From 55b89a8068d74000ba07e88369afa34a389536e0 Mon Sep 17 00:00:00 2001 From: Philipp Hancke Date: Tue, 1 Aug 2023 11:34:05 +0200 Subject: [PATCH] Rename cipher_suite to crypto_suite MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit and replace "cs" in the appropriate places. This is the terminology used by https://www.rfc-editor.org/rfc/rfc4568#section-10.3.2.1 and https://www.iana.org/assignments/sdp-security-descriptions/sdp-security-descriptions.xhtml BUG=None Change-Id: I45f2c52eb266c0f94bdd710a9b941142b9411827 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/314483 Commit-Queue: Philipp Hancke Reviewed-by: Harald Alvestrand Reviewed-by: Henrik Boström Cr-Commit-Position: refs/heads/main@{#40502} --- api/crypto_params.h | 6 +-- pc/jsep_transport.cc | 8 ++-- pc/media_session.cc | 20 ++++----- pc/media_session_unittest.cc | 10 ++--- pc/peer_connection_crypto_unittest.cc | 2 +- pc/srtp_filter.cc | 36 +++++++-------- pc/srtp_filter.h | 8 ++-- pc/srtp_filter_unittest.cc | 54 +++++++++++----------- pc/srtp_session.cc | 36 ++++++++------- pc/srtp_session.h | 18 ++++---- pc/srtp_transport.cc | 65 ++++++++++++++------------- pc/srtp_transport.h | 14 +++--- pc/webrtc_sdp.cc | 2 +- 13 files changed, 142 insertions(+), 137 deletions(-) diff --git a/api/crypto_params.h b/api/crypto_params.h index 95bd892f9c..34906ea0ef 100644 --- a/api/crypto_params.h +++ b/api/crypto_params.h @@ -26,14 +26,14 @@ struct CryptoParams { absl::string_view cs, absl::string_view kp, absl::string_view sp) - : tag(t), cipher_suite(cs), key_params(kp), session_params(sp) {} + : tag(t), crypto_suite(cs), key_params(kp), session_params(sp) {} bool Matches(const CryptoParams& params) const { - return (tag == params.tag && cipher_suite == params.cipher_suite); + return (tag == params.tag && crypto_suite == params.crypto_suite); } int tag; - std::string cipher_suite; + std::string crypto_suite; std::string key_params; std::string session_params; }; diff --git a/pc/jsep_transport.cc b/pc/jsep_transport.cc index ec186626b7..c7d41c8a4c 100644 --- a/pc/jsep_transport.cc +++ b/pc/jsep_transport.cc @@ -494,15 +494,15 @@ bool JsepTransport::SetSdes(const std::vector& cryptos, // If setting an SDES answer succeeded, apply the negotiated parameters // to the SRTP transport. if ((type == SdpType::kPrAnswer || type == SdpType::kAnswer) && ret) { - if (sdes_negotiator_.send_cipher_suite() && - sdes_negotiator_.recv_cipher_suite()) { + if (sdes_negotiator_.send_crypto_suite() && + sdes_negotiator_.recv_crypto_suite()) { RTC_DCHECK(send_extension_ids_); RTC_DCHECK(recv_extension_ids_); ret = sdes_transport_->SetRtpParams( - *(sdes_negotiator_.send_cipher_suite()), + *(sdes_negotiator_.send_crypto_suite()), sdes_negotiator_.send_key().data(), static_cast(sdes_negotiator_.send_key().size()), - *(send_extension_ids_), *(sdes_negotiator_.recv_cipher_suite()), + *(send_extension_ids_), *(sdes_negotiator_.recv_crypto_suite()), sdes_negotiator_.recv_key().data(), static_cast(sdes_negotiator_.recv_key().size()), *(recv_extension_ids_)); diff --git a/pc/media_session.cc b/pc/media_session.cc index b672a52951..a2ea39f890 100644 --- a/pc/media_session.cc +++ b/pc/media_session.cc @@ -198,18 +198,18 @@ static bool CreateCryptoParams(int tag, std::string key = rtc::Base64::Encode(master_key); crypto_out->tag = tag; - crypto_out->cipher_suite = cipher; + crypto_out->crypto_suite = cipher; crypto_out->key_params = kInline; crypto_out->key_params += key; return true; } -static bool AddCryptoParams(const std::string& cipher_suite, +static bool AddCryptoParams(const std::string& crypto_suite, CryptoParamsVec* cryptos_out) { int size = static_cast(cryptos_out->size()); cryptos_out->resize(size + 1); - return CreateCryptoParams(size, cipher_suite, &cryptos_out->at(size)); + return CreateCryptoParams(size, crypto_suite, &cryptos_out->at(size)); } void AddMediaCryptos(const CryptoParamsVec& cryptos, @@ -319,11 +319,11 @@ static bool SelectCrypto(const MediaContentDescription* offer, for (const CryptoParams& crypto : cryptos) { if ((crypto_options.srtp.enable_gcm_crypto_suites && - rtc::IsGcmCryptoSuiteName(crypto.cipher_suite)) || - rtc::kCsAesCm128HmacSha1_80 == crypto.cipher_suite || - (rtc::kCsAesCm128HmacSha1_32 == crypto.cipher_suite && audio && + rtc::IsGcmCryptoSuiteName(crypto.crypto_suite)) || + rtc::kCsAesCm128HmacSha1_80 == crypto.crypto_suite || + (rtc::kCsAesCm128HmacSha1_32 == crypto.crypto_suite && audio && !bundle && crypto_options.srtp.enable_aes128_sha1_32_crypto_cipher)) { - return CreateCryptoParams(crypto.tag, crypto.cipher_suite, crypto_out); + return CreateCryptoParams(crypto.tag, crypto.crypto_suite, crypto_out); } } return false; @@ -542,7 +542,7 @@ static bool GetCryptosByName(const SessionDescription* sdesc, return true; } -// Prunes the `target_cryptos` by removing the crypto params (cipher_suite) +// Prunes the `target_cryptos` by removing the crypto params (crypto_suite) // which are not available in `filter`. static void PruneCryptos(const CryptoParamsVec& filter, CryptoParamsVec* target_cryptos) { @@ -552,11 +552,11 @@ static void PruneCryptos(const CryptoParamsVec& filter, target_cryptos->erase( std::remove_if(target_cryptos->begin(), target_cryptos->end(), - // Returns true if the `crypto`'s cipher_suite is not + // Returns true if the `crypto`'s crypto_suite is not // found in `filter`. [&filter](const CryptoParams& crypto) { for (const CryptoParams& entry : filter) { - if (entry.cipher_suite == crypto.cipher_suite) + if (entry.crypto_suite == crypto.crypto_suite) return false; } return true; diff --git a/pc/media_session_unittest.cc b/pc/media_session_unittest.cc index 8a6c8f6019..a4979b86fe 100644 --- a/pc/media_session_unittest.cc +++ b/pc/media_session_unittest.cc @@ -50,7 +50,7 @@ #define ASSERT_CRYPTO(cd, s, cs) \ ASSERT_EQ(s, cd->cryptos().size()); \ - ASSERT_EQ(cs, cd->cryptos()[0].cipher_suite) + ASSERT_EQ(cs, cd->cryptos()[0].crypto_suite) typedef std::vector Candidates; @@ -423,8 +423,8 @@ void PreferGcmCryptoParameters(CryptoParamsVec* cryptos) { cryptos->erase( std::remove_if(cryptos->begin(), cryptos->end(), [](const cricket::CryptoParams& crypto) { - return crypto.cipher_suite != kCsAeadAes256Gcm && - crypto.cipher_suite != kCsAeadAes128Gcm; + return crypto.crypto_suite != kCsAeadAes256Gcm && + crypto.crypto_suite != kCsAeadAes128Gcm; }), cryptos->end()); } @@ -486,7 +486,7 @@ class MediaSessionDescriptionFactoryTest : public ::testing::Test { if (c1.size() != c2.size()) return false; for (size_t i = 0; i < c1.size(); ++i) - if (c1[i].tag != c2[i].tag || c1[i].cipher_suite != c2[i].cipher_suite || + if (c1[i].tag != c2[i].tag || c1[i].crypto_suite != c2[i].crypto_suite || c1[i].key_params != c2[i].key_params || c1[i].session_params != c2[i].session_params) return false; @@ -632,7 +632,7 @@ class MediaSessionDescriptionFactoryTest : public ::testing::Test { video_media_desc->cryptos())); EXPECT_EQ(1u, audio_media_desc->cryptos().size()); EXPECT_EQ(kDefaultSrtpCryptoSuite, - audio_media_desc->cryptos()[0].cipher_suite); + audio_media_desc->cryptos()[0].crypto_suite); // Verify the selected crypto is one from the reference audio // media content. diff --git a/pc/peer_connection_crypto_unittest.cc b/pc/peer_connection_crypto_unittest.cc index 1aedbf295f..dc350b2be0 100644 --- a/pc/peer_connection_crypto_unittest.cc +++ b/pc/peer_connection_crypto_unittest.cc @@ -199,7 +199,7 @@ SdpContentPredicate HaveSdesGcmCryptos(size_t num_crypto_suites) { } for (size_t i = 0; i < cryptos.size(); ++i) { if (cryptos[i].key_params.size() == 67U && - cryptos[i].cipher_suite == "AEAD_AES_256_GCM") + cryptos[i].crypto_suite == "AEAD_AES_256_GCM") return true; } return false; diff --git a/pc/srtp_filter.cc b/pc/srtp_filter.cc index 9d7f39a7a3..b8be63cd22 100644 --- a/pc/srtp_filter.cc +++ b/pc/srtp_filter.cc @@ -182,8 +182,8 @@ bool SrtpFilter::ResetParams() { offer_params_.clear(); applied_send_params_ = CryptoParams(); applied_recv_params_ = CryptoParams(); - send_cipher_suite_ = absl::nullopt; - recv_cipher_suite_ = absl::nullopt; + send_crypto_suite_ = absl::nullopt; + recv_crypto_suite_ = absl::nullopt; send_key_.Clear(); recv_key_.Clear(); state_ = ST_INIT; @@ -191,7 +191,7 @@ bool SrtpFilter::ResetParams() { } bool