1 /*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11 #include "rtc_base/ssl_stream_adapter.h"
12
13 #include "absl/memory/memory.h"
14 #include "rtc_base/openssl_stream_adapter.h"
15
16 ///////////////////////////////////////////////////////////////////////////////
17
18 namespace rtc {
19
20 // TODO(guoweis): Move this to SDP layer and use int form internally.
21 // webrtc:5043.
22 const char CS_AES_CM_128_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80";
23 const char CS_AES_CM_128_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32";
24 const char CS_AEAD_AES_128_GCM[] = "AEAD_AES_128_GCM";
25 const char CS_AEAD_AES_256_GCM[] = "AEAD_AES_256_GCM";
26
SrtpCryptoSuiteToName(int crypto_suite)27 std::string SrtpCryptoSuiteToName(int crypto_suite) {
28 switch (crypto_suite) {
29 case SRTP_AES128_CM_SHA1_32:
30 return CS_AES_CM_128_HMAC_SHA1_32;
31 case SRTP_AES128_CM_SHA1_80:
32 return CS_AES_CM_128_HMAC_SHA1_80;
33 case SRTP_AEAD_AES_128_GCM:
34 return CS_AEAD_AES_128_GCM;
35 case SRTP_AEAD_AES_256_GCM:
36 return CS_AEAD_AES_256_GCM;
37 default:
38 return std::string();
39 }
40 }
41
SrtpCryptoSuiteFromName(const std::string & crypto_suite)42 int SrtpCryptoSuiteFromName(const std::string& crypto_suite) {
43 if (crypto_suite == CS_AES_CM_128_HMAC_SHA1_32)
44 return SRTP_AES128_CM_SHA1_32;
45 if (crypto_suite == CS_AES_CM_128_HMAC_SHA1_80)
46 return SRTP_AES128_CM_SHA1_80;
47 if (crypto_suite == CS_AEAD_AES_128_GCM)
48 return SRTP_AEAD_AES_128_GCM;
49 if (crypto_suite == CS_AEAD_AES_256_GCM)
50 return SRTP_AEAD_AES_256_GCM;
51 return SRTP_INVALID_CRYPTO_SUITE;
52 }
53
GetSrtpKeyAndSaltLengths(int crypto_suite,int * key_length,int * salt_length)54 bool GetSrtpKeyAndSaltLengths(int crypto_suite,
55 int* key_length,
56 int* salt_length) {
57 switch (crypto_suite) {
58 case SRTP_AES128_CM_SHA1_32:
59 case SRTP_AES128_CM_SHA1_80:
60 // SRTP_AES128_CM_HMAC_SHA1_32 and SRTP_AES128_CM_HMAC_SHA1_80 are defined
61 // in RFC 5764 to use a 128 bits key and 112 bits salt for the cipher.
62 *key_length = 16;
63 *salt_length = 14;
64 break;
65 case SRTP_AEAD_AES_128_GCM:
66 // SRTP_AEAD_AES_128_GCM is defined in RFC 7714 to use a 128 bits key and
67 // a 96 bits salt for the cipher.
68 *key_length = 16;
69 *salt_length = 12;
70 break;
71 case SRTP_AEAD_AES_256_GCM:
72 // SRTP_AEAD_AES_256_GCM is defined in RFC 7714 to use a 256 bits key and
73 // a 96 bits salt for the cipher.
74 *key_length = 32;
75 *salt_length = 12;
76 break;
77 default:
78 return false;
79 }
80 return true;
81 }
82
IsGcmCryptoSuite(int crypto_suite)83 bool IsGcmCryptoSuite(int crypto_suite) {
84 return (crypto_suite == SRTP_AEAD_AES_256_GCM ||
85 crypto_suite == SRTP_AEAD_AES_128_GCM);
86 }
87
IsGcmCryptoSuiteName(const std::string & crypto_suite)88 bool IsGcmCryptoSuiteName(const std::string& crypto_suite) {
89 return (crypto_suite == CS_AEAD_AES_256_GCM ||
90 crypto_suite == CS_AEAD_AES_128_GCM);
91 }
92
Create(std::unique_ptr<StreamInterface> stream)93 std::unique_ptr<SSLStreamAdapter> SSLStreamAdapter::Create(
94 std::unique_ptr<StreamInterface> stream) {
95 return std::make_unique<OpenSSLStreamAdapter>(std::move(stream));
96 }
97
SSLStreamAdapter(std::unique_ptr<StreamInterface> stream)98 SSLStreamAdapter::SSLStreamAdapter(std::unique_ptr<StreamInterface> stream)
99 : StreamAdapterInterface(stream.release()) {}
100
~SSLStreamAdapter()101 SSLStreamAdapter::~SSLStreamAdapter() {}
102
GetSslCipherSuite(int * cipher_suite)103 bool SSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) {
104 return false;
105 }
106
ExportKeyingMaterial(const std::string & label,const uint8_t * context,size_t context_len,bool use_context,uint8_t * result,size_t result_len)107 bool SSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
108 const uint8_t* context,
109 size_t context_len,
110 bool use_context,
111 uint8_t* result,
112 size_t result_len) {
113 return false; // Default is unsupported
114 }
115
SetDtlsSrtpCryptoSuites(const std::vector<int> & crypto_suites)116 bool SSLStreamAdapter::SetDtlsSrtpCryptoSuites(
117 const std::vector<int>& crypto_suites) {
118 return false;
119 }
120
GetDtlsSrtpCryptoSuite(int * crypto_suite)121 bool SSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
122 return false;
123 }
124
IsBoringSsl()125 bool SSLStreamAdapter::IsBoringSsl() {
126 return OpenSSLStreamAdapter::IsBoringSsl();
127 }
IsAcceptableCipher(int cipher,KeyType key_type)128 bool SSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) {
129 return OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type);
130 }
IsAcceptableCipher(const std::string & cipher,KeyType key_type)131 bool SSLStreamAdapter::IsAcceptableCipher(const std::string& cipher,
132 KeyType key_type) {
133 return OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type);
134 }
SslCipherSuiteToName(int cipher_suite)135 std::string SSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
136 return OpenSSLStreamAdapter::SslCipherSuiteToName(cipher_suite);
137 }
138
139 ///////////////////////////////////////////////////////////////////////////////
140 // Test only settings
141 ///////////////////////////////////////////////////////////////////////////////
142
EnableTimeCallbackForTesting()143 void SSLStreamAdapter::EnableTimeCallbackForTesting() {
144 OpenSSLStreamAdapter::EnableTimeCallbackForTesting();
145 }
146
147 ///////////////////////////////////////////////////////////////////////////////
148
149 } // namespace rtc
150