| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2018 The WebRTC Project Authors. All rights reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | |
| Steve Anton | 10542f2 | 2019-01-11 09:11:00 -0800 | [diff] [blame] | 11 | #include "api/crypto/crypto_options.h" |
| Jonas Olsson | a4d8737 | 2019-07-05 19:08:33 +0200 | [diff] [blame^] | 12 | |
| Steve Anton | 10542f2 | 2019-01-11 09:11:00 -0800 | [diff] [blame] | 13 | #include "rtc_base/ssl_stream_adapter.h" |
| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 14 | |
| 15 | namespace webrtc { |
| 16 | |
| 17 | CryptoOptions::CryptoOptions() {} |
| 18 | |
| 19 | CryptoOptions::CryptoOptions(const CryptoOptions& other) { |
| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 20 | srtp = other.srtp; |
| Benjamin Wright | bfb444c | 2018-10-15 10:20:24 -0700 | [diff] [blame] | 21 | sframe = other.sframe; |
| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 22 | } |
| 23 | |
| 24 | CryptoOptions::~CryptoOptions() {} |
| 25 | |
| 26 | // static |
| 27 | CryptoOptions CryptoOptions::NoGcm() { |
| 28 | CryptoOptions options; |
| 29 | options.srtp.enable_gcm_crypto_suites = false; |
| 30 | return options; |
| 31 | } |
| 32 | |
| 33 | std::vector<int> CryptoOptions::GetSupportedDtlsSrtpCryptoSuites() const { |
| 34 | std::vector<int> crypto_suites; |
| 35 | if (srtp.enable_gcm_crypto_suites) { |
| 36 | crypto_suites.push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 37 | crypto_suites.push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 38 | } |
| 39 | // Note: SRTP_AES128_CM_SHA1_80 is what is required to be supported (by |
| 40 | // draft-ietf-rtcweb-security-arch), but SRTP_AES128_CM_SHA1_32 is allowed as |
| 41 | // well, and saves a few bytes per packet if it ends up selected. |
| 42 | // As the cipher suite is potentially insecure, it will only be used if |
| 43 | // enabled by both peers. |
| 44 | if (srtp.enable_aes128_sha1_32_crypto_cipher) { |
| 45 | crypto_suites.push_back(rtc::SRTP_AES128_CM_SHA1_32); |
| 46 | } |
| 47 | crypto_suites.push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 48 | return crypto_suites; |
| 49 | } |
| 50 | |
| Benjamin Wright | bfb444c | 2018-10-15 10:20:24 -0700 | [diff] [blame] | 51 | bool CryptoOptions::operator==(const CryptoOptions& other) const { |
| 52 | struct data_being_tested_for_equality { |
| 53 | struct Srtp { |
| 54 | bool enable_gcm_crypto_suites; |
| 55 | bool enable_aes128_sha1_32_crypto_cipher; |
| 56 | bool enable_encrypted_rtp_header_extensions; |
| 57 | } srtp; |
| 58 | struct SFrame { |
| 59 | bool require_frame_encryption; |
| 60 | } sframe; |
| 61 | }; |
| 62 | static_assert(sizeof(data_being_tested_for_equality) == sizeof(*this), |
| 63 | "Did you add something to CryptoOptions and forget to " |
| 64 | "update operator==?"); |
| 65 | |
| 66 | return srtp.enable_gcm_crypto_suites == other.srtp.enable_gcm_crypto_suites && |
| 67 | srtp.enable_aes128_sha1_32_crypto_cipher == |
| 68 | other.srtp.enable_aes128_sha1_32_crypto_cipher && |
| 69 | srtp.enable_encrypted_rtp_header_extensions == |
| 70 | other.srtp.enable_encrypted_rtp_header_extensions && |
| 71 | sframe.require_frame_encryption == |
| 72 | other.sframe.require_frame_encryption; |
| 73 | } |
| 74 | |
| 75 | bool CryptoOptions::operator!=(const CryptoOptions& other) const { |
| 76 | return !(*this == other); |
| 77 | } |
| 78 | |
| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame] | 79 | } // namespace webrtc |