Convert internal representation of Srtp cryptos from string to int.
Note that the coversion from int to string happens in 3 places
1) SDP layer from int to external names. mediasession.cc GetSupportedSuiteNames.
2) for SSL_CTX_set_tlsext_use_srtp(), converting from int to internal names.
3) stats collection also needs external names.
External names are like AES_CM_128_HMAC_SHA1_80, specified in sslstreamadapter.cc.
Internal names are like SRTP_AES128_CM_SHA1_80, specified in opensslstreamadapter.cc.
The conversion from string to int happens in one place only, SDP layer, SrtpFilter::ApplyParams().
BUG=webrtc:5043
Review URL: https://codereview.webrtc.org/1416673006
Cr-Commit-Position: refs/heads/master@{#10701}
diff --git a/webrtc/base/sslstreamadapter_unittest.cc b/webrtc/base/sslstreamadapter_unittest.cc
index a3e8d9c..0344bd0 100644
--- a/webrtc/base/sslstreamadapter_unittest.cc
+++ b/webrtc/base/sslstreamadapter_unittest.cc
@@ -29,8 +29,6 @@
using ::testing::tuple;
static const int kBlockSize = 4096;
-static const char kAES_CM_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80";
-static const char kAES_CM_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32";
static const char kExporterLabel[] = "label";
static const unsigned char kExporterContext[] = "context";
static int kExporterContextLen = sizeof(kExporterContext);
@@ -389,19 +387,18 @@
handshake_wait_ = wait;
}
- void SetDtlsSrtpCiphers(const std::vector<std::string> &ciphers,
- bool client) {
+ void SetDtlsSrtpCryptoSuites(const std::vector<int>& ciphers, bool client) {
if (client)
- client_ssl_->SetDtlsSrtpCiphers(ciphers);
+ client_ssl_->SetDtlsSrtpCryptoSuites(ciphers);
else
- server_ssl_->SetDtlsSrtpCiphers(ciphers);
+ server_ssl_->SetDtlsSrtpCryptoSuites(ciphers);
}
- bool GetDtlsSrtpCipher(bool client, std::string *retval) {
+ bool GetDtlsSrtpCryptoSuite(bool client, int* retval) {
if (client)
- return client_ssl_->GetDtlsSrtpCipher(retval);
+ return client_ssl_->GetDtlsSrtpCryptoSuite(retval);
else
- return server_ssl_->GetDtlsSrtpCipher(retval);
+ return server_ssl_->GetDtlsSrtpCryptoSuite(retval);
}
bool GetPeerCertificate(bool client, rtc::SSLCertificate** cert) {
@@ -809,74 +806,74 @@
// Test DTLS-SRTP with all high ciphers
TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) {
MAYBE_SKIP_TEST(HaveDtlsSrtp);
- std::vector<std::string> high;
- high.push_back(kAES_CM_HMAC_SHA1_80);
- SetDtlsSrtpCiphers(high, true);
- SetDtlsSrtpCiphers(high, false);
+ std::vector<int> high;
+ high.push_back(rtc::SRTP_AES128_CM_SHA1_80);
+ SetDtlsSrtpCryptoSuites(high, true);
+ SetDtlsSrtpCryptoSuites(high, false);
TestHandshake();
- std::string client_cipher;
- ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher));
- std::string server_cipher;
- ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher));
+ int client_cipher;
+ ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
+ int server_cipher;
+ ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80);
+ ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_80);
};
// Test DTLS-SRTP with all low ciphers
TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) {
MAYBE_SKIP_TEST(HaveDtlsSrtp);
- std::vector<std::string> low;
- low.push_back(kAES_CM_HMAC_SHA1_32);
- SetDtlsSrtpCiphers(low, true);
- SetDtlsSrtpCiphers(low, false);
+ std::vector<int> low;
+ low.push_back(rtc::SRTP_AES128_CM_SHA1_32);
+ SetDtlsSrtpCryptoSuites(low, true);
+ SetDtlsSrtpCryptoSuites(low, false);
TestHandshake();
- std::string client_cipher;
- ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher));
- std::string server_cipher;
- ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher));
+ int client_cipher;
+ ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
+ int server_cipher;
+ ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_32);
+ ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_32);
};
// Test DTLS-SRTP with a mismatch -- should not converge
TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) {
MAYBE_SKIP_TEST(HaveDtlsSrtp);
- std::vector<std::string> high;
- high.push_back(kAES_CM_HMAC_SHA1_80);
- std::vector<std::string> low;
- low.push_back(kAES_CM_HMAC_SHA1_32);
- SetDtlsSrtpCiphers(high, true);
- SetDtlsSrtpCiphers(low, false);
+ std::vector<int> high;
+ high.push_back(rtc::SRTP_AES128_CM_SHA1_80);
+ std::vector<int> low;
+ low.push_back(rtc::SRTP_AES128_CM_SHA1_32);
+ SetDtlsSrtpCryptoSuites(high, true);
+ SetDtlsSrtpCryptoSuites(low, false);
TestHandshake();
- std::string client_cipher;
- ASSERT_FALSE(GetDtlsSrtpCipher(true, &client_cipher));
- std::string server_cipher;
- ASSERT_FALSE(GetDtlsSrtpCipher(false, &server_cipher));
+ int client_cipher;
+ ASSERT_FALSE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
+ int server_cipher;
+ ASSERT_FALSE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
};
// Test DTLS-SRTP with each side being mixed -- should select high
TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) {
MAYBE_SKIP_TEST(HaveDtlsSrtp);
- std::vector<std::string> mixed;
- mixed.push_back(kAES_CM_HMAC_SHA1_80);
- mixed.push_back(kAES_CM_HMAC_SHA1_32);
- SetDtlsSrtpCiphers(mixed, true);
- SetDtlsSrtpCiphers(mixed, false);
+ std::vector<int> mixed;
+ mixed.push_back(rtc::SRTP_AES128_CM_SHA1_80);
+ mixed.push_back(rtc::SRTP_AES128_CM_SHA1_32);
+ SetDtlsSrtpCryptoSuites(mixed, true);
+ SetDtlsSrtpCryptoSuites(mixed, false);
TestHandshake();
- std::string client_cipher;
- ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher));
- std::string server_cipher;
- ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher));
+ int client_cipher;
+ ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
+ int server_cipher;
+ ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80);
+ ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_80);
};
// Test an exporter