Add support for GCM cipher suites from RFC 7714.

webrtc/api/peerconnection_unittest.cc

Index: webrtc/api/peerconnection_unittest.cc
diff --git a/webrtc/api/peerconnection_unittest.cc b/webrtc/api/peerconnection_unittest.cc
index 521486f98b8e8cd79d76148f661eefdfeca46143..6cbaf261c7d48cd8e5087a1d6fcad321d46d21f6 100644
--- a/webrtc/api/peerconnection_unittest.cc
+++ b/webrtc/api/peerconnection_unittest.cc
@@ -100,6 +100,7 @@ static const char kDataChannelLabel[] = "data_channel";
 // SRTP cipher name negotiated by the tests. This must be updated if the
 // default changes.
 static const int kDefaultSrtpCryptoSuite = rtc::SRTP_AES128_CM_SHA1_32;
+static const int kDefaultSrtpCryptoSuiteGcm = rtc::SRTP_AEAD_AES_256_GCM;
 #endif
 
 static void RemoveLinesFromSdp(const std::string& line_start,
@@ -1301,6 +1302,28 @@ class P2PTestConductor : public testing::Test {
     return old;
   }
 
+  void TestGcmNegotiation(bool local_gcm_enabled, bool remote_gcm_enabled,
+      int expected_cipher_suite) {
+    PeerConnectionFactory::Options init_options;
+    init_options.crypto_options.enable_gcm_crypto_suites = local_gcm_enabled;
+    PeerConnectionFactory::Options recv_options;
+    recv_options.crypto_options.enable_gcm_crypto_suites = remote_gcm_enabled;
+    ASSERT_TRUE(
+        CreateTestClients(nullptr, &init_options, nullptr, &recv_options));
+    rtc::scoped_refptr<webrtc::FakeMetricsObserver>
+        init_observer =
+            new rtc::RefCountedObject<webrtc::FakeMetricsObserver>();
+    initializing_client()->pc()->RegisterUMAObserver(init_observer);
+    LocalP2PTest();
+
+    EXPECT_EQ_WAIT(rtc::SrtpCryptoSuiteToName(expected_cipher_suite),
+                   initializing_client()->GetSrtpCipherStats(),
+                   kMaxWaitForStatsMs);
+    EXPECT_EQ(1,
+              init_observer->GetEnumCounter(webrtc::kEnumCounterAudioSrtpCipher,
+                                            expected_cipher_suite));
+  }
+
  private:
   // |worker_thread_| is used by both |initiating_client_| and
   // |receiving_client_|. Must be destroyed last.
@@ -1722,6 +1745,28 @@ TEST_F(P2PTestConductor, GetDtls12Recv) {
                                           kDefaultSrtpCryptoSuite));
 }
 
+// Test that a non-GCM cipher is used if both sides only support non-GCM.
+TEST_F(P2PTestConductor, GetGcmNone) {
+  TestGcmNegotiation(false, false, kDefaultSrtpCryptoSuite);
+}
+
+// Test that a GCM cipher is used if both ends support it.
+TEST_F(P2PTestConductor, GetGcmBoth) {
+  TestGcmNegotiation(true, true, kDefaultSrtpCryptoSuiteGcm);
+}
+
+// Test that a non-GCM cipher is used if the initator supports GCM and the

[mattdr, 2016/05/06 22:34:13]

'Test that GCM isn't used if only the initiator supports it.'

[joachim, 2016/05/09 23:21:40]

Done.

+// received supports non-GCM.
+TEST_F(P2PTestConductor, GetGcmInit) {
+  TestGcmNegotiation(true, false, kDefaultSrtpCryptoSuite);
+}
+
+// Test that a non-GCM cipher is used if the initator supports non-GCM and the

[mattdr, 2016/05/06 22:34:13]

'Test that GCM isn't used if only the receiver supports it.'

[joachim, 2016/05/09 23:21:40]

Done.

+// received supports GCM.
+TEST_F(P2PTestConductor, GetGcmRecv) {
+  TestGcmNegotiation(false, true, kDefaultSrtpCryptoSuite);
+}
+
 // This test sets up a call between two parties with audio, video and an RTP
 // data channel.
 TEST_F(P2PTestConductor, LocalP2PTestRtpDataChannel) {