webrtc/base/sslstreamadapter.h - Issue 1528843005: Add support for GCM cipher suites from RFC 7714.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: webrtc/base/sslstreamadapter.h

Issue 1528843005: Add support for GCM cipher suites from RFC 7714. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc.git@master

Patch Set: Fix failing SRTP-but-no-DTLS tests. Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: webrtc/base/sslstreamadapter.h

diff --git a/webrtc/base/sslstreamadapter.h b/webrtc/base/sslstreamadapter.h

index c5045f184fb2ce3af74242dab3c29869e61b5084..eafe0df1c2c42677e9a8e606e5514f39ab9b7326 100644

--- a/webrtc/base/sslstreamadapter.h

+++ b/webrtc/base/sslstreamadapter.h

@@ -31,6 +31,12 @@ const int SRTP_AES128_CM_SHA1_80 = 0x0001;

#ifndef SRTP_AES128_CM_SHA1_32

const int SRTP_AES128_CM_SHA1_32 = 0x0002;

#endif

+#ifndef SRTP_AEAD_AES_128_GCM

+const int SRTP_AEAD_AES_128_GCM = 0x0007;

+#endif

+#ifndef SRTP_AEAD_AES_256_GCM

+const int SRTP_AEAD_AES_256_GCM = 0x0008;

+#endif

// Cipher suite to use for SRTP. Typically a 80-bit HMAC will be used, except

// in applications (voice) where the additional bandwidth may be significant.

@@ -39,6 +45,10 @@ const int SRTP_AES128_CM_SHA1_32 = 0x0002;

extern const char CS_AES_CM_128_HMAC_SHA1_80[];

// 128-bit AES with 32-bit SHA-1 HMAC.

extern const char CS_AES_CM_128_HMAC_SHA1_32[];

+// 128-bit AES GCM with 16 byte AEAD auth tag.

+extern const char CS_AEAD_AES_128_GCM[];

+// 256-bit AES GCM with 16 byte AEAD auth tag.

+extern const char CS_AEAD_AES_256_GCM[];

// Given the DTLS-SRTP protection profile ID, as defined in

// https://tools.ietf.org/html/rfc4568#section-6.2 , return the SRTP profile

@@ -48,6 +58,27 @@ std::string SrtpCryptoSuiteToName(int crypto_suite);

// The reverse of above conversion.

int SrtpCryptoSuiteFromName(const std::string& crypto_suite);

+// Get key length and salt length for given crypto suite. Returns true for

+// valid suites, otherwise false.

+bool GetSrtpKeyAndSaltLengths(int crypto_suite, int *key_length,

+ int *salt_length);

+// Returns true if the given crypto suite id uses a GCM cipher.

+bool IsGcmCryptoSuite(int crypto_suite);

+// Returns true if the given crypto suite name uses a GCM cipher.

+bool IsGcmCryptoSuiteName(const std::string& crypto_suite);

+struct CryptoOptions {

+ CryptoOptions() :

mattdr 2016/05/06 22:34:13 The initializer will fit on one line.

joachim 2016/05/09 23:21:40 Done.

+ enable_gcm_crypto_suites(false) {

+ }

+ // Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used

+ // if both sides enable it.

+ bool enable_gcm_crypto_suites;

+};

// SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS.

// After SSL has been started, the stream will only open on successful

// SSL verification of certificates, and the communication is

« webrtc/api/peerconnectioninterface.h ('K') | « webrtc/base/opensslstreamadapter.cc ('k') | webrtc/base/sslstreamadapter.cc » ('j') | webrtc/base/sslstreamadapter_unittest.cc » ('J')