Make ECDSA default for RTCPeerConnection

BUG= Review URL: https://codereview.webrtc.org/1649533002 Cr-Commit-Position: refs/heads/master@{#11409}
2016-01-27 17:50:11 -08:00 · 2016-01-27 17:50:11 -08:00 · ab8f82ffe0
commit ab8f82ffe0
parent 691b8369ff
10 changed files with 69 additions and 130 deletions
--- a/talk/app/webrtc/objc/RTCPeerConnectionInterface.mm
+++ b/talk/app/webrtc/objc/RTCPeerConnectionInterface.mm
@ -29,6 +29,7 @@

 #import "talk/app/webrtc/objc/RTCEnumConverter.h"
 #import "talk/app/webrtc/objc/RTCICEServer+Internal.h"
+#import "talk/app/webrtc/objc/public/RTCLogging.h"

@implementation RTCConfiguration

@ -40,6 +41,7 @@
@synthesize audioJitterBufferMaxPackets = _audioJitterBufferMaxPackets;
@synthesize iceConnectionReceivingTimeout = _iceConnectionReceivingTimeout;
@synthesize iceBackupCandidatePairPingInterval = _iceBackupCandidatePairPingInterval;
+@synthesize keyType = _keyType;

 - (instancetype)init {
  if (self = [super init]) {
@ -53,6 +55,7 @@
    _audioJitterBufferMaxPackets = config.audio_jitter_buffer_max_packets;
    _iceConnectionReceivingTimeout = config.ice_connection_receiving_timeout;
    _iceBackupCandidatePairPingInterval = config.ice_backup_candidate_pair_ping_interval;
+    _keyType = kRTCEncryptionKeyTypeECDSA;
  }
  return self;
 }
@ -91,6 +94,16 @@
  nativeConfig.audio_jitter_buffer_max_packets = _audioJitterBufferMaxPackets;
  nativeConfig.ice_connection_receiving_timeout = _iceConnectionReceivingTimeout;
  nativeConfig.ice_backup_candidate_pair_ping_interval = _iceBackupCandidatePairPingInterval;
+  if (_keyType == kRTCEncryptionKeyTypeECDSA) {
+    rtc::scoped_ptr<rtc::SSLIdentity> identity(
+        rtc::SSLIdentity::Generate(webrtc::kIdentityName, rtc::KT_ECDSA));
+    if (identity) {
+      nativeConfig.certificates.push_back(
+          rtc::RTCCertificate::Create(std::move(identity)));
+    } else {
+      RTCLogWarning(@"Failed to generate ECDSA identity. RSA will be used.");
+    }
+  }
  return nativeConfig;
 }

--- a/talk/app/webrtc/objc/public/RTCPeerConnectionInterface.h
+++ b/talk/app/webrtc/objc/public/RTCPeerConnectionInterface.h
@ -54,6 +54,11 @@ typedef NS_ENUM(NSInteger, RTCTcpCandidatePolicy) {
  kRTCTcpCandidatePolicyDisabled,
 };

+typedef NS_ENUM(NSInteger, RTCEncryptionKeyType) {
+  kRTCEncryptionKeyTypeRSA,
+  kRTCEncryptionKeyTypeECDSA,
+};
+
 // Configuration object used for creating a peer connection.
@interface RTCConfiguration : NSObject

@ -65,6 +70,7 @@ typedef NS_ENUM(NSInteger, RTCTcpCandidatePolicy) {
@property(nonatomic, assign) int audioJitterBufferMaxPackets;
@property(nonatomic, assign) int iceConnectionReceivingTimeout;
@property(nonatomic, assign) int iceBackupCandidatePairPingInterval;
+@property(nonatomic, assign) RTCEncryptionKeyType keyType;

 - (instancetype)initWithIceTransportsType:(RTCIceTransportsType)iceTransportsType
                             bundlePolicy:(RTCBundlePolicy)bundlePolicy
--- a/webrtc/api/api_tests.gyp
+++ b/webrtc/api/api_tests.gyp
@ -12,7 +12,7 @@
    ['OS=="ios"', {
      'targets': [
        {
-          'target_name': 'rtc_api_objc_test',
+          'target_name': 'rtc_api_objc_tests',
          'type': 'executable',
          'dependencies': [
            '<(webrtc_root)/api/api.gyp:rtc_api_objc',
--- a/webrtc/api/objc/RTCConfiguration+Private.h
+++ b/webrtc/api/objc/RTCConfiguration+Private.h
@ -23,9 +23,6 @@ NS_ASSUME_NONNULL_BEGIN
@property(nonatomic, readonly)
    webrtc::PeerConnectionInterface::RTCConfiguration nativeConfiguration;

