From e4cccae299411193e0a0fdec9f58f4255429f95a Mon Sep 17 00:00:00 2001
From: Benjamin Wright <benwright@webrtc.org>
Date: Tue, 20 Nov 2018 13:02:37 -0800
Subject: [PATCH] Removed ability to set CryptoOptions through
 PeerConnectionFactory from bindings.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This change removes the ability to set CryptoOptions through the PeerConnection
Factory in both Java and IOS. Native will be removed after the Chromium change
lands. The semantics have been changed such that these options should only be
set on individual PeerConnections and not directly on the Factory itself. This
allows for more flexibility in setting CryptoOptions for PeerConnections which
are created as part of a factory.

Bug: webrtc:10020
Change-Id: I9ef3d431e728927b9ced5de6188cedeb2671254b
Reviewed-on: https://webrtc-review.googlesource.com/c/111560
Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#25736}
---
 .../api/org/webrtc/PeerConnectionFactory.java | 41 -------------------
 .../src/jni/pc/peerconnectionfactory.cc       | 13 ------
 .../RTCPeerConnectionFactoryOptions.h         |  6 ---
 .../RTCPeerConnectionFactoryOptions.mm        |  8 ----
 4 files changed, 68 deletions(-)

diff --git a/sdk/android/api/org/webrtc/PeerConnectionFactory.java b/sdk/android/api/org/webrtc/PeerConnectionFactory.java
index 41a00567c9..018fb76e85 100644
--- a/sdk/android/api/org/webrtc/PeerConnectionFactory.java
+++ b/sdk/android/api/org/webrtc/PeerConnectionFactory.java
@@ -124,29 +124,6 @@ public class PeerConnectionFactory {
     public boolean disableEncryption;
     public boolean disableNetworkMonitor;
 
-    // TODO(webrtc:9891) - The below crypto options are deprecated. Please use
-    // RTCConfiguration to set these options instead. They will be removed in
-    // a future release.
-    /**
-     * If set to true, the (potentially insecure) crypto cipher SRTP_AES128_CM_SHA1_32
-     * will be included in the list of supported ciphers during negotiation. It will only
-     * be used if both peers support it and no other ciphers get preferred.
-     */
-    public boolean enableAes128Sha1_32CryptoCipher;
-
-    /**
-     * Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used if both sides enable
-     * it.
-     */
-    public boolean enableGcmCryptoSuites;
-
-    /**
-     * If set all RtpSenders must have an FrameEncryptor attached to them before they are allowed to
-     * send packets. All RtpReceivers must have a FrameDecryptor attached to them before they are
-     * able to receive packets.
-     */
-    public boolean requireFrameEncryption;
-
     @CalledByNative("Options")
     int getNetworkIgnoreMask() {
       return networkIgnoreMask;
@@ -161,24 +138,6 @@ public class PeerConnectionFactory {
     boolean getDisableNetworkMonitor() {
       return disableNetworkMonitor;
     }
-
-    @Deprecated
-    @CalledByNative("Options")
-    boolean getEnableAes128Sha1_32CryptoCipher() {
-      return enableAes128Sha1_32CryptoCipher;
-    }
-
-    @Deprecated
-    @CalledByNative("Options")
-    boolean getEnableGcmCryptoSuites() {
-      return enableGcmCryptoSuites;
-    }
-
-    @Deprecated
-    @CalledByNative("Options")
-    boolean getRequireFrameEncryption() {
-      return requireFrameEncryption;
-    }
   }
 
   public static class Builder {
diff --git a/sdk/android/src/jni/pc/peerconnectionfactory.cc b/sdk/android/src/jni/pc/peerconnectionfactory.cc
index 486ea73d16..c2b8b9c5d7 100644
--- a/sdk/android/src/jni/pc/peerconnectionfactory.cc
+++ b/sdk/android/src/jni/pc/peerconnectionfactory.cc
@@ -50,12 +50,6 @@ JavaToNativePeerConnectionFactoryOptions(JNIEnv* jni,
   bool disable_encryption = Java_Options_getDisableEncryption(jni, options);
   bool disable_network_monitor =
       Java_Options_getDisableNetworkMonitor(jni, options);
-  bool enable_aes128_sha1_32_crypto_cipher =
-      Java_Options_getEnableAes128Sha1_32CryptoCipher(jni, options);
-  bool enable_gcm_crypto_suites =
-      Java_Options_getEnableGcmCryptoSuites(jni, options);
-  bool require_frame_encryption =
-      Java_Options_getRequireFrameEncryption(jni, options);
 
