| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2018 The WebRTC Project Authors. All rights reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | |
| Steve Anton | 10542f2 | 2019-01-11 09:11:00 -0800 | [diff] [blame^] | 11 | #include "api/crypto/crypto_options.h" |
| 12 | #include "rtc_base/ssl_stream_adapter.h" |
| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 13 | |
| 14 | namespace webrtc { |
| 15 | |
| 16 | CryptoOptions::CryptoOptions() {} |
| 17 | |
| 18 | CryptoOptions::CryptoOptions(const CryptoOptions& other) { |
| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 19 | srtp = other.srtp; |
| Benjamin Wright | bfb444c | 2018-10-15 10:20:24 -0700 | [diff] [blame] | 20 | sframe = other.sframe; |
| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 21 | } |
| 22 | |
| 23 | CryptoOptions::~CryptoOptions() {} |
| 24 | |
| 25 | // static |
| 26 | CryptoOptions CryptoOptions::NoGcm() { |
| 27 | CryptoOptions options; |
| 28 | options.srtp.enable_gcm_crypto_suites = false; |
| 29 | return options; |
| 30 | } |
| 31 | |
| 32 | std::vector<int> CryptoOptions::GetSupportedDtlsSrtpCryptoSuites() const { |
| 33 | std::vector<int> crypto_suites; |
| 34 | if (srtp.enable_gcm_crypto_suites) { |
| 35 | crypto_suites.push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 36 | crypto_suites.push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 37 | } |
| 38 | // Note: SRTP_AES128_CM_SHA1_80 is what is required to be supported (by |
| 39 | // draft-ietf-rtcweb-security-arch), but SRTP_AES128_CM_SHA1_32 is allowed as |
| 40 | // well, and saves a few bytes per packet if it ends up selected. |
| 41 | // As the cipher suite is potentially insecure, it will only be used if |
| 42 | // enabled by both peers. |
| 43 | if (srtp.enable_aes128_sha1_32_crypto_cipher) { |
| 44 | crypto_suites.push_back(rtc::SRTP_AES128_CM_SHA1_32); |
| 45 | } |
| 46 | crypto_suites.push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 47 | return crypto_suites; |
| 48 | } |
| 49 | |
| Benjamin Wright | bfb444c | 2018-10-15 10:20:24 -0700 | [diff] [blame] | 50 | bool CryptoOptions::operator==(const CryptoOptions& other) const { |
| 51 | struct data_being_tested_for_equality { |
| 52 | struct Srtp { |
| 53 | bool enable_gcm_crypto_suites; |
| 54 | bool enable_aes128_sha1_32_crypto_cipher; |
| 55 | bool enable_encrypted_rtp_header_extensions; |
| 56 | } srtp; |
| 57 | struct SFrame { |
| 58 | bool require_frame_encryption; |
| 59 | } sframe; |
| 60 | }; |
| 61 | static_assert(sizeof(data_being_tested_for_equality) == sizeof(*this), |
| 62 | "Did you add something to CryptoOptions and forget to " |
| 63 | "update operator==?"); |
| 64 | |
| 65 | return srtp.enable_gcm_crypto_suites == other.srtp.enable_gcm_crypto_suites && |
| 66 | srtp.enable_aes128_sha1_32_crypto_cipher == |
| 67 | other.srtp.enable_aes128_sha1_32_crypto_cipher && |
| 68 | srtp.enable_encrypted_rtp_header_extensions == |
| 69 | other.srtp.enable_encrypted_rtp_header_extensions && |
| 70 | sframe.require_frame_encryption == |
| 71 | other.sframe.require_frame_encryption; |
| 72 | } |
| 73 | |
| 74 | bool CryptoOptions::operator!=(const CryptoOptions& other) const { |
| 75 | return !(*this == other); |
| 76 | } |
| 77 | |
| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 78 | } // namespace webrtc |