SrtpFilter::ApplySendParams(const CryptoParams& send_params) { - if (applied_send_params_.cipher_suite == send_params.cipher_suite && + if (applied_send_params_.crypto_suite == send_params.crypto_suite && applied_send_params_.key_params == send_params.key_params) { RTC_LOG(LS_INFO) << "Applying the same SRTP send parameters again. No-op."; @@ -199,20 +199,20 @@ bool SrtpFilter::ApplySendParams(const CryptoParams& send_params) { return true; } - send_cipher_suite_ = rtc::SrtpCryptoSuiteFromName(send_params.cipher_suite); - if (send_cipher_suite_ == rtc::kSrtpInvalidCryptoSuite) { + send_crypto_suite_ = rtc::SrtpCryptoSuiteFromName(send_params.crypto_suite); + if (send_crypto_suite_ == rtc::kSrtpInvalidCryptoSuite) { RTC_LOG(LS_WARNING) << "Unknown crypto suite(s) received:" - " send cipher_suite " - << send_params.cipher_suite; + " send crypto_suite " + << send_params.crypto_suite; return false; } int send_key_len, send_salt_len; - if (!rtc::GetSrtpKeyAndSaltLengths(*send_cipher_suite_, &send_key_len, + if (!rtc::GetSrtpKeyAndSaltLengths(*send_crypto_suite_, &send_key_len, &send_salt_len)) { RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):" - " send cipher_suite " - << send_params.cipher_suite; + " send crypto_suite " + << send_params.crypto_suite; return false; } @@ -222,7 +222,7 @@ bool SrtpFilter::ApplySendParams(const CryptoParams& send_params) { } bool SrtpFilter::ApplyRecvParams(const CryptoParams& recv_params) { - if (applied_recv_params_.cipher_suite == recv_params.cipher_suite && + if (applied_recv_params_.crypto_suite == recv_params.crypto_suite && applied_recv_params_.key_params == recv_params.key_params) { RTC_LOG(LS_INFO) << "Applying the same SRTP recv parameters again. No-op."; @@ -230,20 +230,20 @@ bool SrtpFilter::ApplyRecvParams(const CryptoParams& recv_params) { return true; } - recv_cipher_suite_ = rtc::SrtpCryptoSuiteFromName(recv_params.cipher_suite); - if (recv_cipher_suite_ == rtc::kSrtpInvalidCryptoSuite) { + recv_crypto_suite_ = rtc::SrtpCryptoSuiteFromName(recv_params.crypto_suite); + if (recv_crypto_suite_ == rtc::kSrtpInvalidCryptoSuite) { RTC_LOG(LS_WARNING) << "Unknown crypto suite(s) received:" - " recv cipher_suite " - << recv_params.cipher_suite; + " recv crypto_suite " + << recv_params.crypto_suite; return false; } int recv_key_len, recv_salt_len; - if (!rtc::GetSrtpKeyAndSaltLengths(*recv_cipher_suite_, &recv_key_len, + if (!rtc::GetSrtpKeyAndSaltLengths(*recv_crypto_suite_, &recv_key_len, &recv_salt_len)) { RTC_LOG(LS_ERROR) << "Could not get lengths for crypto suite(s):" - " recv cipher_suite " - << recv_params.cipher_suite; + " recv crypto_suite " + << recv_params.crypto_suite; return false; } diff --git a/pc/srtp_filter.h b/pc/srtp_filter.h index e2848a1090..59c43f624b 100644 --- a/pc/srtp_filter.h +++ b/pc/srtp_filter.h @@ -83,8 +83,8 @@ class SrtpFilter { uint8_t* key, size_t len); - absl::optional send_cipher_suite() { return send_cipher_suite_; } - absl::optional recv_cipher_suite() { return recv_cipher_suite_; } + absl::optional send_crypto_suite() { return send_crypto_suite_; } + absl::optional recv_crypto_suite() { return recv_crypto_suite_; } rtc::ArrayView send_key() { return send_key_; } rtc::ArrayView recv_key() { return recv_key_; } @@ -136,8 +136,8 @@ class SrtpFilter { std::vector offer_params_; CryptoParams applied_send_params_; CryptoParams applied_recv_params_; - absl::optional send_cipher_suite_; - absl::optional recv_cipher_suite_; + absl::optional send_crypto_suite_; + absl::optional recv_crypto_suite_; rtc::ZeroOnFreeBuffer send_key_; rtc::ZeroOnFreeBuffer recv_key_; }; diff --git a/pc/srtp_filter_unittest.cc b/pc/srtp_filter_unittest.cc index eadaad68af..fed023199f 100644 --- a/pc/srtp_filter_unittest.cc +++ b/pc/srtp_filter_unittest.cc @@ -91,8 +91,8 @@ class SrtpFilterTest : public ::testing::Test { } void VerifyCryptoParamsMatch(const std::string& cs1, const