| Benjamin Wright | a54daf1 | 2018-10-11 15:33:17 -0700 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2018 The WebRTC Project Authors. All rights reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | |
| 11 | #ifndef API_CRYPTO_CRYPTOOPTIONS_H_ |
| 12 | #define API_CRYPTO_CRYPTOOPTIONS_H_ |
| 13 | |
| 14 | #include <vector> |
| 15 | #include "absl/types/optional.h" |
| 16 | |
| 17 | namespace webrtc { |
| 18 | |
| 19 | // CryptoOptions defines advanced cryptographic settings for native WebRTC. |
| 20 | // These settings must be passed into PeerConnectionFactoryInterface::Options |
| 21 | // and are only applicable to native use cases of WebRTC. |
| 22 | struct CryptoOptions { |
| 23 | CryptoOptions(); |
| 24 | CryptoOptions(const CryptoOptions& other); |
| 25 | ~CryptoOptions(); |
| 26 | |
| 27 | // Helper method to return an instance of the CryptoOptions with GCM crypto |
| 28 | // suites disabled. This method should be used instead of depending on current |
| 29 | // default values set by the constructor. |
| 30 | static CryptoOptions NoGcm(); |
| 31 | |
| 32 | // Returns a list of the supported DTLS-SRTP Crypto suites based on this set |
| 33 | // of crypto options. |
| 34 | std::vector<int> GetSupportedDtlsSrtpCryptoSuites() const; |
| 35 | |
| 36 | // TODO(webrtc:9859) - Remove duplicates once chromium is fixed. |
| 37 | // Will be removed once srtp.enable_gcm_crypto_suites is updated in Chrome. |
| 38 | absl::optional<bool> enable_gcm_crypto_suites; |
| 39 | // TODO(webrtc:9859) - Remove duplicates once chromium is fixed. |
| 40 | // Will be removed once srtp.enable_encrypted_rtp_header_extensions is |
| 41 | // updated in Chrome. |
| 42 | absl::optional<bool> enable_encrypted_rtp_header_extensions; |
| 43 | // Will be removed once srtp.enable_encrypted_rtp_header_extensions is |
| 44 | // updated in Tacl. |
| 45 | absl::optional<bool> enable_aes128_sha1_32_crypto_cipher; |
| 46 | |
| 47 | // SRTP Related Peer Connection options. |
| 48 | struct Srtp { |
| 49 | // Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used |
| 50 | // if both sides enable it. |
| 51 | bool enable_gcm_crypto_suites = false; |
| 52 | |
| 53 | // If set to true, the (potentially insecure) crypto cipher |
| 54 | // SRTP_AES128_CM_SHA1_32 will be included in the list of supported ciphers |
| 55 | // during negotiation. It will only be used if both peers support it and no |
| 56 | // other ciphers get preferred. |
| 57 | bool enable_aes128_sha1_32_crypto_cipher = false; |
| 58 | |
| 59 | // If set to true, encrypted RTP header extensions as defined in RFC 6904 |
| 60 | // will be negotiated. They will only be used if both peers support them. |
| 61 | bool enable_encrypted_rtp_header_extensions = false; |
| 62 | } srtp; |
| 63 | }; |
| 64 | |
| 65 | } // namespace webrtc |
| 66 | |
| 67 | #endif // API_CRYPTO_CRYPTOOPTIONS_H_ |