| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. | 2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 #include "webrtc/common_video/h264/profile_level_id.h" | 28 #include "webrtc/common_video/h264/profile_level_id.h" |
| 29 #include "webrtc/media/base/cryptoparams.h" | 29 #include "webrtc/media/base/cryptoparams.h" |
| 30 #include "webrtc/media/base/mediaconstants.h" | 30 #include "webrtc/media/base/mediaconstants.h" |
| 31 #include "webrtc/p2p/base/p2pconstants.h" | 31 #include "webrtc/p2p/base/p2pconstants.h" |
| 32 #include "webrtc/pc/channelmanager.h" | 32 #include "webrtc/pc/channelmanager.h" |
| 33 #include "webrtc/pc/srtpfilter.h" | 33 #include "webrtc/pc/srtpfilter.h" |
| 34 | 34 |
| 35 namespace { | 35 namespace { |
| 36 const char kInline[] = "inline:"; | 36 const char kInline[] = "inline:"; |
| 37 | 37 |
| 38 void GetSupportedCryptoSuiteNames(void (*func)(const rtc::CryptoOptions&, | 38 void GetSupportedSdesCryptoSuiteNames(void (*func)(const rtc::CryptoOptions&, |
| 39 std::vector<int>*), | 39 std::vector<int>*), |
| 40 const rtc::CryptoOptions& crypto_options, | 40 const rtc::CryptoOptions& crypto_options, |
| 41 std::vector<std::string>* names) { | 41 std::vector<std::string>* names) { |
| 42 std::vector<int> crypto_suites; | 42 std::vector<int> crypto_suites; |
| 43 func(crypto_options, &crypto_suites); | 43 func(crypto_options, &crypto_suites); |
| 44 for (const auto crypto : crypto_suites) { | 44 for (const auto crypto : crypto_suites) { |
| 45 names->push_back(rtc::SrtpCryptoSuiteToName(crypto)); | 45 names->push_back(rtc::SrtpCryptoSuiteToName(crypto)); |
| 46 } | 46 } |
| 47 } | 47 } |
| 48 } // namespace | 48 } // namespace |
| 49 | 49 |
| 50 namespace cricket { | 50 namespace cricket { |
| 51 | 51 |
| (...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 172 it != cryptos.end(); ++it) { | 172 it != cryptos.end(); ++it) { |
| 173 if (crypto.Matches(*it)) { | 173 if (crypto.Matches(*it)) { |
| 174 *out = *it; | 174 *out = *it; |
| 175 return true; | 175 return true; |
| 176 } | 176 } |
| 177 } | 177 } |
| 178 return false; | 178 return false; |
| 179 } | 179 } |
| 180 | 180 |
| 181 // For audio, HMAC 32 is prefered over HMAC 80 because of the low overhead. | 181 // For audio, HMAC 32 is prefered over HMAC 80 because of the low overhead. |
| 182 void GetSupportedAudioCryptoSuites(const rtc::CryptoOptions& crypto_options, | 182 void GetSupportedAudioSdesCryptoSuites(const rtc::CryptoOptions& crypto_options, |
| 183 std::vector<int>* crypto_suites) { | 183 std::vector<int>* crypto_suites) { |
| 184 if (crypto_options.enable_gcm_crypto_suites) { | 184 if (crypto_options.enable_gcm_crypto_suites) { |
| 185 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); | 185 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 186 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); | 186 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 187 } | 187 } |
| 188 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_32); | 188 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_32); |
| 189 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); | 189 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 190 } | 190 } |
| 191 | 191 |
| 192 void GetSupportedAudioCryptoSuiteNames(const rtc::CryptoOptions& crypto_options, | 192 void GetSupportedAudioSdesCryptoSuiteNames( |
| 193 const rtc::CryptoOptions& crypto_options, |
| 193 std::vector<std::string>* crypto_suite_names) { | 194 std::vector<std::string>* crypto_suite_names) { |
