| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 // Everything in this class should be called on the worker thread. | 28 // Everything in this class should be called on the worker thread. |
| 29 template<class Base> | 29 template<class Base> |
| 30 class DtlsTransport : public Base { | 30 class DtlsTransport : public Base { |
| 31 public: | 31 public: |
| 32 DtlsTransport(const std::string& name, | 32 DtlsTransport(const std::string& name, |
| 33 PortAllocator* allocator, | 33 PortAllocator* allocator, |
| 34 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) | 34 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) |
| 35 : Base(name, allocator), | 35 : Base(name, allocator), |
| 36 certificate_(certificate), | 36 certificate_(certificate), |
| 37 secure_role_(rtc::SSL_CLIENT), | 37 secure_role_(rtc::SSL_CLIENT), |
| 38 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) {} | 38 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10), |
| 39 enable_gcm_ciphers_(false) {} |
| 39 | 40 |
| 40 ~DtlsTransport() { | 41 ~DtlsTransport() { |
| 41 Base::DestroyAllChannels(); | 42 Base::DestroyAllChannels(); |
| 42 } | 43 } |
| 43 | 44 |
| 44 void SetLocalCertificate( | 45 void SetLocalCertificate( |
| 45 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override { | 46 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override { |
| 46 certificate_ = certificate; | 47 certificate_ = certificate; |
| 47 } | 48 } |
| 48 bool GetLocalCertificate( | 49 bool GetLocalCertificate( |
| 49 rtc::scoped_refptr<rtc::RTCCertificate>* certificate) override { | 50 rtc::scoped_refptr<rtc::RTCCertificate>* certificate) override { |
| 50 if (!certificate_) | 51 if (!certificate_) |
| 51 return false; | 52 return false; |
| 52 | 53 |
| 53 *certificate = certificate_; | 54 *certificate = certificate_; |
| 54 return true; | 55 return true; |
| 55 } | 56 } |
| 56 | 57 |
| 57 bool SetSslMaxProtocolVersion(rtc::SSLProtocolVersion version) override { | 58 bool SetSslMaxProtocolVersion(rtc::SSLProtocolVersion version) override { |
| 58 ssl_max_version_ = version; | 59 ssl_max_version_ = version; |
| 59 return true; | 60 return true; |
| 60 } | 61 } |
| 61 | 62 |
| 63 bool SetEnableGcmCiphers(bool enable) override { |
| 64 enable_gcm_ciphers_ = enable; |
| 65 return true; |
| 66 } |
| 67 |
| 62 bool ApplyLocalTransportDescription(TransportChannelImpl* channel, | 68 bool ApplyLocalTransportDescription(TransportChannelImpl* channel, |
| 63 std::string* error_desc) override { | 69 std::string* error_desc) override { |
| 64 rtc::SSLFingerprint* local_fp = | 70 rtc::SSLFingerprint* local_fp = |
| 65 Base::local_description()->identity_fingerprint.get(); | 71 Base::local_description()->identity_fingerprint.get(); |
| 66 | 72 |
| 67 if (local_fp) { | 73 if (local_fp) { |
| 68 // Sanity check local fingerprint. | 74 // Sanity check local fingerprint. |
| 69 if (certificate_) { | 75 if (certificate_) { |
| 70 rtc::scoped_ptr<rtc::SSLFingerprint> local_fp_tmp( | 76 rtc::scoped_ptr<rtc::SSLFingerprint> local_fp_tmp( |
| 71 rtc::SSLFingerprint::Create(local_fp->algorithm, | 77 rtc::SSLFingerprint::Create(local_fp->algorithm, |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 194 } | 200 } |
| 195 | 201 |
| 196 // Now run the negotiation for the base class. | 202 // Now run the negotiation for the base class. |
| 197 return Base::NegotiateTransportDescription(local_role, error_desc); | 203 return Base::NegotiateTransportDescription(local_role, error_desc); |
| 198 } | 204 } |
| 199 | 205 |
| 200 DtlsTransportChannelWrapper* CreateTransportChannel(int component) override { | 206 DtlsTransportChannelWrapper* CreateTransportChannel(int component) override { |
| 201 DtlsTransportChannelWrapper* channel = new DtlsTransportChannelWrapper( | 207 DtlsTransportChannelWrapper* channel = new DtlsTransportChannelWrapper( |
| 202 this, Base::CreateTransportChannel(component)); | 208 this, Base::CreateTransportChannel(component)); |
| 203 channel->SetSslMaxProtocolVersion(ssl_max_version_); | 209 channel->SetSslMaxProtocolVersion(ssl_max_version_); |
| 210 channel->SetEnableGcmCiphers(enable_gcm_ciphers_); |
| 204 return channel; | 211 return channel; |
| 205 } | 212 } |
| 206 | 213 |
| 207 void DestroyTransportChannel(TransportChannelImpl* channel) override { | 214 void DestroyTransportChannel(TransportChannelImpl* channel) override { |
| 208 // Kind of ugly, but this lets us do the exact inverse of the create. | 215 // Kind of ugly, but this lets us do the exact inverse of the create. |
| 209 DtlsTransportChannelWrapper* dtls_channel = | 216 DtlsTransportChannelWrapper* dtls_channel = |
| 210 static_cast<DtlsTransportChannelWrapper*>(channel); | 217 static_cast<DtlsTransportChannelWrapper*>(channel); |
| 211 TransportChannelImpl* base_channel = dtls_channel->channel(); | 218 TransportChannelImpl* base_channel = dtls_channel->channel(); |
| 212 delete dtls_channel; | 219 delete dtls_channel; |
| 213 Base::DestroyTransportChannel(base_channel); | 220 Base::DestroyTransportChannel(base_channel); |
| (...skipping 21 matching lines...) Expand all Loading... |
| 235 remote_fingerprint_->digest.size())) { | 242 remote_fingerprint_->digest.size())) { |
| 236 return BadTransportDescription("Failed to apply remote fingerprint.", | 243 return BadTransportDescription("Failed to apply remote fingerprint.", |
| 237 error_desc); | 244 error_desc); |
| 238 } | 245 } |
| 239 return Base::ApplyNegotiatedTransportDescription(channel, error_desc); | 246 return Base::ApplyNegotiatedTransportDescription(channel, error_desc); |
| 240 } | 247 } |
| 241 | 248 |
| 242 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; | 249 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; |
| 243 rtc::SSLRole secure_role_; | 250 rtc::SSLRole secure_role_; |
| 244 rtc::SSLProtocolVersion ssl_max_version_; | 251 rtc::SSLProtocolVersion ssl_max_version_; |
| 252 bool enable_gcm_ciphers_; |
| 245 rtc::scoped_ptr<rtc::SSLFingerprint> remote_fingerprint_; | 253 rtc::scoped_ptr<rtc::SSLFingerprint> remote_fingerprint_; |
| 246 }; | 254 }; |
| 247 | 255 |
| 248 } // namespace cricket | 256 } // namespace cricket |
| 249 | 257 |
| 250 #endif // WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 258 #endif // WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1528843005:
Add support for GCM cipher suites from RFC 7714. (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master