| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. | 2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 #include "webrtc/common_video/h264/profile_level_id.h" | 28 #include "webrtc/common_video/h264/profile_level_id.h" |
| 29 #include "webrtc/media/base/cryptoparams.h" | 29 #include "webrtc/media/base/cryptoparams.h" |
| 30 #include "webrtc/media/base/mediaconstants.h" | 30 #include "webrtc/media/base/mediaconstants.h" |
| 31 #include "webrtc/p2p/base/p2pconstants.h" | 31 #include "webrtc/p2p/base/p2pconstants.h" |
| 32 #include "webrtc/pc/channelmanager.h" | 32 #include "webrtc/pc/channelmanager.h" |
| 33 #include "webrtc/pc/srtpfilter.h" | 33 #include "webrtc/pc/srtpfilter.h" |
| 34 | 34 |
| 35 namespace { | 35 namespace { |
| 36 const char kInline[] = "inline:"; | 36 const char kInline[] = "inline:"; |
| 37 | 37 |
| 38 void GetSupportedCryptoSuiteNames(void (*func)(const rtc::CryptoOptions&, | 38 void GetSupportedSdesCryptoSuiteNames(void (*func)(const rtc::CryptoOptions&, |
| 39 std::vector<int>*), | 39 std::vector<int>*), |
| 40 const rtc::CryptoOptions& crypto_options, | 40 const rtc::CryptoOptions& crypto_options, |
| 41 std::vector<std::string>* names) { | 41 std::vector<std::string>* names) { |
| 42 std::vector<int> crypto_suites; | 42 std::vector<int> crypto_suites; |
| 43 func(crypto_options, &crypto_suites); | 43 func(crypto_options, &crypto_suites); |
| 44 for (const auto crypto : crypto_suites) { | 44 for (const auto crypto : crypto_suites) { |
| 45 names->push_back(rtc::SrtpCryptoSuiteToName(crypto)); | 45 names->push_back(rtc::SrtpCryptoSuiteToName(crypto)); |
| 46 } | 46 } |
| 47 } | 47 } |
| 48 } // namespace | 48 } // namespace |
| 49 | 49 |
| 50 namespace cricket { | 50 namespace cricket { |
| 51 | 51 |
| (...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 172 it != cryptos.end(); ++it) { | 172 it != cryptos.end(); ++it) { |
| 173 if (crypto.Matches(*it)) { | 173 if (crypto.Matches(*it)) { |
| 174 *out = *it; | 174 *out = *it; |
| 175 return true; | 175 return true; |
| 176 } | 176 } |
| 177 } | 177 } |
| 178 return false; | 178 return false; |
| 179 } | 179 } |
| 180 | 180 |
| 181 // For audio, HMAC 32 is prefered over HMAC 80 because of the low overhead. | 181 // For audio, HMAC 32 is prefered over HMAC 80 because of the low overhead. |
| 182 void GetSupportedAudioCryptoSuites(const rtc::CryptoOptions& crypto_options, | 182 void GetSupportedAudioSdesCryptoSuites(const rtc::CryptoOptions& crypto_options, |
| 183 std::vector<int>* crypto_suites) { | 183 std::vector<int>* crypto_suites) { |
| 184 if (crypto_options.enable_gcm_crypto_suites) { | 184 if (crypto_options.enable_gcm_crypto_suites) { |
| 185 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); | 185 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 186 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); | 186 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 187 } | 187 } |
| 188 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_32); | 188 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_32); |
| 189 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); | 189 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 190 } | 190 } |
| 191 | 191 |
| 192 void GetSupportedAudioCryptoSuiteNames(const rtc::CryptoOptions& crypto_options, | 192 void GetSupportedAudioSdesCryptoSuiteNames( |
| 193 const rtc::CryptoOptions& crypto_options, |
| 193 std::vector<std::string>* crypto_suite_names) { | 194 std::vector<std::string>* crypto_suite_names) { |
