Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(946)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: talk/session/media/srtpfilter.cc

Issue 1528843005: Add support for GCM cipher suites from RFC 7714. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc.git@master
Patch Set: Added PeerConnection tests using GCM ciphers, fixed passing of flag through DtlsTransportChannel. Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« talk/session/media/mediasession.cc ('K') | « talk/session/media/srtpfilter.h ('k') | webrtc/base/opensslstreamadapter.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: talk/session/media/srtpfilter.cc
diff --git a/talk/session/media/srtpfilter.cc b/talk/session/media/srtpfilter.cc
index 4a54740cef2be0433e8f0fda07344f7a49667409..382c644ede2f460ced2966f0508b881f15654548 100644
--- a/talk/session/media/srtpfilter.cc
+++ b/talk/session/media/srtpfilter.cc
@@ -73,10 +73,6 @@ extern "C" debug_module_t mod_aes_hmac;
namespace cricket {
-const int SRTP_MASTER_KEY_BASE64_LEN = SRTP_MASTER_KEY_LEN * 4 / 3;
-const int SRTP_MASTER_KEY_KEY_LEN = 16;
-const int SRTP_MASTER_KEY_SALT_LEN = 14;
-
#ifndef HAVE_SRTP
// This helper function is used on systems that don't (yet) have SRTP,
@@ -674,19 +670,34 @@ bool SrtpSession::SetKey(int type, int cs, const uint8_t* key, int len) {
srtp_policy_t policy;
memset(&policy, 0, sizeof(policy));
+ int expected_key_len;
if (cs == rtc::SRTP_AES128_CM_SHA1_80) {
crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtp);
crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp);
+ // Master key is 128 bits key + 112 bits salt.
+ expected_key_len = 16 + 14;
} else if (cs == rtc::SRTP_AES128_CM_SHA1_32) {
crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy.rtp); // rtp is 32,
crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); // rtcp still 80
+ // Master key is 128 bits key + 112 bits salt.
+ expected_key_len = 16 + 14;
+ } else if (cs == rtc::SRTP_AEAD_AES_128_GCM) {
+ crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
+ crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
+ // Master key is 128 bits key + 96 bits salt.
+ expected_key_len = 16 + 12;
+ } else if (cs == rtc::SRTP_AEAD_AES_256_GCM) {
+ crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp);
+ crypto_policy_set_aes_gcm_256_16_auth(&policy.rtcp);
+ // Master key is 256 bits key + 96 bits salt.
+ expected_key_len = 32 + 12;
pthatcher1 2015/12/18 20:31:32 This seems duplicative with the new SrtpCryptoSuit
joachim 2015/12/19 15:26:23 Right, I wrote that code before adding the new fun
} else {
LOG(LS_WARNING) << "Failed to create SRTP session: unsupported"
<< " cipher_suite " << cs;
return false;
}
- if (!key || len != SRTP_MASTER_KEY_LEN) {
+ if (!key || len != expected_key_len) {
LOG(LS_WARNING) << "Failed to create SRTP session: invalid key";
return false;
}
@@ -716,7 +727,6 @@ bool SrtpSession::SetKey(int type, int cs, const uint8_t* key, int len) {
return false;
}
-
rtp_auth_tag_len_ = policy.rtp.auth_tag_len;
rtcp_auth_tag_len_ = policy.rtcp.auth_tag_len;
return true;
« talk/session/media/mediasession.cc ('K') | « talk/session/media/srtpfilter.h ('k') | webrtc/base/opensslstreamadapter.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698