diff --git a/pc/media_session_unittest.cc b/pc/media_session_unittest.cc index 75b6d7166a..9ad823b86e 100644 --- a/pc/media_session_unittest.cc +++ b/pc/media_session_unittest.cc @@ -52,10 +52,6 @@ namespace cricket { namespace { -using ::rtc::kCsAeadAes128Gcm; -using ::rtc::kCsAeadAes256Gcm; -using ::rtc::kCsAesCm128HmacSha1_32; -using ::rtc::kCsAesCm128HmacSha1_80; using ::rtc::UniqueRandomIdGenerator; using ::testing::Bool; using ::testing::Combine; diff --git a/pc/srtp_session_unittest.cc b/pc/srtp_session_unittest.cc index 7adfee86fd..613a872619 100644 --- a/pc/srtp_session_unittest.cc +++ b/pc/srtp_session_unittest.cc @@ -44,29 +44,30 @@ class SrtpSessionTest : public ::testing::Test { memcpy(rtp_packet_, kPcmuFrame, rtp_len_); memcpy(rtcp_packet_, kRtcpReport, rtcp_len_); } - void TestProtectRtp(const std::string& cs) { + void TestProtectRtp(int crypto_suite) { int out_len = 0; EXPECT_TRUE( s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len)); - EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(cs)); + EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(crypto_suite)); EXPECT_NE(0, memcmp(rtp_packet_, kPcmuFrame, rtp_len_)); rtp_len_ = out_len; } - void TestProtectRtcp(const std::string& cs) { + void TestProtectRtcp(int crypto_suite) { int out_len = 0; EXPECT_TRUE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_, sizeof(rtcp_packet_), &out_len)); - EXPECT_EQ(out_len, rtcp_len_ + 4 + rtcp_auth_tag_len(cs)); // NOLINT + EXPECT_EQ(out_len, + rtcp_len_ + 4 + rtcp_auth_tag_len(crypto_suite)); // NOLINT EXPECT_NE(0, memcmp(rtcp_packet_, kRtcpReport, rtcp_len_)); rtcp_len_ = out_len; } - void TestUnprotectRtp(const std::string& cs) { + void TestUnprotectRtp(int crypto_suite) { int out_len = 0, expected_len = sizeof(kPcmuFrame); EXPECT_TRUE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len)); EXPECT_EQ(expected_len, out_len); EXPECT_EQ(0, memcmp(rtp_packet_, kPcmuFrame, out_len)); } - void TestUnprotectRtcp(const std::string& cs) { + void TestUnprotectRtcp(int crypto_suite) { int out_len = 0, expected_len = sizeof(kRtcpReport); EXPECT_TRUE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len)); EXPECT_EQ(expected_len, out_len); @@ -115,10 +116,10 @@ TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_80) { kEncryptedHeaderExtensionIds)); EXPECT_TRUE(s2_.SetRecv(kSrtpAes128CmSha1_80, kTestKey1, kTestKeyLen, kEncryptedHeaderExtensionIds)); - TestProtectRtp(kCsAesCm128HmacSha1_80); - TestProtectRtcp(kCsAesCm128HmacSha1_80); - TestUnprotectRtp(kCsAesCm128HmacSha1_80); - TestUnprotectRtcp(kCsAesCm128HmacSha1_80); + TestProtectRtp(kSrtpAes128CmSha1_80); + TestProtectRtcp(kSrtpAes128CmSha1_80); + TestUnprotectRtp(kSrtpAes128CmSha1_80); + TestUnprotectRtcp(kSrtpAes128CmSha1_80); } // Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_32. @@ -127,10 +128,10 @@ TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_32) { kEncryptedHeaderExtensionIds)); EXPECT_TRUE(s2_.SetRecv(kSrtpAes128CmSha1_32, kTestKey1, kTestKeyLen, kEncryptedHeaderExtensionIds)); - TestProtectRtp(kCsAesCm128HmacSha1_32); - TestProtectRtcp(kCsAesCm128HmacSha1_32); - TestUnprotectRtp(kCsAesCm128HmacSha1_32); - TestUnprotectRtcp(kCsAesCm128HmacSha1_32); + TestProtectRtp(kSrtpAes128CmSha1_32); + TestProtectRtcp(kSrtpAes128CmSha1_32); + TestUnprotectRtp(kSrtpAes128CmSha1_32); + TestUnprotectRtcp(kSrtpAes128CmSha1_32); } TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) { @@ -152,8 +153,8 @@ TEST_F(SrtpSessionTest, TestTamperReject) { kEncryptedHeaderExtensionIds)); EXPECT_TRUE(s2_.SetRecv(kSrtpAes128CmSha1_80, kTestKey1, kTestKeyLen, kEncryptedHeaderExtensionIds)); - TestProtectRtp(kCsAesCm128HmacSha1_80); - TestProtectRtcp(kCsAesCm128HmacSha1_80); + TestProtectRtp(kSrtpAes128CmSha1_80); + TestProtectRtcp(kSrtpAes128CmSha1_80); rtp_packet_[0] = 0x12; rtcp_packet_[1] = 0x34; EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len)); diff --git a/pc/srtp_transport_unittest.cc b/pc/srtp_transport_unittest.cc index de4ff03179..a1f153a343 100644 --- a/pc/srtp_transport_unittest.cc +++ b/pc/srtp_transport_unittest.cc @@ -98,10 +98,10 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> { // unprotect would fail. Check accessing the information about the // tag instead, similar to what the actual code would do that relies // on external auth. - void TestRtpAuthParams(SrtpTransport* transport, const std::string& cs) { + void TestRtpAuthParams(SrtpTransport* transport, int crypto_suite) { int overhead; EXPECT_TRUE(transport->GetSrtpOverhead(&overhead)); - switch (rtc::SrtpCryptoSuiteFromName(cs)) { + switch (crypto_suite) { case rtc::kSrtpAes128CmSha1_32: EXPECT_EQ(32 / 8, overhead); // 32-bit tag. break; @@ -122,9 +122,9 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> { EXPECT_EQ(overhead, tag_len); } - void TestSendRecvRtpPacket(const std::string& cipher_suite_name) { + void TestSendRecvRtpPacket(int crypto_suite) { size_t rtp_len = sizeof(kPcmuFrame); - size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(cipher_suite_name); + size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(crypto_suite); rtc::Buffer rtp_packet_buffer(packet_size); char* rtp_packet_data = rtp_packet_buffer.data(); memcpy(rtp_packet_data, kPcmuFrame, rtp_len); @@ -146,7 +146,7 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> { ASSERT_TRUE(srtp_transport1_->SendRtpPacket(&rtp_packet1to2, options, cricket::PF_SRTP_BYPASS)); if (srtp_transport1_->IsExternalAuthActive()) { - TestRtpAuthParams(srtp_transport1_.get(), cipher_suite_name); + TestRtpAuthParams(srtp_transport1_.get(), crypto_suite); } else { ASSERT_TRUE(rtp_sink2_.last_recv_rtp_packet().data()); EXPECT_EQ(0, memcmp(rtp_sink2_.last_recv_rtp_packet().data(), @@ -163,7 +163,7 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> { ASSERT_TRUE(srtp_transport2_->SendRtpPacket(&rtp_packet2to1, options, cricket::PF_SRTP_BYPASS)); if (srtp_transport2_->IsExternalAuthActive()) { - TestRtpAuthParams(srtp_transport2_.get(), cipher_suite_name); + TestRtpAuthParams(srtp_transport2_.get(), crypto_suite); } else { ASSERT_TRUE(rtp_sink1_.last_recv_rtp_packet().data()); EXPECT_EQ(0, memcmp(rtp_sink1_.last_recv_rtp_packet().data(), @@ -175,10 +175,9 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> { } } - void TestSendRecvRtcpPacket(const std::string& cipher_suite_name) { + void TestSendRecvRtcpPacket(int crypto_suite) { size_t rtcp_len = sizeof(::kRtcpReport); - size_t packet_size = - rtcp_len + 4 + rtc::rtcp_auth_tag_len(cipher_suite_name); + size_t packet_size = rtcp_len + 4 + rtc::rtcp_auth_tag_len(crypto_suite); rtc::Buffer rtcp_packet_buffer(packet_size); char* rtcp_packet_data = rtcp_packet_buffer.data(); memcpy(rtcp_packet_data, ::kRtcpReport, rtcp_len); @@ -216,45 +215,47 