| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 11 | #include "webrtc/base/sslstreamadapter.h" |
| 12 | #include "webrtc/base/sslconfig.h" |
| 13 | |
| torbjorng | 172f009 | 2015-10-07 04:57:55 -0700 | [diff] [blame] | 14 | #if SSL_USE_OPENSSL |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 15 | |
| 16 | #include "webrtc/base/opensslstreamadapter.h" |
| 17 | |
| torbjorng | 172f009 | 2015-10-07 04:57:55 -0700 | [diff] [blame] | 18 | #endif // SSL_USE_OPENSSL |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 19 | |
| 20 | /////////////////////////////////////////////////////////////////////////////// |
| 21 | |
| 22 | namespace rtc { |
| 23 | |
| Guo-wei Shieh | 456696a | 2015-09-30 21:48:54 -0700 | [diff] [blame] | 24 | // TODO(guoweis): Move this to SDP layer and use int form internally. |
| 25 | // webrtc:5043. |
| 26 | const char CS_AES_CM_128_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80"; |
| 27 | const char CS_AES_CM_128_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32"; |
| jbauch | cb56065 | 2016-08-04 05:20:32 -0700 | [diff] [blame] | 28 | const char CS_AEAD_AES_128_GCM[] = "AEAD_AES_128_GCM"; |
| 29 | const char CS_AEAD_AES_256_GCM[] = "AEAD_AES_256_GCM"; |
| Guo-wei Shieh | 456696a | 2015-09-30 21:48:54 -0700 | [diff] [blame] | 30 | |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 31 | std::string SrtpCryptoSuiteToName(int crypto_suite) { |
| jbauch | cb56065 | 2016-08-04 05:20:32 -0700 | [diff] [blame] | 32 | switch (crypto_suite) { |
| 33 | case SRTP_AES128_CM_SHA1_32: |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 34 | return CS_AES_CM_128_HMAC_SHA1_32; |
| jbauch | cb56065 | 2016-08-04 05:20:32 -0700 | [diff] [blame] | 35 | case SRTP_AES128_CM_SHA1_80: |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 36 | return CS_AES_CM_128_HMAC_SHA1_80; |
| jbauch | cb56065 | 2016-08-04 05:20:32 -0700 | [diff] [blame] | 37 | case SRTP_AEAD_AES_128_GCM: |
| 38 | return CS_AEAD_AES_128_GCM; |
| 39 | case SRTP_AEAD_AES_256_GCM: |
| 40 | return CS_AEAD_AES_256_GCM; |
| 41 | default: |
| 42 | return std::string(); |
| 43 | } |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 44 | } |
| 45 | |
| 46 | int SrtpCryptoSuiteFromName(const std::string& crypto_suite) { |
| 47 | if (crypto_suite == CS_AES_CM_128_HMAC_SHA1_32) |
| Guo-wei Shieh | 456696a | 2015-09-30 21:48:54 -0700 | [diff] [blame] | 48 | return SRTP_AES128_CM_SHA1_32; |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 49 | if (crypto_suite == CS_AES_CM_128_HMAC_SHA1_80) |
| Guo-wei Shieh | 456696a | 2015-09-30 21:48:54 -0700 | [diff] [blame] | 50 | return SRTP_AES128_CM_SHA1_80; |
| jbauch | cb56065 | 2016-08-04 05:20:32 -0700 | [diff] [blame] | 51 | if (crypto_suite == CS_AEAD_AES_128_GCM) |
| 52 | return SRTP_AEAD_AES_128_GCM; |
| 53 | if (crypto_suite == CS_AEAD_AES_256_GCM) |
| 54 | return SRTP_AEAD_AES_256_GCM; |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 55 | return SRTP_INVALID_CRYPTO_SUITE; |
| Guo-wei Shieh | 456696a | 2015-09-30 21:48:54 -0700 | [diff] [blame] | 56 | } |
| 57 | |
| jbauch | cb56065 | 2016-08-04 05:20:32 -0700 | [diff] [blame] | 58 | bool GetSrtpKeyAndSaltLengths(int crypto_suite, int *key_length, |
| 59 | int *salt_length) { |
| 60 | switch (crypto_suite) { |
| 61 | case SRTP_AES128_CM_SHA1_32: |
| 62 | case SRTP_AES128_CM_SHA1_80: |
| 63 | // SRTP_AES128_CM_HMAC_SHA1_32 and SRTP_AES128_CM_HMAC_SHA1_80 are defined |
| 64 | // in RFC 5764 to use a 128 bits key and 112 bits salt for the cipher. |
| 65 | *key_length = 16; |
| 66 | *salt_length = 14; |
| 67 | break; |
| 68 | case SRTP_AEAD_AES_128_GCM: |
| 69 | // SRTP_AEAD_AES_128_GCM is defined in RFC 7714 to use a 128 bits key and |
| 70 | // a 96 bits salt for the cipher. |
| 71 | *key_length = 16; |
| 72 | *salt_length = 12; |
| 73 | break; |
| 74 | case SRTP_AEAD_AES_256_GCM: |
| 75 | // SRTP_AEAD_AES_256_GCM is defined in RFC 7714 to use a 256 bits key and |
| 76 | // a 96 bits salt for the cipher. |
| 77 | *key_length = 32; |
| 78 | *salt_length = 12; |
| 79 | break; |
| 80 | default: |
| 81 | return false; |
| 82 | } |
| 83 | return true; |
| 84 | } |
| 85 | |
| 86 | bool IsGcmCryptoSuite(int crypto_suite) { |
| 87 | return (crypto_suite == SRTP_AEAD_AES_256_GCM || |
| 88 | crypto_suite == SRTP_AEAD_AES_128_GCM); |
| 89 | } |
| 90 | |