   PeerConnectionFactoryInterface::Options native_options;
 
@@ -65,13 +59,6 @@ JavaToNativePeerConnectionFactoryOptions(JNIEnv* jni,
   native_options.disable_encryption = disable_encryption;
   native_options.disable_network_monitor = disable_network_monitor;
 
-  native_options.crypto_options.srtp.enable_aes128_sha1_32_crypto_cipher =
-      enable_aes128_sha1_32_crypto_cipher;
-  native_options.crypto_options.srtp.enable_gcm_crypto_suites =
-      enable_gcm_crypto_suites;
-  native_options.crypto_options.sframe.require_frame_encryption =
-      require_frame_encryption;
-
   return native_options;
 }
 
diff --git a/sdk/objc/api/peerconnection/RTCPeerConnectionFactoryOptions.h b/sdk/objc/api/peerconnection/RTCPeerConnectionFactoryOptions.h
index fb65512c0c..4bec8695bd 100644
--- a/sdk/objc/api/peerconnection/RTCPeerConnectionFactoryOptions.h
+++ b/sdk/objc/api/peerconnection/RTCPeerConnectionFactoryOptions.h
@@ -31,12 +31,6 @@ RTC_OBJC_EXPORT
 
 @property(nonatomic, assign) BOOL ignoreEthernetNetworkAdapter;
 
-@property(nonatomic, assign) BOOL enableAes128Sha1_32CryptoCipher;
-
-@property(nonatomic, assign) BOOL enableGcmCryptoSuites;
-
-@property(nonatomic, assign) BOOL requireFrameEncryption;
-
 - (instancetype)init NS_DESIGNATED_INITIALIZER;
 
 @end
diff --git a/sdk/objc/api/peerconnection/RTCPeerConnectionFactoryOptions.mm b/sdk/objc/api/peerconnection/RTCPeerConnectionFactoryOptions.mm
index 743cb4da09..f0cc6a6c81 100644
--- a/sdk/objc/api/peerconnection/RTCPeerConnectionFactoryOptions.mm
+++ b/sdk/objc/api/peerconnection/RTCPeerConnectionFactoryOptions.mm
@@ -34,9 +34,6 @@ void setNetworkBit(webrtc::PeerConnectionFactoryInterface::Options* options,
 @synthesize ignoreCellularNetworkAdapter = _ignoreCellularNetworkAdapter;
 @synthesize ignoreWiFiNetworkAdapter = _ignoreWiFiNetworkAdapter;
 @synthesize ignoreEthernetNetworkAdapter = _ignoreEthernetNetworkAdapter;
-@synthesize enableAes128Sha1_32CryptoCipher = _enableAes128Sha1_32CryptoCipher;
-@synthesize enableGcmCryptoSuites = _enableGcmCryptoSuites;
-@synthesize requireFrameEncryption = _requireFrameEncryption;
 
 - (instancetype)init {
   return [super init];
@@ -53,11 +50,6 @@ void setNetworkBit(webrtc::PeerConnectionFactoryInterface::Options* options,
   setNetworkBit(&options, rtc::ADAPTER_TYPE_WIFI, self.ignoreWiFiNetworkAdapter);
   setNetworkBit(&options, rtc::ADAPTER_TYPE_ETHERNET, self.ignoreEthernetNetworkAdapter);
 
-  options.crypto_options.srtp.enable_aes128_sha1_32_crypto_cipher =
-      self.enableAes128Sha1_32CryptoCipher;
-  options.crypto_options.srtp.enable_gcm_crypto_suites = self.enableGcmCryptoSuites;
-  options.crypto_options.sframe.require_frame_encryption = self.requireFrameEncryption;
-
   return options;
 }