| 194 GetSupportedCryptoSuiteNames(GetSupportedAudioCryptoSuites, | 195 GetSupportedSdesCryptoSuiteNames(GetSupportedAudioSdesCryptoSuites, |
| 195 crypto_options, crypto_suite_names); | 196 crypto_options, crypto_suite_names); |
| 196 } | 197 } |
| 197 | 198 |
| 198 void GetSupportedVideoCryptoSuites(const rtc::CryptoOptions& crypto_options, | 199 void GetSupportedVideoSdesCryptoSuites(const rtc::CryptoOptions& crypto_options, |
| 199 std::vector<int>* crypto_suites) { | 200 std::vector<int>* crypto_suites) { |
| 200 GetDefaultSrtpCryptoSuites(crypto_options, crypto_suites); | |
| 201 } | |
| 202 | |
| 203 void GetSupportedVideoCryptoSuiteNames(const rtc::CryptoOptions& crypto_options, | |
| 204 std::vector<std::string>* crypto_suite_names) { | |
| 205 GetSupportedCryptoSuiteNames(GetSupportedVideoCryptoSuites, | |
| 206 crypto_options, crypto_suite_names); | |
| 207 } | |
| 208 | |
| 209 void GetSupportedDataCryptoSuites(const rtc::CryptoOptions& crypto_options, | |
| 210 std::vector<int>* crypto_suites) { | |
| 211 GetDefaultSrtpCryptoSuites(crypto_options, crypto_suites); | |
| 212 } | |
| 213 | |
| 214 void GetSupportedDataCryptoSuiteNames(const rtc::CryptoOptions& crypto_options, | |
| 215 std::vector<std::string>* crypto_suite_names) { | |
| 216 GetSupportedCryptoSuiteNames(GetSupportedDataCryptoSuites, | |
| 217 crypto_options, crypto_suite_names); | |
| 218 } | |
| 219 | |
| 220 void GetDefaultSrtpCryptoSuites(const rtc::CryptoOptions& crypto_options, | |
| 221 std::vector<int>* crypto_suites) { | |
| 222 if (crypto_options.enable_gcm_crypto_suites) { | 201 if (crypto_options.enable_gcm_crypto_suites) { |
| 223 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); | 202 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 224 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); | 203 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 204 } |
| 205 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 206 } |
| 207 |
| 208 void GetSupportedVideoSdesCryptoSuiteNames( |
| 209 const rtc::CryptoOptions& crypto_options, |
| 210 std::vector<std::string>* crypto_suite_names) { |
| 211 GetSupportedSdesCryptoSuiteNames(GetSupportedVideoSdesCryptoSuites, |
| 212 crypto_options, crypto_suite_names); |
| 213 } |
| 214 |
| 215 void GetSupportedDataSdesCryptoSuites(const rtc::CryptoOptions& crypto_options, |
| 216 std::vector<int>* crypto_suites) { |
| 217 if (crypto_options.enable_gcm_crypto_suites) { |
| 218 crypto_suites->push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 219 crypto_suites->push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 225 } | 220 } |
| 226 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); | 221 crypto_suites->push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 227 } | 222 } |
| 228 | 223 |
| 229 void GetDefaultSrtpCryptoSuiteNames(const rtc::CryptoOptions& crypto_options, | 224 void GetSupportedDataSdesCryptoSuiteNames( |
| 225 const rtc::CryptoOptions& crypto_options, |
| 230 std::vector<std::string>* crypto_suite_names) { | 226 std::vector<std::string>* crypto_suite_names) { |
| 231 GetSupportedCryptoSuiteNames(GetDefaultSrtpCryptoSuites, | 227 GetSupportedSdesCryptoSuiteNames(GetSupportedDataSdesCryptoSuites, |
| 232 crypto_options, crypto_suite_names); | 228 crypto_options, crypto_suite_names); |
| 233 } | 229 } |
| 234 | 230 |
| 235 // Support any GCM cipher (if enabled through options). For video support only | 231 // Support any GCM cipher (if enabled through options). For video support only |