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> { } void TestSendRecvPacket(bool enable_external_auth, - int cs, + int crypto_suite, const uint8_t* key1, int key1_len, const uint8_t* key2, - int key2_len, - const std::string& cipher_suite_name) { + int key2_len) { EXPECT_EQ(key1_len, key2_len); - EXPECT_EQ(cipher_suite_name, rtc::SrtpCryptoSuiteToName(cs)); if (enable_external_auth) { srtp_transport1_->EnableExternalAuth(); srtp_transport2_->EnableExternalAuth(); } std::vector extension_ids; - EXPECT_TRUE(srtp_transport1_->SetRtpParams( - cs, key1, key1_len, extension_ids, cs, key2, key2_len, extension_ids)); - EXPECT_TRUE(srtp_transport2_->SetRtpParams( - cs, key2, key2_len, extension_ids, cs, key1, key1_len, extension_ids)); - EXPECT_TRUE(srtp_transport1_->SetRtcpParams( - cs, key1, key1_len, extension_ids, cs, key2, key2_len, extension_ids)); - EXPECT_TRUE(srtp_transport2_->SetRtcpParams( - cs, key2, key2_len, extension_ids, cs, key1, key1_len, extension_ids)); + EXPECT_TRUE(srtp_transport1_->SetRtpParams(crypto_suite, key1, key1_len, + extension_ids, crypto_suite, + key2, key2_len, extension_ids)); + EXPECT_TRUE(srtp_transport2_->SetRtpParams(crypto_suite, key2, key2_len, + extension_ids, crypto_suite, + key1, key1_len, extension_ids)); + EXPECT_TRUE(srtp_transport1_->SetRtcpParams(crypto_suite, key1, key1_len, + extension_ids, crypto_suite, + key2, key2_len, extension_ids)); + EXPECT_TRUE(srtp_transport2_->SetRtcpParams(crypto_suite, key2, key2_len, + extension_ids, crypto_suite, + key1, key1_len, extension_ids)); EXPECT_TRUE(srtp_transport1_->IsSrtpActive()); EXPECT_TRUE(srtp_transport2_->IsSrtpActive()); - if (rtc::IsGcmCryptoSuite(cs)) { + if (rtc::IsGcmCryptoSuite(crypto_suite)) { EXPECT_FALSE(srtp_transport1_->IsExternalAuthActive()); EXPECT_FALSE(srtp_transport2_->IsExternalAuthActive()); } else if (enable_external_auth) { EXPECT_TRUE(srtp_transport1_->IsExternalAuthActive()); EXPECT_TRUE(srtp_transport2_->IsExternalAuthActive()); } - TestSendRecvRtpPacket(cipher_suite_name); - TestSendRecvRtcpPacket(cipher_suite_name); + TestSendRecvRtpPacket(crypto_suite); + TestSendRecvRtcpPacket(crypto_suite); } void TestSendRecvPacketWithEncryptedHeaderExtension( - const std::string& cs, + int crypto_suite, const std::vector& encrypted_header_ids) { size_t rtp_len = sizeof(kPcmuFrameWithExtensions); - size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(cs); + size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(crypto_suite); rtc::Buffer rtp_packet_buffer(packet_size); char* rtp_packet_data = rtp_packet_buffer.data(); memcpy(rtp_packet_data, kPcmuFrameWithExtensions, rtp_len); @@ -307,29 +308,28 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> { original_rtp_data, rtp_len, encrypted_header_ids, false); } - void TestSendRecvEncryptedHeaderExtension(int cs, + void TestSendRecvEncryptedHeaderExtension(int crypto_suite, const uint8_t* key1, int key1_len, const uint8_t* key2, - int key2_len, - const std::string& cs_name) { + int key2_len) { std::vector encrypted_headers; encrypted_headers.push_back(kHeaderExtensionIDs[0]); // Don't encrypt header ids 2 and 