| 194 GetSupportedCryptoSuiteNames(GetSupportedAudioCryptoSuites, | 195 GetSupportedSdesCryptoSuiteNames(GetSupportedAudioSdesCryptoSuites, |
| 195 crypto_options, crypto_suite_names); | 196 crypto_options, crypto_suite_names); |
| 196 } | 197 } |
| 197 | 198 |
| 198 void GetSupportedVideoCryptoSuites(const rtc::CryptoOptions& crypto_options, | 199 void GetSupportedVideoSdesCryptoSuites(const rtc::CryptoOptions& crypto_options, |
| 199 std::vector<int>* crypto_suites) { | 200 std::vector<int>* crypto_suites) { |
| 200 GetDefaultSrtpCryptoSuites(crypto_options, crypto_suites); | |
| 201 } | |
| 202 | |
| 203 void GetSupportedVideoCryptoSuiteNames(const rtc::CryptoOptions& crypto_options, | |
| 204 std::vector<std::string>* crypto_suite_names) { | |
| 205 GetSupportedCryptoSuiteNames(GetSupportedVideoCryptoSuites, | |
| 206 crypto_options, crypto_suite_names); | |
| 207 } | |
| 208 | |
| 209 void GetSupportedDataCryptoSuites(const rtc::CryptoOptions& crypto_options, | |
| 210 std::vector<int>* crypto_suites) { | |
| 211 GetDefaultSrtpCryptoSuites(crypto_options, crypto_suites); | |
| 212 } | |
| 213 | |
| 214 void GetSupportedDataCryptoSuiteNames(const rtc::CryptoOptions& crypto_options, | |
| 215 std::vector<std::string>* crypto_suite_names) { | |
| 216 GetSupportedCryptoSuiteNames(GetSupportedDataCryptoSuites, | |
| 217 crypto_options, crypto_suite_names); | |
| 218 } | |
| 219 | |
| 220 void GetDefaultSrtpCryptoSuites(const rtc::CryptoOptions& crypto_options, | |
| 221 std::vector<int>* crypto_suites) { | |
| 222 if (crypto_options.enable_gcm_crypto_suites) { | 201 if (crypto_options.enable_gcm_crypto_suites) { |
| 223 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); | 202 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 224 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); | 203 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 204 } |
| 205 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 206 } |
| 207 |
| 208 void GetSupportedVideoSdesCryptoSuiteNames( |
| 209 const rtc::CryptoOptions& crypto_options, |
| 210 std::vector<std::string>* crypto_suite_names) { |
| 211 GetSupportedSdesCryptoSuiteNames(GetSupportedVideoSdesCryptoSuites, |
| 212 crypto_options, crypto_suite_names); |
| 213 } |
| 214 |
| 215 void GetSupportedDataSdesCryptoSuites(const rtc::CryptoOptions& crypto_options, |
| 216 std::vector<int>* crypto_suites) { |
| 217 if (crypto_options.enable_gcm_crypto_suites) { |
| 218 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 219 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 225 } | 220 } |
| 226 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); | 221 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 227 } | 222 } |
| 228 | 223 |
| 229 void GetDefaultSrtpCryptoSuiteNames(const rtc::CryptoOptions& crypto_options, | 224 void GetSupportedDataSdesCryptoSuiteNames( |
| 225 const rtc::CryptoOptions& crypto_options, |
| 230 std::vector<std::string>* crypto_suite_names) { | 226 std::vector<std::string>* crypto_suite_names) { |
| 231 GetSupportedCryptoSuiteNames(GetDefaultSrtpCryptoSuites, | 227 GetSupportedSdesCryptoSuiteNames(GetSupportedDataSdesCryptoSuites, |
| 232 crypto_options, crypto_suite_names); | 228 crypto_options, crypto_suite_names); |
| 233 } | 229 } |
| 234 | 230 |
| 235 // Support any GCM cipher (if enabled through options). For video support only | 231 // Support any GCM cipher (if enabled through options). For video support only |
