Negotiate the same SRTP crypto suites for every DTLS association formed.

webrtc/p2p/base/fakedtlstransport.h

 /*
  *  Copyright 2017 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 68 matching lines @@
     if (dest == dest_) {
       return;
     }
     RTC_DCHECK(!dest || !dest_)
         << "Changing fake destination from one to another is not supported.";
     if (dest && !dest_) {
       // This simulates the DTLS handshake.
       dest_ = dest;
       if (local_cert_ && dest_->local_cert_) {
         do_dtls_ = true;
-        NegotiateSrtpCiphers();
       }
       SetWritable(true);
       if (!asymmetric) {
         dest->SetDestination(this, true);
       }
       ice_transport_->SetDestination(
           static_cast<FakeIceTransport*>(dest->ice_transport()), asymmetric);
     } else {
       // Simulates loss of connectivity, by asymmetrically forgetting dest_.
       dest_ = nullptr;
@@ skipping 25 matching lines @@
   }
   bool SetLocalCertificate(
       const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override {
     local_cert_ = certificate;
     return true;
   }
   void SetRemoteSSLCertificate(rtc::FakeSSLCertificate* cert) {
     remote_cert_ = cert;
   }
   bool IsDtlsActive() const override { return do_dtls_; }
-  bool SetSrtpCryptoSuites(const std::vector<int>& ciphers) override {
-    srtp_ciphers_ = ciphers;
-    return true;
-  }
   bool GetSrtpCryptoSuite(int* crypto_suite) override {
-    if (chosen_crypto_suite_ != rtc::SRTP_INVALID_CRYPTO_SUITE) {
-      *crypto_suite = chosen_crypto_suite_;
-      return true;
-    }
+    *crypto_suite = rtc::SRTP_AES128_CM_SHA1_80;
     return false;
   }
   bool GetSslCipherSuite(int* cipher_suite) override { return false; }
   rtc::scoped_refptr<rtc::RTCCertificate> GetLocalCertificate() const override {
     return local_cert_;
   }
   std::unique_ptr<rtc::SSLCertificate> GetRemoteSSLCertificate()
       const override {
     return remote_cert_ ? std::unique_ptr<rtc::SSLCertificate>(
                               remote_cert_->GetReference())
                         : nullptr;
   }
   bool ExportKeyingMaterial(const std::string& label,
                             const uint8_t* context,
                             size_t context_len,
                             bool use_context,
                             uint8_t* result,
                             size_t result_len) override {
-    if (chosen_crypto_suite_ != rtc::SRTP_INVALID_CRYPTO_SUITE) {
-      memset(result, 0xff, result_len);
-      return true;
+    if (!do_dtls_) {
+      return false;
     }
-
-    return false;
+    memset(result, 0xff, result_len);
+    return true;
   }
   void set_ssl_max_protocol_version(rtc::SSLProtocolVersion version) {
     ssl_max_version_ = version;
   }
   rtc::SSLProtocolVersion ssl_max_protocol_version() const {
     return ssl_max_version_;
   }
-  bool SetSrtpCiphers(const std::vector<std::string>& ciphers) override {
-    std::vector<int> crypto_suites;
-    for (const auto cipher : ciphers) {
-      crypto_suites.push_back(rtc::SrtpCryptoSuiteFromName(cipher));
-    }
-    return SetSrtpCryptoSuites(crypto_suites);
-  }
 
   IceTransportInternal* ice_transport() override { return ice_transport_; }
 
   // PacketTransportInternal implementation, which passes through to fake ICE
   // transport for sending actual packets.
   bool writable() const override { return writable_; }
   bool receiving() const override { return receiving_; }
   int SendPacket(const char* data,
                  size_t len,
                  const rtc::PacketOptions& options,
@@ skipping 14 matching lines @@
 
  private:
   void OnIceTransportReadPacket(PacketTransportInternal* ice_,
                                 const char* data,
                                 size_t len,
                                 const rtc::PacketTime& time,
                                 int flags) {
     SignalReadPacket(this, data, len, time, flags);
   }
 
-  void NegotiateSrtpCiphers() {
-    for (std::vector<int>::const_iterator it1 = srtp_ciphers_.begin();
-         it1 != srtp_ciphers_.end(); ++it1) {
-      for (std::vector<int>::const_iterator it2 = dest_->srtp_ciphers_.begin();
-           it2 != dest_->srtp_ciphers_.end(); ++it2) {
-        if (*it1 == *it2) {
-          chosen_crypto_suite_ = *it1;
-          return;
-        }
-      }
-    }
-  }
-
   void set_receiving(bool receiving) {
     if (receiving_ == receiving) {
       return;
     }
     receiving_ = receiving;
     SignalReceivingState(this);
   }
 
   void set_writable(bool writable) {
     if (writable_ == writable) {
       return;
     }
     writable_ = writable;
     if (writable_) {
       SignalReadyToSend(this);
     }
     SignalWritableState(this);
   }
 
   FakeIceTransport* ice_transport_;
   std::unique_ptr<FakeIceTransport> owned_ice_transport_;
   std::string transport_name_;
   int component_;
   FakeDtlsTransport* dest_ = nullptr;
   rtc::scoped_refptr<rtc::RTCCertificate> local_cert_;
   rtc::FakeSSLCertificate* remote_cert_ = nullptr;
   bool do_dtls_ = false;
-  std::vector<int> srtp_ciphers_;
-  int chosen_crypto_suite_ = rtc::SRTP_INVALID_CRYPTO_SUITE;
   rtc::SSLProtocolVersion ssl_max_version_ = rtc::SSL_PROTOCOL_DTLS_12;
   rtc::SSLFingerprint dtls_fingerprint_;
   rtc::SSLRole ssl_role_ = rtc::SSL_CLIENT;
 
   DtlsTransportState dtls_state_ = DTLS_TRANSPORT_NEW;
 
   bool receiving_ = false;
   bool writable_ = false;
 };
 
 }  // namespace cricket
 
 #endif  // WEBRTC_P2P_BASE_FAKEDTLSTRANSPORT_H_