3. encrypted_headers.push_back(kHeaderExtensionIDs[1]); EXPECT_EQ(key1_len, key2_len); - EXPECT_EQ(cs_name, rtc::SrtpCryptoSuiteToName(cs)); - EXPECT_TRUE(srtp_transport1_->SetRtpParams(cs, key1, key1_len, - encrypted_headers, cs, key2, - key2_len, encrypted_headers)); - EXPECT_TRUE(srtp_transport2_->SetRtpParams(cs, key2, key2_len, - encrypted_headers, cs, key1, - key1_len, encrypted_headers)); + EXPECT_TRUE(srtp_transport1_->SetRtpParams( + crypto_suite, key1, key1_len, encrypted_headers, crypto_suite, key2, + key2_len, encrypted_headers)); + EXPECT_TRUE(srtp_transport2_->SetRtpParams( + crypto_suite, key2, key2_len, encrypted_headers, crypto_suite, key1, + key1_len, encrypted_headers)); EXPECT_TRUE(srtp_transport1_->IsSrtpActive()); EXPECT_TRUE(srtp_transport2_->IsSrtpActive()); EXPECT_FALSE(srtp_transport1_->IsExternalAuthActive()); EXPECT_FALSE(srtp_transport2_->IsExternalAuthActive()); - TestSendRecvPacketWithEncryptedHeaderExtension(cs_name, encrypted_headers); + TestSendRecvPacketWithEncryptedHeaderExtension(crypto_suite, + encrypted_headers); } std::unique_ptr srtp_transport1_; @@ -353,30 +353,26 @@ TEST_P(SrtpTransportTestWithExternalAuth, SendAndRecvPacket_AES_CM_128_HMAC_SHA1_80) { bool enable_external_auth = GetParam(); TestSendRecvPacket(enable_external_auth, rtc::kSrtpAes128CmSha1_80, kTestKey1, - kTestKeyLen, kTestKey2, kTestKeyLen, - rtc::kCsAesCm128HmacSha1_80); + kTestKeyLen, kTestKey2, kTestKeyLen); } TEST_F(SrtpTransportTest, SendAndRecvPacketWithHeaderExtension_AES_CM_128_HMAC_SHA1_80) { TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAes128CmSha1_80, kTestKey1, - kTestKeyLen, kTestKey2, kTestKeyLen, - rtc::kCsAesCm128HmacSha1_80); + kTestKeyLen, kTestKey2, kTestKeyLen); } TEST_P(SrtpTransportTestWithExternalAuth, SendAndRecvPacket_AES_CM_128_HMAC_SHA1_32) { bool enable_external_auth = GetParam(); TestSendRecvPacket(enable_external_auth, rtc::kSrtpAes128CmSha1_32, kTestKey1, - kTestKeyLen, kTestKey2, kTestKeyLen, - rtc::kCsAesCm128HmacSha1_32); + kTestKeyLen, kTestKey2, kTestKeyLen); } TEST_F(SrtpTransportTest, SendAndRecvPacketWithHeaderExtension_AES_CM_128_HMAC_SHA1_32) { TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAes128CmSha1_32, kTestKey1, - kTestKeyLen, kTestKey2, kTestKeyLen, - rtc::kCsAesCm128HmacSha1_32); + kTestKeyLen, kTestKey2, kTestKeyLen); } TEST_P(SrtpTransportTestWithExternalAuth, @@ -384,14 +380,14 @@ TEST_P(SrtpTransportTestWithExternalAuth, bool enable_external_auth = GetParam(); TestSendRecvPacket(enable_external_auth, rtc::kSrtpAeadAes128Gcm, kTestKeyGcm128_1, kTestKeyGcm128Len, kTestKeyGcm128_2, - kTestKeyGcm128Len, rtc::kCsAeadAes128Gcm); + kTestKeyGcm128Len); } TEST_F(SrtpTransportTest, SendAndRecvPacketWithHeaderExtension_kSrtpAeadAes128Gcm) { - TestSendRecvEncryptedHeaderExtension( - rtc::kSrtpAeadAes128Gcm, kTestKeyGcm128_1, kTestKeyGcm128Len, - kTestKeyGcm128_2, kTestKeyGcm128Len, rtc::kCsAeadAes128Gcm); + TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAeadAes128Gcm, + kTestKeyGcm128_1, kTestKeyGcm128Len, + kTestKeyGcm128_2, kTestKeyGcm128Len); } TEST_P(SrtpTransportTestWithExternalAuth, @@ -399,14 +395,14 @@ TEST_P(SrtpTransportTestWithExternalAuth, bool enable_external_auth = GetParam(); TestSendRecvPacket(enable_external_auth, rtc::kSrtpAeadAes256Gcm, kTestKeyGcm256_1, kTestKeyGcm256Len, kTestKeyGcm256_2, - kTestKeyGcm256Len, rtc::kCsAeadAes256Gcm); + kTestKeyGcm256Len); } TEST_F(SrtpTransportTest, SendAndRecvPacketWithHeaderExtension_kSrtpAeadAes256Gcm) { - TestSendRecvEncryptedHeaderExtension( - rtc::kSrtpAeadAes256Gcm, kTestKeyGcm256_1, kTestKeyGcm256Len, - kTestKeyGcm256_2, kTestKeyGcm256Len, rtc::kCsAeadAes256Gcm); + TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAeadAes256Gcm, + kTestKeyGcm256_1, kTestKeyGcm256Len, + kTestKeyGcm256_2, kTestKeyGcm256Len); } // Run