| 236 // 80-bit SHA1 HMAC. For audio 32-bit HMAC is tolerated unless bundle is enabled | 232 // 80-bit SHA1 HMAC. For audio 32-bit HMAC is tolerated unless bundle is enabled |
| 237 // because it is low overhead. | 233 // because it is low overhead. |
| 238 // Pick the crypto in the list that is supported. | 234 // Pick the crypto in the list that is supported. |
| 239 static bool SelectCrypto(const MediaContentDescription* offer, | 235 static bool SelectCrypto(const MediaContentDescription* offer, |
| 240 bool bundle, | 236 bool bundle, |
| 241 const rtc::CryptoOptions& crypto_options, | 237 const rtc::CryptoOptions& crypto_options, |
| 242 CryptoParams *crypto) { | 238 CryptoParams *crypto) { |
| (...skipping 1425 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1668 GetFirstAudioContent(current_description); | 1664 GetFirstAudioContent(current_description); |
| 1669 std::string content_name = | 1665 std::string content_name = |
| 1670 current_audio_content ? current_audio_content->name : CN_AUDIO; | 1666 current_audio_content ? current_audio_content->name : CN_AUDIO; |
| 1671 | 1667 |
| 1672 cricket::SecurePolicy sdes_policy = | 1668 cricket::SecurePolicy sdes_policy = |
| 1673 IsDtlsActive(content_name, current_description) ? cricket::SEC_DISABLED | 1669 IsDtlsActive(content_name, current_description) ? cricket::SEC_DISABLED |
| 1674 : secure(); | 1670 : secure(); |
| 1675 | 1671 |
| 1676 std::unique_ptr<AudioContentDescription> audio(new AudioContentDescription()); | 1672 std::unique_ptr<AudioContentDescription> audio(new AudioContentDescription()); |
| 1677 std::vector<std::string> crypto_suites; | 1673 std::vector<std::string> crypto_suites; |
| 1678 GetSupportedAudioCryptoSuiteNames(options.crypto_options, &crypto_suites); | 1674 GetSupportedAudioSdesCryptoSuiteNames(options.crypto_options, &crypto_suites); |
| 1679 if (!CreateMediaContentOffer( | 1675 if (!CreateMediaContentOffer( |
| 1680 options, | 1676 options, |
| 1681 audio_codecs, | 1677 audio_codecs, |
| 1682 sdes_policy, | 1678 sdes_policy, |
| 1683 GetCryptos(GetFirstAudioContentDescription(current_description)), | 1679 GetCryptos(GetFirstAudioContentDescription(current_description)), |
| 1684 crypto_suites, | 1680 crypto_suites, |
| 1685 audio_rtp_extensions, | 1681 audio_rtp_extensions, |
| 1686 add_legacy_, | 1682 add_legacy_, |
| 1687 current_streams, | 1683 current_streams, |
| 1688 audio.get())) { | 1684 audio.get())) { |
| (...skipping 29 matching lines...) Expand all Loading... |
| 1718 GetFirstVideoContent(current_description); | 1714 GetFirstVideoContent(current_description); |
| 1719 std::string content_name = | 1715 std::string content_name = |
| 1720 current_video_content ? current_video_content->name : CN_VIDEO; | 1716 current_video_content ? current_video_content->name : CN_VIDEO; |
| 1721 | 1717 |
| 1722 cricket::SecurePolicy sdes_policy = | 1718 cricket::SecurePolicy sdes_policy = |
| 1723 IsDtlsActive(content_name, current_description) ? cricket::SEC_DISABLED | 1719 IsDtlsActive(content_name, current_description) ? cricket::SEC_DISABLED |
| 1724 : secure(); | 1720 : secure(); |
| 1725 | 1721 |
| 1726 std::unique_ptr<VideoContentDescription> video(new VideoContentDescription()); | 1722 std::unique_ptr<VideoContentDescription> video(new VideoContentDescription()); |
| 1727 std::vector<std::string> crypto_suites; | 1723 std::vector<std::string> crypto_suites; |
