| Index: talk/session/media/mediasession.cc
|
| diff --git a/talk/session/media/mediasession.cc b/talk/session/media/mediasession.cc
|
| index 24f01b4463b5931267475fac98015a343f59cc78..5e6ff99cc2ae2ba9a278cc5101c9d9b1834ebb73 100644
|
| --- a/talk/session/media/mediasession.cc
|
| +++ b/talk/session/media/mediasession.cc
|
| @@ -51,11 +51,13 @@ static const uint32_t kMaxSctpSid = 1023;
|
| namespace {
|
| const char kInline[] = "inline:";
|
|
|
| -void GetSupportedCryptoSuiteNames(void (*func)(std::vector<int>*),
|
| +void GetSupportedCryptoSuiteNames(void (*func)(const rtc::CryptoOptions&,
|
| + std::vector<int>*),
|
| + const rtc::CryptoOptions& crypto_options,
|
| std::vector<std::string>* names) {
|
| #ifdef HAVE_SRTP
|
| std::vector<int> crypto_suites;
|
| - func(&crypto_suites);
|
| + func(crypto_options, &crypto_suites);
|
| for (const auto crypto : crypto_suites) {
|
| names->push_back(rtc::SrtpCryptoSuiteToName(crypto));
|
| }
|
| @@ -98,10 +100,19 @@ static bool IsMediaContentOfType(const ContentInfo* content,
|
|
|
| static bool CreateCryptoParams(int tag, const std::string& cipher,
|
| CryptoParams *out) {
|
| + int key_len;
|
| + int salt_len;
|
| + if (!rtc::GetSrtpKeyAndSaltLengths(
|
| + rtc::SrtpCryptoSuiteFromName(cipher), &key_len, &salt_len)) {
|
| + return false;
|
| + }
|
| +
|
| + int master_key_base64_len = (key_len + salt_len) * 4 / 3;
|
| +
|
| std::string key;
|
| - key.reserve(SRTP_MASTER_KEY_BASE64_LEN);
|
| + key.reserve(master_key_base64_len);
|
|
|
| - if (!rtc::CreateRandomString(SRTP_MASTER_KEY_BASE64_LEN, &key)) {
|
| + if (!rtc::CreateRandomString(master_key_base64_len, &key)) {
|
| return false;
|
| }
|
| out->tag = tag;
|
| @@ -162,63 +173,80 @@ bool FindMatchingCrypto(const CryptoParamsVec& cryptos,
|
| return false;
|
| }
|
|
|
| -// For audio, HMAC 32 is prefered because of the low overhead.
|
| -void GetSupportedAudioCryptoSuites(std::vector<int>* crypto_suites) {
|
| +// For audio, HMAC 32 is prefered over HMAC 80 because of the low overhead.
|
| +void GetSupportedAudioCryptoSuites(const rtc::CryptoOptions& crypto_options,
|
| + std::vector<int>* crypto_suites) {
|
| #ifdef HAVE_SRTP
|
| + if (crypto_options.enable_gcm_crypto_suites) {
|
| + crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM);
|
| + crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM);
|
| + }
|
| crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_32);
|
| crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80);
|
| #endif
|
| }
|
|
|
| -void GetSupportedAudioCryptoSuiteNames(
|
| +void GetSupportedAudioCryptoSuiteNames(const rtc::CryptoOptions& crypto_options,
|
| std::vector<std::string>* crypto_suite_names) {
|
| GetSupportedCryptoSuiteNames(GetSupportedAudioCryptoSuites,
|
| - crypto_suite_names);
|
| + crypto_options, crypto_suite_names);
|
| }
|
|
|
| -void GetSupportedVideoCryptoSuites(std::vector<int>* crypto_suites) {
|
| - GetDefaultSrtpCryptoSuites(crypto_suites);
|
| +void GetSupportedVideoCryptoSuites(const rtc::CryptoOptions& crypto_options,
|
| + std::vector<int>* crypto_suites) {
|
| + GetDefaultSrtpCryptoSuites(crypto_options, crypto_suites);
|
| }
|
|
|
| -void GetSupportedVideoCryptoSuiteNames(
|
| +void GetSupportedVideoCryptoSuiteNames(const rtc::CryptoOptions& crypto_options,
|
| std::vector<std::string>* crypto_suite_names) {
|
| GetSupportedCryptoSuiteNames(GetSupportedVideoCryptoSuites,
|
| - crypto_suite_names);
|
| + crypto_options, crypto_suite_names);
|
| }
|
|
|
| -void GetSupportedDataCryptoSuites(std::vector<int>* crypto_suites) {
|
| - GetDefaultSrtpCryptoSuites(crypto_suites);
|
| +void GetSupportedDataCryptoSuites(const rtc::CryptoOptions& crypto_options,
|
| + std::vector<int>* crypto_suites) {
|
| + GetDefaultSrtpCryptoSuites(crypto_options, crypto_suites);
|
| }
|
|
|
| -void GetSupportedDataCryptoSuiteNames(
|
| +void GetSupportedDataCryptoSuiteNames(const rtc::CryptoOptions& crypto_options,
|
| std::vector<std::string>* crypto_suite_names) {
|
| GetSupportedCryptoSuiteNames(GetSupportedDataCryptoSuites,
|
| - crypto_suite_names);
|
| + crypto_options, crypto_suite_names);
|
| }
|
|
|
| -void GetDefaultSrtpCryptoSuites(std::vector<int>* crypto_suites) {
|
| +void GetDefaultSrtpCryptoSuites(const rtc::CryptoOptions& crypto_options,
|
| + std::vector<int>* crypto_suites) {
|
| #ifdef HAVE_SRTP
|
| + if (crypto_options.enable_gcm_crypto_suites) {
|
| + crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM);
|
| + crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM);
|
| + }
|
| crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80);
|
| #endif
|
| }
|
|
|
| -void GetDefaultSrtpCryptoSuiteNames(
|
| +void GetDefaultSrtpCryptoSuiteNames(const rtc::CryptoOptions& crypto_options,
|
| std::vector<std::string>* crypto_suite_names) {
|
| - GetSupportedCryptoSuiteNames(GetDefaultSrtpCryptoSuites, crypto_suite_names);
|
| + GetSupportedCryptoSuiteNames(GetDefaultSrtpCryptoSuites,
|
| + crypto_options, crypto_suite_names);
|
| }
|
|
|
| -// For video support only 80-bit SHA1 HMAC. For audio 32-bit HMAC is
|
| -// tolerated unless bundle is enabled because it is low overhead. Pick the
|
| -// crypto in the list that is supported.
