') | webrtc/base/sslstreamadapter.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 * 3 *
4 * Use of this source code is governed by a BSD-style license 4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source 5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found 6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may 7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree. 8 * be found in the AUTHORS file in the root of the source tree.
9 */ 9 */
10 10
(...skipping 25 matching lines...) Expand all
36 #include "webrtc/base/stringutils.h" 36 #include "webrtc/base/stringutils.h"
37 #include "webrtc/base/thread.h" 37 #include "webrtc/base/thread.h"
38 38
39 namespace rtc { 39 namespace rtc {
40 40
41 #if (OPENSSL_VERSION_NUMBER >= 0x10001000L) 41 #if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
42 #define HAVE_DTLS_SRTP 42 #define HAVE_DTLS_SRTP
43 #endif 43 #endif
44 44
45 #ifdef HAVE_DTLS_SRTP 45 #ifdef HAVE_DTLS_SRTP
46 // SRTP cipher suite table 46 // SRTP cipher suite table. |internal_name| is used to construct a
47 // colon-separated profile strings which is needed by
48 // SSL_CTX_set_tlsext_use_srtp().
47 struct SrtpCipherMapEntry { 49 struct SrtpCipherMapEntry {
48 const char* external_name;
49 const char* internal_name; 50 const char* internal_name;
51 const int id;
50 }; 52 };
51 53
52 // This isn't elegant, but it's better than an external reference 54 // This isn't elegant, but it's better than an external reference
53 static SrtpCipherMapEntry SrtpCipherMap[] = { 55 static SrtpCipherMapEntry SrtpCipherMap[] = {
54 {CS_AES_CM_128_HMAC_SHA1_80, "SRTP_AES128_CM_SHA1_80"}, 56 {"SRTP_AES128_CM_SHA1_80", SRTP_AES128_CM_SHA1_80},
55 {CS_AES_CM_128_HMAC_SHA1_32, "SRTP_AES128_CM_SHA1_32"}, 57 {"SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32},
56 {NULL, NULL}}; 58 {nullptr, 0}};
57 #endif 59 #endif
58 60
59 #ifndef OPENSSL_IS_BORINGSSL 61 #ifndef OPENSSL_IS_BORINGSSL
60 62
61 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name. 63 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name.
62 struct SslCipherMapEntry { 64 struct SslCipherMapEntry {
63 uint32_t openssl_id; 65 uint32_t openssl_id;
64 const char* rfc_name; 66 const char* rfc_name;
65 }; 67 };
66 68
(...skipping 274 matching lines...) Expand 10 before | Expand all | Expand 10 after
341 } 343 }
342 if (expected_len != digest_len) 344 if (expected_len != digest_len)
343 return false; 345 return false;
344 346
345 peer_certificate_digest_value_.SetData(digest_val, digest_len); 347 peer_certificate_digest_value_.SetData(digest_val, digest_len);
346 peer_certificate_digest_algorithm_ = digest_alg; 348 peer_certificate_digest_algorithm_ = digest_alg;
347 349
348 return true; 350 return true;
349 } 351 }
350 352
351 std::string OpenSSLStreamAdapter::GetSslCipherSuiteName(int cipher) { 353 std::string OpenSSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
352 #ifdef OPENSSL_IS_BORINGSSL 354 #ifdef OPENSSL_IS_BORINGSSL
353 const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher); 355 const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher_suite);
354 if (!ssl_cipher) { 356 if (!ssl_cipher) {
355 return std::string(); 357 return std::string();
356 } 358 }
357 char* cipher_name = SSL_CIPHER_get_rfc_name(ssl_cipher); 359 char* cipher_name = SSL_CIPHER_get_rfc_name(ssl_cipher);
358 std::string rfc_name = std::string(cipher_name); 360 std::string rfc_name = std::string(cipher_name);
359 OPENSSL_free(cipher_name); 361 OPENSSL_free(cipher_name);
360 return rfc_name; 362 return rfc_name;
361 #else 363 #else
362 for (const SslCipherMapEntry* entry = kSslCipherMap; entry->rfc_name; 364 for (const SslCipherMapEntry* entry = kSslCipherMap; entry->rfc_name;
363 ++entry) { 365 ++entry) {
364 if (cipher == entry->openssl_id) { 366 if (cipher_suite == entry->openssl_id) {
365 return entry->rfc_name; 367 return entry->rfc_name;
366 } 368 }
367 } 369 }
368 return std::string(); 370 return std::string();
369 #endif 371 #endif
370 } 372 }
371 373
372 bool OpenSSLStreamAdapter::GetSslCipherSuite(int* cipher) { 374 bool OpenSSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) {
373 if (state_ != SSL_CONNECTED) 375 if (state_ != SSL_CONNECTED)
374 return false; 376 return false;
375 377
376 const SSL_CIPHER* current_cipher = SSL_get_current_cipher(ssl_); 378 const SSL_CIPHER* current_cipher = SSL_get_current_cipher(ssl_);
377 if (current_cipher == NULL) { 379 if (current_cipher == NULL) {
378 return false; 380 return false;
379 } 381 }
380 382
381 *cipher = static_cast<uint16_t>(SSL_CIPHER_get_id(current_cipher)); 383 *cipher_suite = static_cast<uint16_t>(SSL_CIPHER_get_id(current_cipher));
382 return true; 384 return true;
383 } 385 }
384 386
385 // Key Extractor interface 387 // Key Extractor interface