| 236 // 80-bit SHA1 HMAC. For audio 32-bit HMAC is tolerated unless bundle is enabled | 232 // 80-bit SHA1 HMAC. For audio 32-bit HMAC is tolerated unless bundle is enabled |
| 237 // because it is low overhead. | 233 // because it is low overhead. |
| 238 // Pick the crypto in the list that is supported. | 234 // Pick the crypto in the list that is supported. |
| 239 static bool SelectCrypto(const MediaContentDescription* offer, | 235 static bool SelectCrypto(const MediaContentDescription* offer, |
| 240 bool bundle, | 236 bool bundle, |
| 241 const rtc::CryptoOptions& crypto_options, | 237 const rtc::CryptoOptions& crypto_options, |
| 242 CryptoParams *crypto) { | 238 CryptoParams *crypto) { |
| (...skipping 1428 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1671 GetFirstAudioContent(current_description); | 1667 GetFirstAudioContent(current_description); |
| 1672 std::string content_name = | 1668 std::string content_name = |
| 1673 current_audio_content ? current_audio_content->name : CN_AUDIO; | 1669 current_audio_content ? current_audio_content->name : CN_AUDIO; |
| 1674 | 1670 |
| 1675 cricket::SecurePolicy sdes_policy = | 1671 cricket::SecurePolicy sdes_policy = |
| 1676 IsDtlsActive(content_name, current_description) ? cricket::SEC_DISABLED | 1672 IsDtlsActive(content_name, current_description) ? cricket::SEC_DISABLED |
| 1677 : secure(); | 1673 : secure(); |
| 1678 | 1674 |
| 1679 std::unique_ptr<AudioContentDescription> audio(new AudioContentDescription()); | 1675 std::unique_ptr<AudioContentDescription> audio(new AudioContentDescription()); |
| 1680 std::vector<std::string> crypto_suites; | 1676 std::vector<std::string> crypto_suites; |
| 1681 GetSupportedAudioCryptoSuiteNames(options.crypto_options, &crypto_suites); | 1677 GetSupportedAudioSdesCryptoSuiteNames(options.crypto_options, &crypto_suites); |
| 1682 if (!CreateMediaContentOffer( | 1678 if (!CreateMediaContentOffer( |
| 1683 options, | 1679 options, |
| 1684 audio_codecs, | 1680 audio_codecs, |
| 1685 sdes_policy, | 1681 sdes_policy, |
| 1686 GetCryptos(GetFirstAudioContentDescription(current_description)), | 1682 GetCryptos(GetFirstAudioContentDescription(current_description)), |
| 1687 crypto_suites, | 1683 crypto_suites, |
| 1688 audio_rtp_extensions, | 1684 audio_rtp_extensions, |
| 1689 add_legacy_, | 1685 add_legacy_, |
| 1690 current_streams, | 1686 current_streams, |
| 1691 audio.get())) { | 1687 audio.get())) { |
| (...skipping 29 matching lines...) Expand all Loading... |
| 1721 GetFirstVideoContent(current_description); | 1717 GetFirstVideoContent(current_description); |
| 1722 std::string content_name = | 1718 std::string content_name = |
| 1723 current_video_content ? current_video_content->name : CN_VIDEO; | 1719 current_video_content ? current_video_content->name : CN_VIDEO; |
| 1724 | 1720 |
| 1725 cricket::SecurePolicy sdes_policy = | 1721 cricket::SecurePolicy sdes_policy = |
| 1726 IsDtlsActive(content_name, current_description) ? cricket::SEC_DISABLED | 1722 IsDtlsActive(content_name, current_description) ? cricket::SEC_DISABLED |
| 1727 : secure(); | 1723 : secure(); |
| 1728 | 1724 |
| 1729 std::unique_ptr<VideoContentDescription> video(new VideoContentDescription()); | 1725 std::unique_ptr<VideoContentDescription> video(new VideoContentDescription()); |
| 1730 std::vector<std::string> crypto_suites; | 1726 std::vector<std::string> crypto_suites; |