- (instancetype)initWithNativeConfiguration:
-    (webrtc::PeerConnectionInterface::RTCConfiguration)nativeConfiguration;
-
 + (webrtc::PeerConnectionInterface::IceTransportsType)
    nativeTransportsTypeForTransportPolicy:(RTCIceTransportPolicy)policy;

--- a/webrtc/api/objc/RTCConfiguration.h
+++ b/webrtc/api/objc/RTCConfiguration.h
@ -42,6 +42,12 @@ typedef NS_ENUM(NSInteger, RTCTcpCandidatePolicy) {
  RTCTcpCandidatePolicyDisabled
 };

+/** Represents the encryption key type. */
+typedef NS_ENUM(NSInteger, RTCEncryptionKeyType) {
+  RTCEncryptionKeyTypeRSA,
+  RTCEncryptionKeyTypeECDSA,
+};
+
 NS_ASSUME_NONNULL_BEGIN

@interface RTCConfiguration : NSObject
@ -63,17 +69,10 @@ NS_ASSUME_NONNULL_BEGIN
@property(nonatomic, assign) int iceConnectionReceivingTimeout;
@property(nonatomic, assign) int iceBackupCandidatePairPingInterval;

- (instancetype)init NS_DESIGNATED_INITIALIZER;
+/** Key type used to generate SSL identity. Default is ECDSA. */
+@property(nonatomic, assign) RTCEncryptionKeyType keyType;

- (instancetype)initWithIceServers:
-    (nullable NSArray<RTCIceServer *> *)iceServers
-                iceTransportPolicy:(RTCIceTransportPolicy)iceTransportPolicy
-                      bundlePolicy:(RTCBundlePolicy)bundlePolicy
-                     rtcpMuxPolicy:(RTCRtcpMuxPolicy)rtcpMuxPolicy
-                tcpCandidatePolicy:(RTCTcpCandidatePolicy)tcpCandidatePolicy
-       audioJitterBufferMaxPackets:(int)audioJitterBufferMaxPackets
-     iceConnectionReceivingTimeout:(int)iceConnectionReceivingTimeout
-iceBackupCandidatePairPingInterval:(int)iceBackupCandidatePairPingInterval;
+- (instancetype)init NS_DESIGNATED_INITIALIZER;

@end

--- a/webrtc/api/objc/RTCConfiguration.mm
+++ b/webrtc/api/objc/RTCConfiguration.mm
@ -10,8 +10,11 @@

 #import "RTCConfiguration.h"

+#include "webrtc/base/sslidentity.h"
+
 #import "webrtc/api/objc/RTCConfiguration+Private.h"
 #import "webrtc/api/objc/RTCIceServer+Private.h"
+#import "webrtc/base/objc/RTCLogging.h"

@implementation RTCConfiguration

@ -24,6 +27,7 @@
@synthesize iceConnectionReceivingTimeout = _iceConnectionReceivingTimeout;
@synthesize iceBackupCandidatePairPingInterval =
    _iceBackupCandidatePairPingInterval;
+@synthesize keyType = _keyType;

 - (instancetype)init {
  if (self = [super init]) {
@ -42,29 +46,7 @@
    _iceConnectionReceivingTimeout = config.ice_connection_receiving_timeout;
    _iceBackupCandidatePairPingInterval =
        config.ice_backup_candidate_pair_ping_interval;
-  }
-  return self;
-}
-
- (instancetype)initWithIceServers:(NSArray<RTCIceServer *> *)iceServers
-                    iceTransportPolicy:(RTCIceTransportPolicy)iceTransportPolicy
-                          bundlePolicy:(RTCBundlePolicy)bundlePolicy
-                         rtcpMuxPolicy:(RTCRtcpMuxPolicy)rtcpMuxPolicy
-                    tcpCandidatePolicy:(RTCTcpCandidatePolicy)tcpCandidatePolicy
-           audioJitterBufferMaxPackets:(int)audioJitterBufferMaxPackets
-         iceConnectionReceivingTimeout:(int)iceConnectionReceivingTimeout
-    iceBackupCandidatePairPingInterval:(int)iceBackupCandidatePairPingInterval {
-  if (self = [self init]) {
-    if (iceServers) {
-      _iceServers = [iceServers copy];
-    }
-    _iceTransportPolicy = iceTransportPolicy;
-    _bundlePolicy = bundlePolicy;
-    _rtcpMuxPolicy = rtcpMuxPolicy;
-    _tcpCandidatePolicy = tcpCandidatePolicy;
-    _audioJitterBufferMaxPackets = audioJitterBufferMaxPackets;
-    _iceConnectionReceivingTimeout = iceConnectionReceivingTimeout;
-    _iceBackupCandidatePairPingInterval = iceBackupCandidatePairPingInterval;
+    _keyType = RTCEncryptionKeyTypeECDSA;
  }
  return self;
 }
@ -103,42 +85,20 @@
      _iceConnectionReceivingTimeout;
  nativeConfig.ice_backup_candidate_pair_ping_interval =
      _iceBackupCandidatePairPingInterval;
+  if (_keyType == RTCEncryptionKeyTypeECDSA) {
+    rtc::scoped_ptr<rtc::SSLIdentity> identity(
+        rtc::SSLIdentity::Generate(webrtc::kIdentityName, rtc::KT_ECDSA));
+    if (identity) {
+      nativeConfig.certificates.push_back(
+          rtc::RTCCertificate::Create(std::move(identity)));
+    } else {
+      RTCLogWarning(@"Failed to generate ECDSA identity. RSA will be used.");
+    }
+  }