| 91 | bool IsGcmCryptoSuiteName(const std::string& crypto_suite) { |
| 92 | return (crypto_suite == CS_AEAD_AES_256_GCM || |
| 93 | crypto_suite == CS_AEAD_AES_128_GCM); |
| 94 | } |
| 95 | |
| 96 | // static |
| 97 | CryptoOptions CryptoOptions::NoGcm() { |
| 98 | CryptoOptions options; |
| 99 | options.enable_gcm_crypto_suites = false; |
| 100 | return options; |
| 101 | } |
| 102 | |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 103 | SSLStreamAdapter* SSLStreamAdapter::Create(StreamInterface* stream) { |
| torbjorng | 172f009 | 2015-10-07 04:57:55 -0700 | [diff] [blame] | 104 | #if SSL_USE_OPENSSL |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 105 | return new OpenSSLStreamAdapter(stream); |
| torbjorng | 172f009 | 2015-10-07 04:57:55 -0700 | [diff] [blame] | 106 | #else // !SSL_USE_OPENSSL |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 107 | return NULL; |
| torbjorng | 172f009 | 2015-10-07 04:57:55 -0700 | [diff] [blame] | 108 | #endif // SSL_USE_OPENSSL |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 109 | } |
| 110 | |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 111 | bool SSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) { |
| kwiberg@webrtc.org | 67186fe | 2015-03-09 22:21:53 +0000 | [diff] [blame] | 112 | return false; |
| 113 | } |
| 114 | |
| 115 | bool SSLStreamAdapter::ExportKeyingMaterial(const std::string& label, |
| Peter Boström | 0c4e06b | 2015-10-07 12:23:21 +0200 | [diff] [blame] | 116 | const uint8_t* context, |
| kwiberg@webrtc.org | 67186fe | 2015-03-09 22:21:53 +0000 | [diff] [blame] | 117 | size_t context_len, |
| 118 | bool use_context, |
| Peter Boström | 0c4e06b | 2015-10-07 12:23:21 +0200 | [diff] [blame] | 119 | uint8_t* result, |
| kwiberg@webrtc.org | 67186fe | 2015-03-09 22:21:53 +0000 | [diff] [blame] | 120 | size_t result_len) { |
| 121 | return false; // Default is unsupported |
| 122 | } |
| 123 | |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 124 | bool SSLStreamAdapter::SetDtlsSrtpCryptoSuites( |
| 125 | const std::vector<int>& crypto_suites) { |
| kwiberg@webrtc.org | 67186fe | 2015-03-09 22:21:53 +0000 | [diff] [blame] | 126 | return false; |
| 127 | } |
| 128 | |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 129 | bool SSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { |
| kwiberg@webrtc.org | 67186fe | 2015-03-09 22:21:53 +0000 | [diff] [blame] | 130 | return false; |
| 131 | } |
| 132 | |
| torbjorng | 172f009 | 2015-10-07 04:57:55 -0700 | [diff] [blame] | 133 | #if SSL_USE_OPENSSL |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 134 | bool SSLStreamAdapter::HaveDtls() { |
| 135 | return OpenSSLStreamAdapter::HaveDtls(); |
| 136 | } |
| 137 | bool SSLStreamAdapter::HaveDtlsSrtp() { |
| 138 | return OpenSSLStreamAdapter::HaveDtlsSrtp(); |
| 139 | } |
| 140 | bool SSLStreamAdapter::HaveExporter() { |
| 141 | return OpenSSLStreamAdapter::HaveExporter(); |
| 142 | } |
| Taylor Brandstetter | 4f0dfbd | 2016-06-15 17:15:23 -0700 | [diff] [blame] | 143 | bool SSLStreamAdapter::IsBoringSsl() { |
| 144 | return OpenSSLStreamAdapter::IsBoringSsl(); |
| 145 | } |
| torbjorng | 43166b8 | 2016-03-11 00:06:47 -0800 | [diff] [blame] | 146 | bool SSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) { |
| 147 | return OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type); |
| Guo-wei Shieh | 456696a | 2015-09-30 21:48:54 -0700 | [diff] [blame] | 148 | } |
| torbjorng | 43166b8 | 2016-03-11 00:06:47 -0800 | [diff] [blame] | 149 | bool SSLStreamAdapter::IsAcceptableCipher(const std::string& cipher, |
| 150 | KeyType key_type) { |
| 151 | return OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type); |
| 152 | } |
| Guo-wei Shieh | 521ed7b | 2015-11-18 19:41:53 -0800 | [diff] [blame] | 153 | std::string SSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) { |
| 154 | return OpenSSLStreamAdapter::SslCipherSuiteToName(cipher_suite); |
| pthatcher@webrtc.org | 3ee4fe5 | 2015-02-11 22:34:36 +0000 | [diff] [blame] | 155 | } |
| torbjorng | 172f009 | 2015-10-07 04:57:55 -0700 | [diff] [blame] | 156 | #endif // SSL_USE_OPENSSL |
| henrike@webrtc.org | f048872 | 2014-05-13 18:00:26 +0000 | [diff] [blame] | 157 | |
| 158 | /////////////////////////////////////////////////////////////////////////////// |
| 159 | |
| 160 | } // namespace rtc |