std::string& cs2) { - EXPECT_EQ(rtc::SrtpCryptoSuiteFromName(cs1), f1_.send_cipher_suite()); - EXPECT_EQ(rtc::SrtpCryptoSuiteFromName(cs2), f2_.send_cipher_suite()); + EXPECT_EQ(rtc::SrtpCryptoSuiteFromName(cs1), f1_.send_crypto_suite()); + EXPECT_EQ(rtc::SrtpCryptoSuiteFromName(cs2), f2_.send_crypto_suite()); VerifyKeysAreEqual(f1_.send_key(), f2_.recv_key()); VerifyKeysAreEqual(f2_.send_key(), f1_.recv_key()); } @@ -102,14 +102,14 @@ class SrtpFilterTest : public ::testing::Test { }; // Test that we can set up the session and keys properly. -TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuite) { +TEST_F(SrtpFilterTest, TestGoodSetupOneCryptoSuite) { EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); EXPECT_FALSE(f1_.IsActive()); EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); EXPECT_TRUE(f1_.IsActive()); } -TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuiteGcm) { +TEST_F(SrtpFilterTest, TestGoodSetupOneCryptoSuiteGcm) { EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParamsGcm1), CS_LOCAL)); EXPECT_FALSE(f1_.IsActive()); EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParamsGcm2), CS_REMOTE)); @@ -117,21 +117,21 @@ TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuiteGcm) { } // Test that we can set up things with multiple params. -TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuites) { +TEST_F(SrtpFilterTest, TestGoodSetupMultipleCryptoSuites) { std::vector offer(MakeVector(kTestCryptoParams1)); std::vector answer(MakeVector(kTestCryptoParams2)); offer.push_back(kTestCryptoParams1); offer[1].tag = 2; - offer[1].cipher_suite = kCsAesCm128HmacSha1_32; + offer[1].crypto_suite = kCsAesCm128HmacSha1_32; answer[0].tag = 2; - answer[0].cipher_suite = kCsAesCm128HmacSha1_32; + answer[0].crypto_suite = kCsAesCm128HmacSha1_32; EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); EXPECT_FALSE(f1_.IsActive()); EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); EXPECT_TRUE(f1_.IsActive()); } -TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuitesGcm) { +TEST_F(SrtpFilterTest, TestGoodSetupMultipleCryptoSuitesGcm) { std::vector offer(MakeVector(kTestCryptoParamsGcm1)); std::vector answer(MakeVector(kTestCryptoParamsGcm3)); offer.push_back(kTestCryptoParamsGcm4); @@ -144,7 +144,7 @@ TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuitesGcm) { } // Test that we handle the cases where crypto is not desired. -TEST_F(SrtpFilterTest, TestGoodSetupNoCipherSuites) { +TEST_F(SrtpFilterTest, TestGoodSetupNoCryptoSuites) { std::vector offer, answer; EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); @@ -152,7 +152,7 @@ TEST_F(SrtpFilterTest, TestGoodSetupNoCipherSuites) { } // Test that we handle the cases where crypto is not desired by the remote side. -TEST_F(SrtpFilterTest, TestGoodSetupNoAnswerCipherSuites) { +TEST_F(SrtpFilterTest, TestGoodSetupNoAnswerCryptoSuites) { std::vector answer; EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); @@ -212,7 +212,7 @@ TEST_F(SrtpFilterTest, TestBadSetupMultipleOffers) { } // Test that we fail if we have params in the answer when none were offered. -TEST_F(SrtpFilterTest, TestNoAnswerCipherSuites) { +TEST_F(SrtpFilterTest, TestNoAnswerCryptoSuites) { std::vector offer; EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); EXPECT_FALSE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); @@ -220,21 +220,21 @@ TEST_F(SrtpFilterTest, TestNoAnswerCipherSuites) { } // Test that we fail if we have too many params in our answer. -TEST_F(SrtpFilterTest, TestMultipleAnswerCipherSuites) { +TEST_F(SrtpFilterTest, TestMultipleAnswerCryptoSuites) { std::vector answer(MakeVector(kTestCryptoParams2)); answer.push_back(kTestCryptoParams2); answer[1].tag = 2; - answer[1].cipher_suite = kCsAesCm128HmacSha1_32; + answer[1].crypto_suite = kCsAesCm128HmacSha1_32; EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); EXPECT_FALSE(f1_.IsActive()); } -// Test that we fail if we don't support the cipher-suite. -TEST_F(SrtpFilterTest, TestInvalidCipherSuite) { +// Test that we fail if we don't support the crypto suite. +TEST_F(SrtpFilterTest, TestInvalidCryptoSuite) { std::vector offer(MakeVector(kTestCryptoParams1)); std::vector answer(MakeVector(kTestCryptoParams2)); - offer[0].cipher_suite = answer[0].cipher_suite = "FOO"; + offer[0].crypto_suite = answer[0].crypto_suite = "FOO"; EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); EXPECT_FALSE(f1_.IsActive()); @@ -250,12 +250,12 @@ TEST_F(SrtpFilterTest, TestNoMatchingTag) { EXPECT_FALSE(f1_.IsActive()); } -// Test that we fail if we can't agree on a cipher-suite. -TEST_F(SrtpFilterTest, TestNoMatchingCipherSuite) { +// Test that we fail if we can't agree on a crypto suite. +TEST_F(SrtpFilterTest, TestNoMatchingCryptoSuite) { std::vector offer(MakeVector(kTestCryptoParams1)); std::vector answer(MakeVector(kTestCryptoParams2)); answer[0].tag = 2; - answer[0].cipher_suite = "FOO"; + answer[0].crypto_suite = "FOO"; EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); EXPECT_FALSE(f1_.IsActive()); @@ -318,7 +318,7 @@ TEST_F(SrtpFilterTest, TestProtect_AES_CM_128_HMAC_SHA1_80) { std::vector answer(MakeVector(kTestCryptoParams2)); offer.push_back(kTestCryptoParams1); offer[1].tag = 2; - offer[1].cipher_suite = kCsAesCm128HmacSha1_32; + offer[1].crypto_suite = kCsAesCm128HmacSha1_32; TestSetParams(offer, answer); VerifyCryptoParamsMatch(kCsAesCm128HmacSha1_80, kCsAesCm128HmacSha1_80); } @@ -329,9 +329,9 @@ TEST_F(SrtpFilterTest, TestProtect_AES_CM_128_HMAC_SHA1_32) { std::vector answer(MakeVector(kTestCryptoParams2)); offer.push_back(kTestCryptoParams1); offer[1].tag = 2; - offer[1].cipher_suite = kCsAesCm128HmacSha1_32; + offer[1].crypto_suite = kCsAesCm128HmacSha1_32; answer[0].tag = 2; - answer[0].cipher_suite = kCsAesCm128HmacSha1_32; + answer[0].crypto_suite = kCsAesCm128HmacSha1_32; TestSetParams(offer, answer); VerifyCryptoParamsMatch(kCsAesCm128HmacSha1_32, kCsAesCm128HmacSha1_32); } @@ -344,11 +344,11 @@ TEST_F(SrtpFilterTest, TestChangeParameters) { TestSetParams(offer, answer); VerifyCryptoParamsMatch(kCsAesCm128HmacSha1_80, kCsAesCm128HmacSha1_80); - // Change the key parameters and cipher_suite. + // Change the key parameters and crypto_suite. offer[0].key_params = kTestKeyParams3; - offer[0].cipher_suite = kCsAesCm128HmacSha1_32; + offer[0].crypto_suite = kCsAesCm128HmacSha1_32; answer[0].key_params = kTestKeyParams4; - answer[0].cipher_suite = kCsAesCm128HmacSha1_32; + answer[0].crypto_suite = kCsAesCm128HmacSha1_32; EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); EXPECT_TRUE(f2_.SetOffer(offer, CS_REMOTE)); @@ -371,7 +371,7 @@ TEST_F(SrtpFilterTest, TestProvisionalAnswer) { std::vector offer(MakeVector(kTestCryptoParams1)); offer.push_back(kTestCryptoParams1); offer[1].tag = 2; - offer[1].cipher_suite = kCsAesCm128HmacSha1_32; + offer[1].crypto_suite = kCsAesCm128HmacSha1_32; std::vector answer(MakeVector(kTestCryptoParams2)); EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); @@ -386,7 +386,7 @@ TEST_F(SrtpFilterTest, TestProvisionalAnswer) { answer[0].key_params = kTestKeyParams4; answer[0].tag = 2; - answer[0].cipher_suite = kCsAesCm128HmacSha1_32; + answer[0].crypto_suite = kCsAesCm128HmacSha1_32; EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); EXPECT_TRUE(f1_.IsActive()); diff --git a/pc/srtp_session.cc b/pc/srtp_session.cc index 7d1aaf2d65..5408d3e0da 100644 --- a/pc/srtp_session.cc +++ b/pc/srtp_session.cc @@ -133,32 +133,32 @@ SrtpSession::~SrtpSession() { } } -bool SrtpSession::SetSend(int cs, +bool SrtpSession::SetSend(int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids) { - return SetKey(ssrc_any_outbound, cs, key, len, extension_ids); + return SetKey(ssrc_any_outbound, crypto_suite, key, len, extension_ids); } -bool SrtpSession::UpdateSend(int cs, +bool SrtpSession::UpdateSend(int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids) { - return UpdateKey(ssrc_any_outbound, cs, key, len, extension_ids); + return UpdateKey(ssrc_any_outbound, crypto_suite, key, len, extension_ids); } -bool SrtpSession::SetRecv(int cs, +bool SrtpSession::SetRecv(int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids) { - return SetKey(ssrc_any_inbound, cs, key, len, extension_ids); + return SetKey(ssrc_any_inbound, crypto_suite, key, len, extension_ids); } -bool SrtpSession::UpdateRecv(int cs, +bool SrtpSession::UpdateRecv(int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids) { - return UpdateKey(ssrc_any_inbound, cs, key, len, extension_ids); + return UpdateKey(ssrc_any_inbound, crypto_suite, key, len, extension_ids); } bool SrtpSession::ProtectRtp(void* p, int in_len, int max_len, int* out_len) { @@ -349,7 +349,7 @@ bool SrtpSession::GetSendStreamPacketIndex(void* p, } bool SrtpSession::DoSetKey(int type, - int cs, + int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids) { @@ -358,11 +358,13 @@ bool SrtpSession::DoSetKey(int type, srtp_policy_t policy; memset(&policy, 0, sizeof(policy)); if (!