|
| +// Support any GCM cipher (if enabled through options). For video support only
|
| +// 80-bit SHA1 HMAC. For audio 32-bit HMAC is tolerated unless bundle is enabled
|
| +// because it is low overhead.
|
| +// Pick the crypto in the list that is supported.
|
| static bool SelectCrypto(const MediaContentDescription* offer,
|
| bool bundle,
|
| + const rtc::CryptoOptions& crypto_options,
|
| CryptoParams *crypto) {
|
| bool audio = offer->type() == MEDIA_TYPE_AUDIO;
|
| const CryptoParamsVec& cryptos = offer->cryptos();
|
|
|
| for (CryptoParamsVec::const_iterator i = cryptos.begin();
|
| i != cryptos.end(); ++i) {
|
| - if (rtc::CS_AES_CM_128_HMAC_SHA1_80 == i->cipher_suite ||
|
| + if ((crypto_options.enable_gcm_crypto_suites &&
|
| + rtc::IsGcmCryptoSuiteName(i->cipher_suite)) ||
|
| + rtc::CS_AES_CM_128_HMAC_SHA1_80 == i->cipher_suite ||
|
| (rtc::CS_AES_CM_128_HMAC_SHA1_32 == i->cipher_suite && audio &&
|
| !bundle)) {
|
| return CreateCryptoParams(i->tag, i->cipher_suite, crypto);
|
| @@ -1054,7 +1082,7 @@ static bool CreateMediaContentAnswer(
|
|
|
| if (sdes_policy != SEC_DISABLED) {
|
| CryptoParams crypto;
|
| - if (SelectCrypto(offer, bundle_enabled, &crypto)) {
|
| + if (SelectCrypto(offer, bundle_enabled, options.crypto_options, &crypto)) {
|
| if (current_cryptos) {
|
| FindMatchingCrypto(*current_cryptos, crypto, &crypto);
|
| }
|
| @@ -1570,7 +1598,7 @@ bool MediaSessionDescriptionFactory::AddAudioContentForOffer(
|
|
|
| scoped_ptr<AudioContentDescription> audio(new AudioContentDescription());
|
| std::vector<std::string> crypto_suites;
|
| - GetSupportedAudioCryptoSuiteNames(&crypto_suites);
|
| + GetSupportedAudioCryptoSuiteNames(options.crypto_options, &crypto_suites);
|
| if (!CreateMediaContentOffer(
|
| options,
|
| audio_codecs,
|
| @@ -1629,7 +1657,7 @@ bool MediaSessionDescriptionFactory::AddVideoContentForOffer(
|
|
|
| scoped_ptr<VideoContentDescription> video(new VideoContentDescription());
|
| std::vector<std::string> crypto_suites;
|
| - GetSupportedVideoCryptoSuiteNames(&crypto_suites);
|
| + GetSupportedVideoCryptoSuiteNames(options.crypto_options, &crypto_suites);
|
| if (!CreateMediaContentOffer(
|
| options,
|
| video_codecs,
|
| @@ -1704,7 +1732,7 @@ bool MediaSessionDescriptionFactory::AddDataContentForOffer(
|
| data->set_protocol(
|
| secure_transport ? kMediaProtocolDtlsSctp : kMediaProtocolSctp);
|
| } else {
|
| - GetSupportedDataCryptoSuiteNames(&crypto_suites);
|
| + GetSupportedDataCryptoSuiteNames(options.crypto_options, &crypto_suites);
|
| }
|
|
|
| if (!CreateMediaContentOffer(
|
|
|
Chromium Code Reviews
Issue 1528843005:
Add support for GCM cipher suites from RFC 7714. (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master