| 1731 GetSupportedVideoCryptoSuiteNames(options.crypto_options, &crypto_suites); | 1727 GetSupportedVideoSdesCryptoSuiteNames(options.crypto_options, &crypto_suites); |
| 1732 if (!CreateMediaContentOffer( | 1728 if (!CreateMediaContentOffer( |
| 1733 options, | 1729 options, |
| 1734 video_codecs, | 1730 video_codecs, |
| 1735 sdes_policy, | 1731 sdes_policy, |
| 1736 GetCryptos(GetFirstVideoContentDescription(current_description)), | 1732 GetCryptos(GetFirstVideoContentDescription(current_description)), |
| 1737 crypto_suites, | 1733 crypto_suites, |
| 1738 video_rtp_extensions, | 1734 video_rtp_extensions, |
| 1739 add_legacy_, | 1735 add_legacy_, |
| 1740 current_streams, | 1736 current_streams, |
| 1741 video.get())) { | 1737 video.get())) { |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1797 // SDES doesn't make sense for SCTP, so we disable it, and we only | 1793 // SDES doesn't make sense for SCTP, so we disable it, and we only |
| 1798 // get SDES crypto suites for RTP-based data channels. | 1794 // get SDES crypto suites for RTP-based data channels. |
| 1799 sdes_policy = cricket::SEC_DISABLED; | 1795 sdes_policy = cricket::SEC_DISABLED; |
| 1800 // Unlike SetMediaProtocol below, we need to set the protocol | 1796 // Unlike SetMediaProtocol below, we need to set the protocol |
| 1801 // before we call CreateMediaContentOffer. Otherwise, | 1797 // before we call CreateMediaContentOffer. Otherwise, |
| 1802 // CreateMediaContentOffer won't know this is SCTP and will | 1798 // CreateMediaContentOffer won't know this is SCTP and will |
| 1803 // generate SSRCs rather than SIDs. | 1799 // generate SSRCs rather than SIDs. |
| 1804 data->set_protocol( | 1800 data->set_protocol( |
| 1805 secure_transport ? kMediaProtocolDtlsSctp : kMediaProtocolSctp); | 1801 secure_transport ? kMediaProtocolDtlsSctp : kMediaProtocolSctp); |
| 1806 } else { | 1802 } else { |
| 1807 GetSupportedDataCryptoSuiteNames(options.crypto_options, &crypto_suites); | 1803 GetSupportedDataSdesCryptoSuiteNames(options.crypto_options, |
| 1804 &crypto_suites); |
| 1808 } | 1805 } |
| 1809 | 1806 |
| 1810 if (!CreateMediaContentOffer( | 1807 if (!CreateMediaContentOffer( |
| 1811 options, | 1808 options, |
| 1812 *data_codecs, | 1809 *data_codecs, |
| 1813 sdes_policy, | 1810 sdes_policy, |
| 1814 GetCryptos(GetFirstDataContentDescription(current_description)), | 1811 GetCryptos(GetFirstDataContentDescription(current_description)), |
| 1815 crypto_suites, | 1812 crypto_suites, |
| 1816 RtpHeaderExtensions(), | 1813 RtpHeaderExtensions(), |
| 1817 add_legacy_, | 1814 add_legacy_, |
| (...skipping 368 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2186 GetFirstMediaContentDescription(sdesc, MEDIA_TYPE_VIDEO)); | 2183 GetFirstMediaContentDescription(sdesc, MEDIA_TYPE_VIDEO)); |
| 2187 } | 2184 } |
| 2188 | 2185 |
| 2189 DataContentDescription* GetFirstDataContentDescription( | 2186 DataContentDescription* GetFirstDataContentDescription( |
| 2190 SessionDescription* sdesc) { | 2187 SessionDescription* sdesc) { |
| 2191 return static_cast<DataContentDescription*>( | 2188 return static_cast<DataContentDescription*>( |
| 2192 GetFirstMediaContentDescription(sdesc, MEDIA_TYPE_DATA)); | 2189 GetFirstMediaContentDescription(sdesc, MEDIA_TYPE_DATA)); |
| 2193 } | 2190 } |
| 2194 | 2191 |
| 2195 } // namespace cricket | 2192 } // namespace cricket |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2815513012:
Negotiate the same SRTP crypto suites for every DTLS association formed. (Closed)