all tests both with and without external auth enabled. @@ -453,7 +449,7 @@ TEST_F(SrtpTransportTest, RemoveSrtpReceiveStream) { // Create a packet and try to send it three times. size_t rtp_len = sizeof(kPcmuFrame); - size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(rtc::kCsAeadAes128Gcm); + size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(rtc::kSrtpAeadAes128Gcm); rtc::Buffer rtp_packet_buffer(packet_size); char* rtp_packet_data = rtp_packet_buffer.data(); memcpy(rtp_packet_data, kPcmuFrame, rtp_len); diff --git a/pc/test/srtp_test_util.h b/pc/test/srtp_test_util.h index ae02310eba..6f74bf482b 100644 --- a/pc/test/srtp_test_util.h +++ b/pc/test/srtp_test_util.h @@ -11,32 +11,38 @@ #ifndef PC_TEST_SRTP_TEST_UTIL_H_ #define PC_TEST_SRTP_TEST_UTIL_H_ -#include +#include "rtc_base/ssl_stream_adapter.h" namespace rtc { -extern const char kCsAesCm128HmacSha1_32[]; -extern const char kCsAeadAes128Gcm[]; -extern const char kCsAeadAes256Gcm[]; - static const uint8_t kTestKey1[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234"; static const uint8_t kTestKey2[] = "4321ZYXWVUTSRQPONMLKJIHGFEDCBA"; static const int kTestKeyLen = 30; -static int rtp_auth_tag_len(const std::string& cs) { - if (cs == kCsAesCm128HmacSha1_32) { - return 4; - } else if (cs == kCsAeadAes128Gcm || cs == kCsAeadAes256Gcm) { - return 16; - } else { - return 10; +static int rtp_auth_tag_len(int crypto_suite) { + switch (crypto_suite) { + case kSrtpAes128CmSha1_32: + return 4; + case kSrtpAes128CmSha1_80: + return 10; + case kSrtpAeadAes128Gcm: + case kSrtpAeadAes256Gcm: + return 16; + default: + RTC_CHECK_NOTREACHED(); } } -static int rtcp_auth_tag_len(const std::string& cs) { - if (cs == kCsAeadAes128Gcm || cs == kCsAeadAes256Gcm) { - return 16; - } else { - return 10; + +static int rtcp_auth_tag_len(int crypto_suite) { + switch (crypto_suite) { + case kSrtpAes128CmSha1_32: + case kSrtpAes128CmSha1_80: + return 10; + case kSrtpAeadAes128Gcm: + case kSrtpAeadAes256Gcm: + return 16; + default: + RTC_CHECK_NOTREACHED(); } } diff --git a/rtc_base/openssl_stream_adapter.cc b/rtc_base/openssl_stream_adapter.cc index 28da5d4530..9b7858c238 100644 --- a/rtc_base/openssl_stream_adapter.cc +++ b/rtc_base/openssl_stream_adapter.cc @@ -17,17 +17,12 @@ #include #include -#include "absl/strings/string_view.h" -#ifndef OPENSSL_IS_BORINGSSL -#include -#include -#endif - #include #include #include #include +#include "absl/strings/string_view.h" #include "api/array_view.h" #include "rtc_base/checks.h" #include "rtc_base/logging.h" @@ -36,6 +31,9 @@ #include "rtc_base/openssl_adapter.h" #include "rtc_base/openssl_digest.h" #ifdef OPENSSL_IS_BORINGSSL +#include +#include + #include "rtc_base/boringssl_identity.h" #else #include "rtc_base/openssl_identity.h" diff --git a/rtc_base/ssl_stream_adapter.cc b/rtc_base/ssl_stream_adapter.cc index 931d0bf0b6..5fbe1c5376 100644 --- a/rtc_base/ssl_stream_adapter.cc +++ b/rtc_base/ssl_stream_adapter.cc @@ -14,44 +14,24 @@ #include "absl/strings/string_view.h" #include "rtc_base/openssl_stream_adapter.h" -/////////////////////////////////////////////////////////////////////////////// namespace rtc { -// TODO(guoweis): Move this to SDP