386 bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label, 388 bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
387 const uint8_t* context, 389 const uint8_t* context,
388 size_t context_len, 390 size_t context_len,
389 bool use_context, 391 bool use_context,
390 uint8_t* result, 392 uint8_t* result,
391 size_t result_len) { 393 size_t result_len) {
392 #ifdef HAVE_DTLS_SRTP 394 #ifdef HAVE_DTLS_SRTP
393 int i; 395 int i;
394 396
395 i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(), 397 i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(),
396 label.length(), const_cast<uint8_t*>(context), 398 label.length(), const_cast<uint8_t*>(context),
397 context_len, use_context); 399 context_len, use_context);
398 400
399 if (i != 1) 401 if (i != 1)
400 return false; 402 return false;
401 403
402 return true; 404 return true;
403 #else 405 #else
404 return false; 406 return false;
405 #endif 407 #endif
406 } 408 }
407 409
408 bool OpenSSLStreamAdapter::SetDtlsSrtpCiphers( 410 bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites(
409 const std::vector<std::string>& ciphers) { 411 const std::vector<int>& ciphers) {
410 #ifdef HAVE_DTLS_SRTP 412 #ifdef HAVE_DTLS_SRTP
411 std::string internal_ciphers; 413 std::string internal_ciphers;
412 414
413 if (state_ != SSL_NONE) 415 if (state_ != SSL_NONE)
414 return false; 416 return false;
415 417
416 for (std::vector<std::string>::const_iterator cipher = ciphers.begin(); 418 for (std::vector<int>::const_iterator cipher = ciphers.begin();
417 cipher != ciphers.end(); ++cipher) { 419 cipher != ciphers.end(); ++cipher) {
418 bool found = false; 420 bool found = false;
419 for (SrtpCipherMapEntry *entry = SrtpCipherMap; entry->internal_name; 421 for (SrtpCipherMapEntry* entry = SrtpCipherMap; entry->internal_name;
420 ++entry) { 422 ++entry) {
421 if (*cipher == entry->external_name) { 423 if (*cipher == entry->id) {
422 found = true; 424 found = true;
423 if (!internal_ciphers.empty()) 425 if (!internal_ciphers.empty())
424 internal_ciphers += ":"; 426 internal_ciphers += ":";
425 internal_ciphers += entry->internal_name; 427 internal_ciphers += entry->internal_name;
426 break; 428 break;
427 } 429 }
428 } 430 }
429 431
430 if (!found) { 432 if (!found) {
431 LOG(LS_ERROR) << "Could not find cipher: " << *cipher; 433 LOG(LS_ERROR) << "Could not find cipher: " << *cipher;
432 return false; 434 return false;
433 } 435 }
434 } 436 }
435 437
436 if (internal_ciphers.empty()) 438 if (internal_ciphers.empty())
437 return false; 439 return false;
438 440
439 srtp_ciphers_ = internal_ciphers; 441 srtp_ciphers_ = internal_ciphers;
440 return true; 442 return true;
441 #else 443 #else
442 return false; 444 return false;
443 #endif 445 #endif
444 } 446 }
445 447
446 bool OpenSSLStreamAdapter::GetDtlsSrtpCipher(std::string* cipher) { 448 bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
447 #ifdef HAVE_DTLS_SRTP 449 #ifdef HAVE_DTLS_SRTP
448 ASSERT(state_ == SSL_CONNECTED); 450 ASSERT(state_ == SSL_CONNECTED);
449 if (state_ != SSL_CONNECTED) 451 if (state_ != SSL_CONNECTED)
450 return false; 452 return false;
451 453
452 const SRTP_PROTECTION_PROFILE *srtp_profile = 454 const SRTP_PROTECTION_PROFILE *srtp_profile =
453 SSL_get_selected_srtp_profile(ssl_); 455 SSL_get_selected_srtp_profile(ssl_);
454 456
455 if (!srtp_profile) 457 if (!srtp_profile)
456 return false; 458 return false;
457 459
458 for (SrtpCipherMapEntry *entry = SrtpCipherMap; 460 *crypto_suite = srtp_profile->id;
459 entry->internal_name; ++entry) { 461 ASSERT(!SrtpCryptoSuiteToName(*crypto_suite).empty());
460 if (!strcmp(entry->internal_name, srtp_profile->name)) { 462 return true;
461 *cipher = entry->external_name;
462 return true;
463 }
464 }
465
466 ASSERT(false); // This should never happen
467
468 return false;
469 #else 463 #else
470 return false; 464 return false;
471 #endif 465 #endif
472 } 466 }
473 467
474 int OpenSSLStreamAdapter::StartSSLWithServer(const char* server_name) { 468 int OpenSSLStreamAdapter::StartSSLWithServer(const char* server_name) {
475 ASSERT(server_name != NULL && server_name[0] != '\0'); 469 ASSERT(server_name != NULL && server_name[0] != '\0');
476 ssl_server_name_ = server_name; 470 ssl_server_name_ = server_name;
477 return StartSSL(); 471 return StartSSL();
478 } 472 }
(...skipping 688 matching lines...) Expand 10 before | Expand all | Expand 10 after
1167 } 1161 }
1168 } else { 1162 } else {
1169 RTC_NOTREACHED(); 1163 RTC_NOTREACHED();
1170 return kDefaultSslEcCipher12; 1164 return kDefaultSslEcCipher12;
1171 } 1165 }
1172 } 1166 }
1173 1167
1174 } // namespace rtc 1168 } // namespace rtc
1175 1169
1176 #endif // HAVE_OPENSSL_SSL_H 1170 #endif // HAVE_OPENSSL_SSL_H
OLDNEW
« no previous file with comments | « webrtc/base/opensslstreamadapter.h ('k') | webrtc/base/sslstreamadapter.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698