webrtc/pc/srtpfilter.cc - Issue 1528843005: Add support for GCM cipher suites from RFC 7714.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: webrtc/pc/srtpfilter.cc

Issue 1528843005: Add support for GCM cipher suites from RFC 7714. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc.git@master

Patch Set: Fix failing SRTP-but-no-DTLS tests. Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: webrtc/pc/srtpfilter.cc

diff --git a/webrtc/pc/srtpfilter.cc b/webrtc/pc/srtpfilter.cc

index e8ea2890edab8b51cb273f483016c98dea0f186b..8168f4c48f1b2060797c468e6b17d966d1cc130b 100644

--- a/webrtc/pc/srtpfilter.cc

+++ b/webrtc/pc/srtpfilter.cc

@@ -54,10 +54,6 @@ extern "C" debug_module_t mod_aes_hmac;

namespace cricket {

-const int SRTP_MASTER_KEY_BASE64_LEN = SRTP_MASTER_KEY_LEN * 4 / 3;

-const int SRTP_MASTER_KEY_KEY_LEN = 16;

-const int SRTP_MASTER_KEY_SALT_LEN = 14;

#ifndef HAVE_SRTP

// This helper function is used on systems that don't (yet) have SRTP,

@@ -658,20 +654,35 @@ bool SrtpSession::SetKey(int type, int cs, const uint8_t* key, int len) {

srtp_policy_t policy;

memset(&policy, 0, sizeof(policy));

if (cs == rtc::SRTP_AES128_CM_SHA1_80) {

crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtp);

crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp);

} else if (cs == rtc::SRTP_AES128_CM_SHA1_32) {

crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy.rtp); // rtp is 32,

crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); // rtcp still 80

+ } else if (cs == rtc::SRTP_AEAD_AES_128_GCM) {

+ crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);

+ crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);

+ } else if (cs == rtc::SRTP_AEAD_AES_256_GCM) {

+ crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp);

+ crypto_policy_set_aes_gcm_256_16_auth(&policy.rtcp);

} else {

LOG(LS_WARNING) << "Failed to create SRTP session: unsupported"

<< " cipher_suite " << cs;

return false;

}

- if (!key || len != SRTP_MASTER_KEY_LEN) {

+ int expected_key_len;

+ int expected_salt_len;

+ if (!rtc::GetSrtpKeyAndSaltLengths(cs, &expected_key_len,

+ &expected_salt_len)) {

+ // This should never happen.

+ LOG(LS_WARNING) << "Failed to create SRTP session: unsupported"

+ << " cipher_suite without length information" << cs;

+ return false;

+ }

+ if (!key || len != (expected_key_len + expected_salt_len)) {

LOG(LS_WARNING) << "Failed to create SRTP session: invalid key";

return false;

}

@@ -701,7 +712,6 @@ bool SrtpSession::SetKey(int type, int cs, const uint8_t* key, int len) {

return false;

}

rtp_auth_tag_len_ = policy.rtp.auth_tag_len;

rtcp_auth_tag_len_ = policy.rtcp.auth_tag_len;

return true;

« webrtc/pc/mediasession.cc ('K') | « webrtc/pc/srtpfilter.h ('k') | no next file » | no next file with comments »