From 78ab1cf39c9cf3a4969ebe9b4ccb4925952d8267 Mon Sep 17 00:00:00 2001
From: Emil Vardar <vardar@google.com>
Date: Thu, 28 Nov 2024 09:24:13 +0000
Subject: [PATCH] Enable negotiation of encrypted headers by default.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The negotiation of encrypted header extensions has already been enabled in Chromium, https://chromium-review.googlesource.com/c/chromium/src/+/5933829. Hence, it make sense to enable the encryption of header extensions by default also in webRTC environment so that all the tests run by taking this into considiration when new changes are made.

Bug: webrtc:358039777
Change-Id: I141fac01b0eb0f2ce5a0a365736f0dcf9f21ddcd
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/366420
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Emil Vardar (xWF) <vardar@google.com>
Reviewed-by: Erik Språng <sprang@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#43573}
---
 api/crypto/crypto_options.h  |  7 ++++---
 pc/media_session.h           |  2 +-
 pc/media_session_unittest.cc | 18 +++++++++---------
 3 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/api/crypto/crypto_options.h b/api/crypto/crypto_options.h
index 83189aa317..a937490787 100644
--- a/api/crypto/crypto_options.h
+++ b/api/crypto/crypto_options.h
@@ -53,9 +53,10 @@ struct RTC_EXPORT CryptoOptions {
     // purposes.
     bool enable_aes128_sha1_80_crypto_cipher = true;
 
-    // If set to true, encrypted RTP header extensions as defined in RFC 6904
-    // will be negotiated. They will only be used if both peers support them.
-    bool enable_encrypted_rtp_header_extensions = false;
+    // This feature enables encrypting RTP header extensions using RFC 6904, if
+    // requested. For this to work the Chromium field trial
+    // `kWebRtcEncryptedRtpHeaderExtensions` must be enabled.
+    bool enable_encrypted_rtp_header_extensions = true;
   } srtp;
 
   // Options to be used when the FrameEncryptor / FrameDecryptor APIs are used.
diff --git a/pc/media_session.h b/pc/media_session.h
index 5e7306a976..83f35f88ae 100644
--- a/pc/media_session.h
+++ b/pc/media_session.h
@@ -318,7 +318,7 @@ class MediaSessionDescriptionFactory {
   // This object may or may not be owned by this class.
   webrtc::AlwaysValidPointer<rtc::UniqueRandomIdGenerator> const
       ssrc_generator_;
-  bool enable_encrypted_rtp_header_extensions_ = false;
+  bool enable_encrypted_rtp_header_extensions_ = true;
   const TransportDescriptionFactory* transport_desc_factory_;
   // Payoad type tracker interface. Must live longer than this object.
   webrtc::PayloadTypeSuggester* pt_suggester_;
diff --git a/pc/media_session_unittest.cc b/pc/media_session_unittest.cc
index 3a157520a3..e28aa86288 100644
--- a/pc/media_session_unittest.cc
+++ b/pc/media_session_unittest.cc
@@ -2197,11 +2197,11 @@ TEST_F(MediaSessionDescriptionFactoryTest,
 }
 
 TEST_F(MediaSessionDescriptionFactoryTest,
-       TestOfferAnswerWithEncryptedRtpExtensionHeadersEnabledInOffer) {
+       NegotiationWithEncryptedRtpExtensionHeadersDisabledInReceiver) {
   MediaSessionOptions opts;
   AddAudioVideoSections(RtpTransceiverDirection::kRecvOnly, &opts);
 
-  f1_.set_enable_encrypted_rtp_header_extensions(true);
+  f2_.set_enable_encrypted_rtp_header_extensions(false);
 
   SetAudioVideoRtpHeaderExtensions(MAKE_VECTOR(kAudioRtpExtensionEncrypted1),
                                    MAKE_VECTOR(kVideoRtpExtensionEncrypted1),
@@ -2230,11 +2230,11 @@ TEST_F(MediaSessionDescriptionFactoryTest,
 }
 
 TEST_F(MediaSessionDescriptionFactoryTest,
-       TestOfferAnswerWithEncryptedRtpExtensionHeadersEnabledInReceiver) {
+       NegotiationWithEncryptedRtpExtensionHeadersDisabledInSender) {
   MediaSessionOptions opts;
   AddAudioVideoSections(RtpTransceiverDirection::kRecvOnly, &opts);
 
-  f2_.set_enable_encrypted_rtp_header_extensions(true);
+  f1_.set_enable_encrypted_rtp_header_extensions(false);
 
   SetAudioVideoRtpHeaderExtensions(MAKE_VECTOR(kAudioRtpExtensionEncrypted1),
                                    MAKE_VECTOR(kVideoRtpExtensionEncrypted1),
@@ -2263,13 +2263,10 @@ TEST_F(MediaSessionDescriptionFactoryTest,
 }
 
 TEST_F(MediaSessionDescriptionFactoryTest,
-       TestOfferAnswerPreferEncryptedRtpHeaderExtensionsWhenEncryptionEnabled) {
+       PreferEncryptedRtpHeaderExtensionsWhenEncryptionEnabled) {
   MediaSessionOptions opts;
   AddAudioVideoSections(RtpTransceiverDirection::kRecvOnly, &opts);
 
-  f1_.set_enable_encrypted_rtp_header_extensions(true);
-  f2_.set_enable_encrypted_rtp_header_extensions(true);
-
   SetAudioVideoRtpHeaderExtensions(
       MAKE_VECTOR(kAudioRtpExtensionMixedEncryption1),
       MAKE_VECTOR(kVideoRtpExtensionMixedEncryption), &opts);
@@ -2300,10 +2297,13 @@ TEST_F(MediaSessionDescriptionFactoryTest,
 }
 
 TEST_F(MediaSessionDescriptionFactoryTest,
-       TestOfferAnswerUseUnencryptedRtpHeaderExtensionsWhenEncryptionDisabled) {
+       UseUnencryptedRtpHeaderExtensionsWhenEncryptionDisabled) {
   MediaSessionOptions opts;
   AddAudioVideoSections(RtpTransceiverDirection::kRecvOnly, &opts);
 
+  f1_.set_enable_encrypted_rtp_header_extensions(false);
+  f2_.set_enable_encrypted_rtp_header_extensions(false);
+
   SetAudioVideoRtpHeaderExtensions(
       MAKE_VECTOR(kAudioRtpExtensionMixedEncryption1),
       MAKE_VECTOR(kVideoRtpExtensionMixedEncryption), &opts);