(srtp_crypto_policy_set_from_profile_for_rtp( - &policy.rtp, (srtp_profile_t)cs) == srtp_err_status_ok && + &policy.rtp, (srtp_profile_t)crypto_suite) == srtp_err_status_ok && srtp_crypto_policy_set_from_profile_for_rtcp( - &policy.rtcp, (srtp_profile_t)cs) == srtp_err_status_ok)) { + &policy.rtcp, (srtp_profile_t)crypto_suite) == + srtp_err_status_ok)) { RTC_LOG(LS_ERROR) << "Failed to " << (session_ ? "update" : "create") - << " SRTP session: unsupported cipher_suite " << cs; + << " SRTP session: unsupported cipher_suite " + << crypto_suite; return false; } @@ -385,7 +387,7 @@ bool SrtpSession::DoSetKey(int type, // Enable external HMAC authentication only for outgoing streams and only // for cipher suites that support it (i.e. only non-GCM cipher suites). if (type == ssrc_any_outbound && IsExternalAuthEnabled() && - !rtc::IsGcmCryptoSuite(cs)) { + !rtc::IsGcmCryptoSuite(crypto_suite)) { policy.rtp.auth_type = EXTERNAL_HMAC_SHA1; } if (!extension_ids.empty()) { @@ -417,7 +419,7 @@ bool SrtpSession::DoSetKey(int type, } bool SrtpSession::SetKey(int type, - int cs, + int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids) { @@ -437,11 +439,11 @@ bool SrtpSession::SetKey(int type, return false; } - return DoSetKey(type, cs, key, len, extension_ids); + return DoSetKey(type, crypto_suite, key, len, extension_ids); } bool SrtpSession::UpdateKey(int type, - int cs, + int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids) { @@ -451,7 +453,7 @@ bool SrtpSession::UpdateKey(int type, return false; } - return DoSetKey(type, cs, key, len, extension_ids); + return DoSetKey(type, crypto_suite, key, len, extension_ids); } void ProhibitLibsrtpInitialization() { diff --git a/pc/srtp_session.h b/pc/srtp_session.h index 048e665644..60f1860ada 100644 --- a/pc/srtp_session.h +++ b/pc/srtp_session.h @@ -43,23 +43,23 @@ class SrtpSession { SrtpSession& operator=(const SrtpSession&) = delete; // Configures the session for sending data using the specified - // cipher-suite and key. Receiving must be done by a separate session. - bool SetSend(int cs, + // crypto suite and key. Receiving must be done by a separate session. + bool SetSend(int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids); - bool UpdateSend(int cs, + bool UpdateSend(int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids); // Configures the session for receiving data using the specified - // cipher-suite and key. Sending must be done by a separate session. - bool SetRecv(int cs, + // crypto suite and key. Sending must be done by a separate session. + bool SetRecv(int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids); - bool UpdateRecv(int cs, + bool UpdateRecv(int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids); @@ -99,17 +99,17 @@ class SrtpSession { private: bool DoSetKey(int type, - int cs, + int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids); bool SetKey(int type, - int cs, + int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids); bool UpdateKey(int type, - int cs, + int crypto_suite, const uint8_t* key, size_t len, const std::vector& extension_ids); diff --git a/pc/srtp_transport.cc b/pc/srtp_transport.cc index 838040876c..1698b2128f 100644 --- a/pc/srtp_transport.cc +++ b/pc/srtp_transport.cc @@ -43,24 +43,24 @@ RTCError SrtpTransport::SetSrtpSendKey(const cricket::CryptoParams& params) { webrtc::RTCErrorType::UNSUPPORTED_OPERATION, "Setting the SRTP send key twice is currently unsupported."); } - if (recv_params_ && recv_params_->cipher_suite != params.cipher_suite) { + if (recv_params_ && recv_params_->crypto_suite != params.crypto_suite) { LOG_AND_RETURN_ERROR( webrtc::RTCErrorType::UNSUPPORTED_OPERATION, "The send key and receive key must have the same cipher suite."); } - send_cipher_suite_ = rtc::SrtpCryptoSuiteFromName(params.cipher_suite); - if (*send_cipher_suite_ == rtc::kSrtpInvalidCryptoSuite) { + send_crypto_suite_ = rtc::SrtpCryptoSuiteFromName(params.crypto_suite); + if (*send_crypto_suite_ == rtc::kSrtpInvalidCryptoSuite) { return RTCError(RTCErrorType::INVALID_PARAMETER, "Invalid SRTP crypto suite"); } int send_key_len, send_salt_len; - if (!rtc::GetSrtpKeyAndSaltLengths(*send_cipher_suite_, &send_key_len, + if (!rtc::GetSrtpKeyAndSaltLengths(*send_crypto_suite_, &send_key_len, &send_salt_len)) { return RTCError(RTCErrorType::INVALID_PARAMETER, "Could not get lengths for crypto suite(s):" - " send cipher_suite "); + " send crypto_suite "); } send_key_ = rtc::ZeroOnFreeBuffer(send_key_len + send_salt_len); @@ -83,24 +83,24 @@ RTCError SrtpTransport::SetSrtpReceiveKey(const cricket::CryptoParams& params) { webrtc::RTCErrorType::UNSUPPORTED_OPERATION, "Setting the SRTP send key twice is currently unsupported."); } - if (send_params_ && send_params_->cipher_suite != params.cipher_suite) { + if (send_params_ && send_params_->crypto_suite != params.crypto_suite) { LOG_AND_RETURN_ERROR( webrtc::RTCErrorType::UNSUPPORTED_OPERATION, "The send key and receive key must have the same cipher suite."); } - recv_cipher_suite_ = rtc::SrtpCryptoSuiteFromName(params.cipher_suite); - if (*recv_cipher_suite_ == rtc::kSrtpInvalidCryptoSuite) { + recv_crypto_suite_ = rtc::SrtpCryptoSuiteFromName(params.crypto_suite); + if (*recv_crypto_suite_ == rtc::kSrtpInvalidCryptoSuite) { return RTCError(RTCErrorType::INVALID_PARAMETER, "Invalid SRTP crypto suite"); } int recv_key_len, recv_salt_len; - if (!rtc::GetSrtpKeyAndSaltLengths(*recv_cipher_suite_, &recv_key_len, + if (!rtc::GetSrtpKeyAndSaltLengths(*recv_crypto_suite_, &recv_key_len, &recv_salt_len)) { return RTCError(RTCErrorType::INVALID_PARAMETER, "Could not get lengths for crypto suite(s):" - " recv cipher_suite "); + " recv crypto_suite "); } recv_key_ = rtc::ZeroOnFreeBuffer(recv_key_len + recv_salt_len); @@ -265,11 +265,11 @@ void SrtpTransport::OnWritableState( SignalWritableState(IsWritable(/*rtcp=*/false) && IsWritable(/*rtcp=*/true)); } -bool SrtpTransport::SetRtpParams(int send_cs, +bool SrtpTransport::SetRtpParams(int send_crypto_suite, const uint8_t* send_key, int send_key_len, const std::vector& send_extension_ids, - int recv_cs, + int recv_crypto_suite, const uint8_t* recv_key, int recv_key_len, const std::vector& recv_extension_ids) { @@ -284,36 +284,38 @@ bool SrtpTransport::SetRtpParams(int send_cs, new_sessions = true; } bool ret = new_sessions - ? send_session_->SetSend(send_cs, send_key, send_key_len, - send_extension_ids) - : send_session_->UpdateSend(send_cs, send_key, send_key_len, - send_extension_ids); + ? send_session_->SetSend(send_crypto_suite, send_key, + send_key_len, send_extension_ids) + : send_session_->UpdateSend(send_crypto_suite, send_key, + send_key_len, send_extension_ids); if (!ret) { ResetParams(); return false; } - ret = new_sessions ? recv_session_->SetRecv(recv_cs, recv_key, recv_key_len, - recv_extension_ids) - : recv_session_->UpdateRecv( - recv_cs, recv_key, recv_key_len, recv_extension_ids); + ret = new_sessions + ? recv_session_->SetRecv(recv_crypto_suite, recv_key, recv_key_len, + recv_extension_ids) + : recv_session_->UpdateRecv(recv_crypto_suite, recv_key, + recv_key_len, recv_extension_ids); if (!ret) { ResetParams(); return false; } RTC_LOG(LS_INFO) << "SRTP " << (new_sessions ? "activated" : "updated") - << " with negotiated parameters: send cipher_suite " - << send_cs << " recv cipher_suite " << recv_cs; + << " with negotiated parameters: send crypto_suite " + << send_crypto_suite << " recv crypto_suite " + << recv_crypto_suite; MaybeUpdateWritableState(); return true; } -bool SrtpTransport::SetRtcpParams(int send_cs, +bool SrtpTransport::SetRtcpParams(int send_crypto_suite, const uint8_t* send_key, int send_key_len, const std::vector& send_extension_ids, - int