layer and use int form internally. -// webrtc:5043. -const char kCsAesCm128HmacSha1_80[] = "AES_CM_128_HMAC_SHA1_80"; -const char kCsAesCm128HmacSha1_32[] = "AES_CM_128_HMAC_SHA1_32"; -const char kCsAeadAes128Gcm[] = "AEAD_AES_128_GCM"; -const char kCsAeadAes256Gcm[] = "AEAD_AES_256_GCM"; - std::string SrtpCryptoSuiteToName(int crypto_suite) { switch (crypto_suite) { - case kSrtpAes128CmSha1_32: - return kCsAesCm128HmacSha1_32; case kSrtpAes128CmSha1_80: - return kCsAesCm128HmacSha1_80; + return "AES_CM_128_HMAC_SHA1_80"; + case kSrtpAes128CmSha1_32: + return "AES_CM_128_HMAC_SHA1_32"; case kSrtpAeadAes128Gcm: - return kCsAeadAes128Gcm; + return "AEAD_AES_128_GCM"; case kSrtpAeadAes256Gcm: - return kCsAeadAes256Gcm; + return "AEAD_AES_256_GCM"; default: return std::string(); } } -int SrtpCryptoSuiteFromName(absl::string_view crypto_suite) { - if (crypto_suite == kCsAesCm128HmacSha1_32) - return kSrtpAes128CmSha1_32; - if (crypto_suite == kCsAesCm128HmacSha1_80) - return kSrtpAes128CmSha1_80; - if (crypto_suite == kCsAeadAes128Gcm) - return kSrtpAeadAes128Gcm; - if (crypto_suite == kCsAeadAes256Gcm) - return kSrtpAeadAes256Gcm; - return kSrtpInvalidCryptoSuite; -} - bool GetSrtpKeyAndSaltLengths(int crypto_suite, int* key_length, int* salt_length) { @@ -86,10 +66,6 @@ bool IsGcmCryptoSuite(int crypto_suite) { crypto_suite == kSrtpAeadAes128Gcm); } -bool IsGcmCryptoSuiteName(absl::string_view crypto_suite) { - return (crypto_suite == kCsAeadAes256Gcm || crypto_suite == kCsAeadAes128Gcm); -} - std::unique_ptr SSLStreamAdapter::Create( std::unique_ptr stream, absl::AnyInvocable handshake_error) { diff --git a/rtc_base/ssl_stream_adapter.h b/rtc_base/ssl_stream_adapter.h index bd69be77d1..6b590f8f71 100644 --- a/rtc_base/ssl_stream_adapter.h +++ b/rtc_base/ssl_stream_adapter.h @@ -43,24 +43,11 @@ constexpr int kSrtpCryptoSuiteMaxValue = 0xFFFF; constexpr int kSslSignatureAlgorithmUnknown = 0; constexpr int kSslSignatureAlgorithmMaxValue = 0xFFFF; -// Names of SRTP profiles listed above. -// 128-bit AES with 80-bit SHA-1 HMAC. -extern const char kCsAesCm128HmacSha1_80[]; -// 128-bit AES with 32-bit SHA-1 HMAC. -extern const char kCsAesCm128HmacSha1_32[]; -// 128-bit AES GCM with 16 byte AEAD auth tag. -extern const char kCsAeadAes128Gcm[]; -// 256-bit AES GCM with 16 byte AEAD auth tag. -extern const char kCsAeadAes256Gcm[]; - // Given the DTLS-SRTP protection profile ID, as defined in // https://tools.ietf.org/html/rfc4568#section-6.2 , return the SRTP profile // name, as defined in https://tools.ietf.org/html/rfc5764#section-4.1.2. std::string SrtpCryptoSuiteToName(int crypto_suite); -// The reverse of above conversion. -int SrtpCryptoSuiteFromName(absl::string_view crypto_suite); - // Get key length and salt length for given crypto suite. Returns true for // valid suites, otherwise false. bool GetSrtpKeyAndSaltLengths(int crypto_suite, @@ -70,9 +57,6 @@ bool GetSrtpKeyAndSaltLengths(int crypto_suite, // Returns true if the given crypto suite id uses a GCM cipher. bool IsGcmCryptoSuite(int crypto_suite); -// Returns true if the given crypto suite name uses a GCM cipher. -bool IsGcmCryptoSuiteName(absl::string_view crypto_suite); - // SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS. // After SSL has been started, the stream will only open on successful // SSL verification of certificates, and the communication is