| 1728 GetSupportedVideoCryptoSuiteNames(options.crypto_options, &crypto_suites); | 1724 GetSupportedVideoSdesCryptoSuiteNames(options.crypto_options, &crypto_suites); |
| 1729 if (!CreateMediaContentOffer( | 1725 if (!CreateMediaContentOffer( |
| 1730 options, | 1726 options, |
| 1731 video_codecs, | 1727 video_codecs, |
| 1732 sdes_policy, | 1728 sdes_policy, |
| 1733 GetCryptos(GetFirstVideoContentDescription(current_description)), | 1729 GetCryptos(GetFirstVideoContentDescription(current_description)), |
| 1734 crypto_suites, | 1730 crypto_suites, |
| 1735 video_rtp_extensions, | 1731 video_rtp_extensions, |
| 1736 add_legacy_, | 1732 add_legacy_, |
| 1737 current_streams, | 1733 current_streams, |
| 1738 video.get())) { | 1734 video.get())) { |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1794 // SDES doesn't make sense for SCTP, so we disable it, and we only | 1790 // SDES doesn't make sense for SCTP, so we disable it, and we only |
| 1795 // get SDES crypto suites for RTP-based data channels. | 1791 // get SDES crypto suites for RTP-based data channels. |
| 1796 sdes_policy = cricket::SEC_DISABLED; | 1792 sdes_policy = cricket::SEC_DISABLED; |
| 1797 // Unlike SetMediaProtocol below, we need to set the protocol | 1793 // Unlike SetMediaProtocol below, we need to set the protocol |
| 1798 // before we call CreateMediaContentOffer. Otherwise, | 1794 // before we call CreateMediaContentOffer. Otherwise, |
| 1799 // CreateMediaContentOffer won't know this is SCTP and will | 1795 // CreateMediaContentOffer won't know this is SCTP and will |
| 1800 // generate SSRCs rather than SIDs. | 1796 // generate SSRCs rather than SIDs. |
| 1801 data->set_protocol( | 1797 data->set_protocol( |
| 1802 secure_transport ? kMediaProtocolDtlsSctp : kMediaProtocolSctp); | 1798 secure_transport ? kMediaProtocolDtlsSctp : kMediaProtocolSctp); |
| 1803 } else { | 1799 } else { |
| 1804 GetSupportedDataCryptoSuiteNames(options.crypto_options, &crypto_suites); | 1800 GetSupportedDataSdesCryptoSuiteNames(options.crypto_options, |
| 1801 &crypto_suites); |
| 1805 } | 1802 } |
| 1806 | 1803 |
| 1807 if (!CreateMediaContentOffer( | 1804 if (!CreateMediaContentOffer( |
| 1808 options, | 1805 options, |
| 1809 *data_codecs, | 1806 *data_codecs, |
| 1810 sdes_policy, | 1807 sdes_policy, |
| 1811 GetCryptos(GetFirstDataContentDescription(current_description)), | 1808 GetCryptos(GetFirstDataContentDescription(current_description)), |
| 1812 crypto_suites, | 1809 crypto_suites, |
| 1813 RtpHeaderExtensions(), | 1810 RtpHeaderExtensions(), |
| 1814 add_legacy_, | 1811 add_legacy_, |
| (...skipping 368 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2183 GetFirstMediaContentDescription(sdesc, MEDIA_TYPE_VIDEO)); | 2180 GetFirstMediaContentDescription(sdesc, MEDIA_TYPE_VIDEO)); |
| 2184 } | 2181 } |
| 2185 | 2182 |
| 2186 DataContentDescription* GetFirstDataContentDescription( | 2183 DataContentDescription* GetFirstDataContentDescription( |
| 2187 SessionDescription* sdesc) { | 2184 SessionDescription* sdesc) { |
| 2188 return static_cast<DataContentDescription*>( | 2185 return static_cast<DataContentDescription*>( |
| 2189 GetFirstMediaContentDescription(sdesc, MEDIA_TYPE_DATA)); | 2186 GetFirstMediaContentDescription(sdesc, MEDIA_TYPE_DATA)); |
| 2190 } | 2187 } |
| 2191 | 2188 |
| 2192 } // namespace cricket | 2189 } // namespace cricket |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2815513012:
Negotiate the same SRTP crypto suites for every DTLS association formed. (Closed)