recv_cs, + int recv_crypto_suite, const uint8_t* recv_key, int recv_key_len, const std::vector& recv_extension_ids) { @@ -325,20 +327,21 @@ bool SrtpTransport::SetRtcpParams(int send_cs, } send_rtcp_session_.reset(new cricket::SrtpSession(field_trials_)); - if (!send_rtcp_session_->SetSend(send_cs, send_key, send_key_len, + if (!send_rtcp_session_->SetSend(send_crypto_suite, send_key, send_key_len, send_extension_ids)) { return false; } recv_rtcp_session_.reset(new cricket::SrtpSession(field_trials_)); - if (!recv_rtcp_session_->SetRecv(recv_cs, recv_key, recv_key_len, + if (!recv_rtcp_session_->SetRecv(recv_crypto_suite, recv_key, recv_key_len, recv_extension_ids)) { return false; } RTC_LOG(LS_INFO) << "SRTCP activated with negotiated parameters:" - " send cipher_suite " - << send_cs << " recv cipher_suite " << recv_cs; + " send crypto_suite " + << send_crypto_suite << " recv crypto_suite " + << recv_crypto_suite; MaybeUpdateWritableState(); return true; } @@ -472,13 +475,13 @@ bool SrtpTransport::IsExternalAuthActive() const { } bool SrtpTransport::MaybeSetKeyParams() { - if (!send_cipher_suite_ || !recv_cipher_suite_) { + if (!send_crypto_suite_ || !recv_crypto_suite_) { return true; } - return SetRtpParams(*send_cipher_suite_, send_key_.data(), + return SetRtpParams(*send_crypto_suite_, send_key_.data(), static_cast(send_key_.size()), std::vector(), - *recv_cipher_suite_, recv_key_.data(), + *recv_crypto_suite_, recv_key_.data(), static_cast(recv_key_.size()), std::vector()); } diff --git a/pc/srtp_transport.h b/pc/srtp_transport.h index ae62d5b780..46c11ed56d 100644 --- a/pc/srtp_transport.h +++ b/pc/srtp_transport.h @@ -61,11 +61,11 @@ class SrtpTransport : public RtpTransport { // Create new send/recv sessions and set the negotiated crypto keys for RTP // packet encryption. The keys can either come from SDES negotiation or DTLS // handshake. - bool SetRtpParams(int send_cs, + bool SetRtpParams(int send_crypto_suite, const uint8_t* send_key, int send_key_len, const std::vector& send_extension_ids, - int recv_cs, + int recv_crypto_suite, const uint8_t* recv_key, int recv_key_len, const std::vector& recv_extension_ids); @@ -73,11 +73,11 @@ class SrtpTransport : public RtpTransport { // Create new send/recv sessions and set the negotiated crypto keys for RTCP // packet encryption. The keys can either come from SDES negotiation or DTLS // handshake. - bool SetRtcpParams(int send_cs, + bool SetRtcpParams(int send_crypto_suite, const uint8_t* send_key, int send_key_len, const std::vector& send_extension_ids, - int recv_cs, + int recv_crypto_suite, const uint8_t* recv_key, int recv_key_len, const std::vector& recv_extension_ids); @@ -86,7 +86,7 @@ class SrtpTransport : public RtpTransport { // If external auth is enabled, SRTP will write a dummy auth tag that then // later must get replaced before the packet is sent out. Only supported for - // non-GCM cipher suites and can be checked through "IsExternalAuthActive" + // non-GCM crypto suites and can be checked through "IsExternalAuthActive" // if it is actually used. This method is only valid before the RTP params // have been set. void EnableExternalAuth(); @@ -155,8 +155,8 @@ class SrtpTransport : public RtpTransport { absl::optional send_params_; absl::optional recv_params_; - absl::optional send_cipher_suite_; - absl::optional recv_cipher_suite_; + absl::optional send_crypto_suite_; + absl::optional recv_crypto_suite_; rtc::ZeroOnFreeBuffer send_key_; rtc::ZeroOnFreeBuffer recv_key_; diff --git a/pc/webrtc_sdp.cc b/pc/webrtc_sdp.cc index 468947f8fc..ecba22a85a 100644 --- a/pc/webrtc_sdp.cc +++ b/pc/webrtc_sdp.cc @@ -1695,7 +1695,7 @@ void BuildRtpContentAttributes(const MediaContentDescription* media_desc, for (const CryptoParams& crypto_params : media_desc->cryptos()) { InitAttrLine(kAttributeCrypto, &os); os << kSdpDelimiterColon << crypto_params.tag << " " - << crypto_params.cipher_suite << " " << crypto_params.key_params; + << crypto_params.crypto_suite << " " << crypto_params.key_params; if (!crypto_params.session_params.empty()) { os << " " << crypto_params.session_params; }