OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 13 matching lines...) Expand all Loading... | |
24 const int SRTP_AES128_CM_SHA1_32 = 0x0002; | 24 const int SRTP_AES128_CM_SHA1_32 = 0x0002; |
25 | 25 |
26 // Cipher suite to use for SRTP. Typically a 80-bit HMAC will be used, except | 26 // Cipher suite to use for SRTP. Typically a 80-bit HMAC will be used, except |
27 // in applications (voice) where the additional bandwidth may be significant. | 27 // in applications (voice) where the additional bandwidth may be significant. |
28 // A 80-bit HMAC is always used for SRTCP. | 28 // A 80-bit HMAC is always used for SRTCP. |
29 // 128-bit AES with 80-bit SHA-1 HMAC. | 29 // 128-bit AES with 80-bit SHA-1 HMAC. |
30 extern const char CS_AES_CM_128_HMAC_SHA1_80[]; | 30 extern const char CS_AES_CM_128_HMAC_SHA1_80[]; |
31 // 128-bit AES with 32-bit SHA-1 HMAC. | 31 // 128-bit AES with 32-bit SHA-1 HMAC. |
32 extern const char CS_AES_CM_128_HMAC_SHA1_32[]; | 32 extern const char CS_AES_CM_128_HMAC_SHA1_32[]; |
33 | 33 |
34 // Returns the DTLS-SRTP protection profile ID, as defined in | 34 // Given the DTLS-SRTP protection profile ID, as defined in |
35 // https://tools.ietf.org/html/rfc5764#section-4.1.2, for the given SRTP | 35 // https://tools.ietf.org/html/rfc4568#section-6.2 , return the SRTP profile |
36 // Crypto-suite, as defined in https://tools.ietf.org/html/rfc4568#section-6.2 | 36 // name, as defined in https://tools.ietf.org/html/rfc5764#section-4.1.2. |
37 int GetSrtpCryptoSuiteFromName(const std::string& cipher_rfc_name); | 37 std::string SrtpCryptoSuiteToName(int srtp_crypto); |
38 | |
39 // The reverse of above conversion. | |
40 int SrtpCryptoSuiteNameToId(const std::string& crypto); | |
38 | 41 |
39 // SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS. | 42 // SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS. |
40 // After SSL has been started, the stream will only open on successful | 43 // After SSL has been started, the stream will only open on successful |
41 // SSL verification of certificates, and the communication is | 44 // SSL verification of certificates, and the communication is |
42 // encrypted of course. | 45 // encrypted of course. |
43 // | 46 // |
44 // This class was written with SSLAdapter as a starting point. It | 47 // This class was written with SSLAdapter as a starting point. It |
45 // offers a similar interface, with two differences: there is no | 48 // offers a similar interface, with two differences: there is no |
46 // support for a restartable SSL connection, and this class has a | 49 // support for a restartable SSL connection, and this class has a |
47 // peer-to-peer mode. | 50 // peer-to-peer mode. |
(...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
167 // result -- where to put the computed value | 170 // result -- where to put the computed value |
168 // result_len -- the length of the computed value | 171 // result_len -- the length of the computed value |
169 virtual bool ExportKeyingMaterial(const std::string& label, | 172 virtual bool ExportKeyingMaterial(const std::string& label, |
170 const uint8_t* context, | 173 const uint8_t* context, |
171 size_t context_len, | 174 size_t context_len, |
172 bool use_context, | 175 bool use_context, |
173 uint8_t* result, | 176 uint8_t* result, |
174 size_t result_len); | 177 size_t result_len); |
175 | 178 |
176 // DTLS-SRTP interface | 179 // DTLS-SRTP interface |
177 virtual bool SetDtlsSrtpCiphers(const std::vector<std::string>& ciphers); | 180 virtual bool SetDtlsSrtpCryptoSuites(const std::vector<int>& ciphers); |
178 virtual bool GetDtlsSrtpCipher(std::string* cipher); | 181 virtual bool GetDtlsSrtpCryptoSuite(int* cipher); |
pthatcher1
2015/11/11 19:59:41
More here.
I'm going to stop commenting on these.
guoweis_webrtc
2015/11/17 01:21:16
Done.
| |
179 | 182 |
180 // Capabilities testing | 183 // Capabilities testing |
181 static bool HaveDtls(); | 184 static bool HaveDtls(); |
182 static bool HaveDtlsSrtp(); | 185 static bool HaveDtlsSrtp(); |
183 static bool HaveExporter(); | 186 static bool HaveExporter(); |
184 | 187 |
185 // Returns the default Ssl cipher used between streams of this class | 188 // Returns the default Ssl cipher used between streams of this class |
186 // for the given protocol version. This is used by the unit tests. | 189 // for the given protocol version. This is used by the unit tests. |
187 // TODO(guoweis): Move this away from a static class method. | 190 // TODO(guoweis): Move this away from a static class method. |
188 static int GetDefaultSslCipherForTest(SSLProtocolVersion version, | 191 static int GetDefaultSslCipherForTest(SSLProtocolVersion version, |
189 KeyType key_type); | 192 KeyType key_type); |
190 | 193 |
191 // TODO(guoweis): Move this away from a static class method. Currently this is | 194 // TODO(guoweis): Move this away from a static class method. Currently this is |
192 // introduced such that any caller could depend on sslstreamadapter.h without | 195 // introduced such that any caller could depend on sslstreamadapter.h without |
193 // depending on specific SSL implementation. | 196 // depending on specific SSL implementation. |
194 static std::string GetSslCipherSuiteName(int cipher); | 197 static std::string SslCipherSuiteToName(int cipher); |
195 | 198 |
196 private: | 199 private: |
197 // If true, the server certificate need not match the configured | 200 // If true, the server certificate need not match the configured |
198 // server_name, and in fact missing certificate authority and other | 201 // server_name, and in fact missing certificate authority and other |
199 // verification errors are ignored. | 202 // verification errors are ignored. |
200 bool ignore_bad_cert_; | 203 bool ignore_bad_cert_; |
201 | 204 |
202 // If true (default), the client is required to provide a certificate during | 205 // If true (default), the client is required to provide a certificate during |
203 // handshake. If no certificate is given, handshake fails. This applies to | 206 // handshake. If no certificate is given, handshake fails. This applies to |
204 // server mode only. | 207 // server mode only. |
205 bool client_auth_enabled_; | 208 bool client_auth_enabled_; |
206 }; | 209 }; |
207 | 210 |
208 } // namespace rtc | 211 } // namespace rtc |
209 | 212 |
210 #endif // WEBRTC_BASE_SSLSTREAMADAPTER_H_ | 213 #endif // WEBRTC_BASE_SSLSTREAMADAPTER_H_ |
OLD | NEW |