Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / 0cd0dd3b07261cb15e821622b351b5ce80f98ea6 / . / api / crypto / crypto_options.h
blob: 317995134aaa9e80acf3c1458c43bb889c946992 [file] [log] [blame]
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]1/*
2 * Copyright 2018 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Steve Anton10542f22019-01-11 09:11:00 -0800[diff] [blame]11#ifndef API_CRYPTO_CRYPTO_OPTIONS_H_
12#define API_CRYPTO_CRYPTO_OPTIONS_H_
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]13
14#include <vector>
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]15
Mirko Bonadei35214fc2019-09-23 14:54:28 +0200[diff] [blame]16#include "rtc_base/system/rtc_export.h"
17
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]18namespace webrtc {
19
20// CryptoOptions defines advanced cryptographic settings for native WebRTC.
21// These settings must be passed into PeerConnectionFactoryInterface::Options
22// and are only applicable to native use cases of WebRTC.
Mirko Bonadei35214fc2019-09-23 14:54:28 +0200[diff] [blame]23struct RTC_EXPORT CryptoOptions {
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]24 CryptoOptions();
25 CryptoOptions(const CryptoOptions& other);
26 ~CryptoOptions();
27
28 // Helper method to return an instance of the CryptoOptions with GCM crypto
29 // suites disabled. This method should be used instead of depending on current
30 // default values set by the constructor.
31 static CryptoOptions NoGcm();
32
33 // Returns a list of the supported DTLS-SRTP Crypto suites based on this set
34 // of crypto options.
35 std::vector<int> GetSupportedDtlsSrtpCryptoSuites() const;
36
Benjamin Wrightbfb444c2018-10-15 10:20:24 -0700[diff] [blame]37 bool operator==(const CryptoOptions& other) const;
38 bool operator!=(const CryptoOptions& other) const;
39
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]40 // SRTP Related Peer Connection options.
41 struct Srtp {
42 // Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used
43 // if both sides enable it.
44 bool enable_gcm_crypto_suites = false;
45
46 // If set to true, the (potentially insecure) crypto cipher
Mirko Bonadei7750d802021-07-26 17:27:42 +0200[diff] [blame]47 // kSrtpAes128CmSha1_32 will be included in the list of supported ciphers
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]48 // during negotiation. It will only be used if both peers support it and no
49 // other ciphers get preferred.
50 bool enable_aes128_sha1_32_crypto_cipher = false;
51
Philipp Hancke2ebbff82019-10-26 06:12:55 +0200[diff] [blame]52 // The most commonly used cipher. Can be disabled, mostly for testing
53 // purposes.
54 bool enable_aes128_sha1_80_crypto_cipher = true;
55
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]56 // If set to true, encrypted RTP header extensions as defined in RFC 6904
57 // will be negotiated. They will only be used if both peers support them.
58 bool enable_encrypted_rtp_header_extensions = false;
59 } srtp;
Benjamin Wrightbfb444c2018-10-15 10:20:24 -0700[diff] [blame]60
61 // Options to be used when the FrameEncryptor / FrameDecryptor APIs are used.
62 struct SFrame {
63 // If set all RtpSenders must have an FrameEncryptor attached to them before
64 // they are allowed to send packets. All RtpReceivers must have a
65 // FrameDecryptor attached to them before they are able to receive packets.
66 bool require_frame_encryption = false;
67 } sframe;
Benjamin Wrighta54daf12018-10-11 15:33:17 -0700[diff] [blame]68};
69
70} // namespace webrtc
71
Steve Anton10542f22019-01-11 09:11:00 -0800[diff] [blame]72#endif // API_CRYPTO_CRYPTO_OPTIONS_H_