  return nativeConfig;
 }

- (instancetype)initWithNativeConfiguration:
-    (webrtc::PeerConnectionInterface::RTCConfiguration)nativeConfig {
-  NSMutableArray *iceServers =
-        [NSMutableArray arrayWithCapacity:nativeConfig.servers.size()];
-  for (auto const &server : nativeConfig.servers) {
-    RTCIceServer *iceServer =
-        [[RTCIceServer alloc] initWithNativeServer:server];
-    [iceServers addObject:iceServer];
-  }
-
-  if (self = [self init]) {
-    if (iceServers) {
-      _iceServers = [iceServers copy];
-    }
-    _iceTransportPolicy =
-        [[self class] transportPolicyForTransportsType:nativeConfig.type];
-    _bundlePolicy =
-        [[self class] bundlePolicyForNativePolicy:nativeConfig.bundle_policy];
-    _rtcpMuxPolicy = [[self class] rtcpMuxPolicyForNativePolicy:
-        nativeConfig.rtcp_mux_policy];
-    _tcpCandidatePolicy = [[self class] tcpCandidatePolicyForNativePolicy:
-        nativeConfig.tcp_candidate_policy];
-    _audioJitterBufferMaxPackets = nativeConfig.audio_jitter_buffer_max_packets;
-    _iceConnectionReceivingTimeout =
-        nativeConfig.ice_connection_receiving_timeout;
-    _iceBackupCandidatePairPingInterval =
-        nativeConfig.ice_backup_candidate_pair_ping_interval;
-  }
-
-  return self;
-}
-
 + (webrtc::PeerConnectionInterface::IceTransportsType)
    nativeTransportsTypeForTransportPolicy:(RTCIceTransportPolicy)policy {
  switch (policy) {
--- a/webrtc/api/objc/RTCSessionDescription.mm
+++ b/webrtc/api/objc/RTCSessionDescription.mm
@ -86,6 +86,7 @@
    return RTCSdpTypeAnswer;
  } else {
    RTC_NOTREACHED();
+    return RTCSdpTypeOffer;
  }
 }

--- a/webrtc/api/objctests/RTCConfigurationTest.mm
+++ b/webrtc/api/objctests/RTCConfigurationTest.mm
@ -21,7 +21,6 @@

@interface RTCConfigurationTest : NSObject
 - (void)testConversionToNativeConfiguration;
- (void)testInitFromNativeConfiguration;
@end

@implementation RTCConfigurationTest
@ -30,15 +29,18 @@
  NSArray *urlStrings = @[ @"stun:stun1.example.net" ];
  RTCIceServer *server = [[RTCIceServer alloc] initWithURLStrings:urlStrings];

-  RTCConfiguration *config =
-      [[RTCConfiguration alloc] initWithIceServers:@[ server ]
-                                iceTransportPolicy:RTCIceTransportPolicyRelay
-                                      bundlePolicy:RTCBundlePolicyMaxBundle
-                                     rtcpMuxPolicy:RTCRtcpMuxPolicyNegotiate
-                                tcpCandidatePolicy:RTCTcpCandidatePolicyDisabled
-                       audioJitterBufferMaxPackets:60
-                     iceConnectionReceivingTimeout:1
-                iceBackupCandidatePairPingInterval:2];
+  RTCConfiguration *config = [[RTCConfiguration alloc] init];
+  config.iceServers = @[ server ];
+  config.iceTransportPolicy = RTCIceTransportPolicyRelay;
+  config.bundlePolicy = RTCBundlePolicyMaxBundle;
+  config.rtcpMuxPolicy = RTCRtcpMuxPolicyNegotiate;
+  config.tcpCandidatePolicy = RTCTcpCandidatePolicyDisabled;
+  const int maxPackets = 60;
+  const int timeout = 1;
+  const int interval = 2;
+  config.audioJitterBufferMaxPackets = maxPackets;
+  config.iceConnectionReceivingTimeout = timeout;
+  config.iceBackupCandidatePairPingInterval = interval;

  webrtc::PeerConnectionInterface::RTCConfiguration nativeConfig =
      config.nativeConfiguration;
@ -55,50 +57,9 @@
            nativeConfig.rtcp_mux_policy);
  EXPECT_EQ(webrtc::PeerConnectionInterface::kTcpCandidatePolicyDisabled,
            nativeConfig.tcp_candidate_policy);
-  EXPECT_EQ(60, nativeConfig.audio_jitter_buffer_max_packets);
-  EXPECT_EQ(1, nativeConfig.ice_connection_receiving_timeout);
-  EXPECT_EQ(2, nativeConfig.ice_backup_candidate_pair_ping_interval);
-}
-
- (void)testInitFromNativeConfiguration {
-  webrtc::PeerConnectionInterface::RTCConfiguration nativeConfig;
-
-  webrtc::PeerConnectionInterface::IceServer nativeServer;
-  nativeServer.username = "username";
-  nativeServer.password = "password";
-  nativeServer.urls.push_back("stun:stun.example.net");
-  webrtc::PeerConnectionInterface::IceServers servers { nativeServer };
-
-  nativeConfig.servers = servers;
-  nativeConfig.type = webrtc::PeerConnectionInterface::kNoHost;
-  nativeConfig.bundle_policy =
-      webrtc::PeerConnectionInterface::kBundlePolicyMaxCompat;
-  nativeConfig.rtcp_mux_policy =
-      webrtc::PeerConnectionInterface::kRtcpMuxPolicyRequire;
-  nativeConfig.tcp_candidate_policy =
-      webrtc::PeerConnectionInterface::kTcpCandidatePolicyEnabled;
-  nativeConfig.audio_jitter_buffer_max_packets = 40;
-  nativeConfig.ice_connection_receiving_timeout =
-      webrtc::PeerConnectionInterface::RTCConfiguration::kUndefined;
-  nativeConfig.ice_backup_candidate_pair_ping_interval =
-      webrtc::PeerConnectionInterface::RTCConfiguration::kUndefined;
-
-  RTCConfiguration *config =
-      [[RTCConfiguration alloc] initWithNativeConfiguration:nativeConfig];
-
-  EXPECT_EQ(1u, config.iceServers.count);
-  RTCIceServer *server = config.iceServers.firstObject;
-  EXPECT_EQ(1u, server.urlStrings.count);
-  EXPECT_TRUE([@"stun:stun.example.net" isEqualToString:
-      server.urlStrings.firstObject]);
-
-  EXPECT_EQ(RTCIceTransportPolicyNoHost, config.iceTransportPolicy);
-  EXPECT_EQ(RTCBundlePolicyMaxCompat, config.bundlePolicy);
-  EXPECT_EQ(RTCRtcpMuxPolicyRequire, config.rtcpMuxPolicy);
-  EXPECT_EQ(RTCTcpCandidatePolicyEnabled, config.tcpCandidatePolicy);
-  EXPECT_EQ(40, config.audioJitterBufferMaxPackets);
-  EXPECT_EQ(-1, config.iceConnectionReceivingTimeout);
-  EXPECT_EQ(-1, config.iceBackupCandidatePairPingInterval);
+  EXPECT_EQ(maxPackets, nativeConfig.audio_jitter_buffer_max_packets);
+  EXPECT_EQ(timeout, nativeConfig.ice_connection_receiving_timeout);
+  EXPECT_EQ(interval, nativeConfig.ice_backup_candidate_pair_ping_interval);
 }

@end
@ -110,9 +71,3 @@ TEST(RTCConfigurationTest, NativeConfigurationConversionTest) {
  }
 }

-TEST(RTCConfigurationTest, InitFromConfigurationTest) {
-  @autoreleasepool {
-    RTCConfigurationTest *test = [[RTCConfigurationTest alloc] init];
-    [test testInitFromNativeConfiguration];
-  }
-}
--- a/webrtc/webrtc.gyp
+++ b/webrtc/webrtc.gyp
@ -89,6 +89,14 @@
            'webrtc_tests',
          ],
        }],
+        ['OS=="ios"', {
+          'dependencies': [
+            # TODO(tkchin): Move this target to webrtc_all_dependencies once it
+            # has more than iOS specific targets.
+            # TODO(tkchin): Figure out where to add this in BUILD.gn.
+            'api/api.gyp:*',
+          ],
+        }],
      ],
    },
    {
--- a/webrtc/webrtc_tests.gypi
+++ b/webrtc/webrtc_tests.gypi
@ -34,7 +34,7 @@
        }],
        ['OS=="ios"', {
          'dependencies': [
-            'api/api_tests.gyp:rtc_api_objc_test',
+            'api/api_tests.gyp:rtc_api_objc_tests',
          ]
        }]
      ],