mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-23 21:01:08 +00:00
Bug 1912989 - Vendor libwebrtc from db519e75b7
Upstream commit: https://webrtc.googlesource.com/src/+/db519e75b7e14f7f090e7cb11c966997f6ae5704 Reland "Clean up SRTP helper functions" This is a reland of commit c47f649e67cdcd27842aa370c693154b67e66116 Original change's description: > Clean up SRTP helper functions > > BUG=None > > Change-Id: If1df1828a09aef2e335c028cf4425c9507906aac > Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/354649 > Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org> > Reviewed-by: Harald Alvestrand <hta@webrtc.org> > Commit-Queue: Philipp Hancke <phancke@meta.com> > Cr-Commit-Position: refs/heads/main@{#42525} Bug: None Change-Id: Ib98842407b1c15b4e4b72a3ce2f0833f07f60da6 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/355540 Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org> Commit-Queue: Philipp Hancke <phancke@meta.com> Reviewed-by: Harald Alvestrand <hta@webrtc.org> Reviewed-by: Björn Terelius <terelius@webrtc.org> Cr-Commit-Position: refs/heads/main@{#42603}
This commit is contained in:
parent
d5d73b02a3
commit
279dbca5f4
3
third_party/libwebrtc/README.moz-ff-commit
vendored
3
third_party/libwebrtc/README.moz-ff-commit
vendored
@ -31584,3 +31584,6 @@ b43cd86e64
|
||||
# MOZ_LIBWEBRTC_SRC=/Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc MOZ_LIBWEBRTC_BRANCH=mozpatches bash dom/media/webrtc/third_party_build/fast-forward-libwebrtc.sh
|
||||
# base of lastest vendoring
|
||||
0849764539
|
||||
# MOZ_LIBWEBRTC_SRC=/Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc MOZ_LIBWEBRTC_BRANCH=mozpatches bash dom/media/webrtc/third_party_build/fast-forward-libwebrtc.sh
|
||||
# base of lastest vendoring
|
||||
db519e75b7
|
||||
|
2
third_party/libwebrtc/README.mozilla
vendored
2
third_party/libwebrtc/README.mozilla
vendored
@ -21080,3 +21080,5 @@ libwebrtc updated from /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc co
|
||||
libwebrtc updated from /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc commit mozpatches on 2024-08-27T23:07:35.164937.
|
||||
# ./mach python dom/media/webrtc/third_party_build/vendor-libwebrtc.py --from-local /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc --commit mozpatches libwebrtc
|
||||
libwebrtc updated from /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc commit mozpatches on 2024-08-27T23:09:31.255563.
|
||||
# ./mach python dom/media/webrtc/third_party_build/vendor-libwebrtc.py --from-local /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc --commit mozpatches libwebrtc
|
||||
libwebrtc updated from /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc commit mozpatches on 2024-08-27T23:12:56.766964.
|
||||
|
@ -52,10 +52,6 @@
|
||||
namespace cricket {
|
||||
namespace {
|
||||
|
||||
using ::rtc::kCsAeadAes128Gcm;
|
||||
using ::rtc::kCsAeadAes256Gcm;
|
||||
using ::rtc::kCsAesCm128HmacSha1_32;
|
||||
using ::rtc::kCsAesCm128HmacSha1_80;
|
||||
using ::rtc::UniqueRandomIdGenerator;
|
||||
using ::testing::Bool;
|
||||
using ::testing::Combine;
|
||||
|
@ -44,29 +44,30 @@ class SrtpSessionTest : public ::testing::Test {
|
||||
memcpy(rtp_packet_, kPcmuFrame, rtp_len_);
|
||||
memcpy(rtcp_packet_, kRtcpReport, rtcp_len_);
|
||||
}
|
||||
void TestProtectRtp(const std::string& cs) {
|
||||
void TestProtectRtp(int crypto_suite) {
|
||||
int out_len = 0;
|
||||
EXPECT_TRUE(
|
||||
s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
|
||||
EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(cs));
|
||||
EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(crypto_suite));
|
||||
EXPECT_NE(0, memcmp(rtp_packet_, kPcmuFrame, rtp_len_));
|
||||
rtp_len_ = out_len;
|
||||
}
|
||||
void TestProtectRtcp(const std::string& cs) {
|
||||
void TestProtectRtcp(int crypto_suite) {
|
||||
int out_len = 0;
|
||||
EXPECT_TRUE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_, sizeof(rtcp_packet_),
|
||||
&out_len));
|
||||
EXPECT_EQ(out_len, rtcp_len_ + 4 + rtcp_auth_tag_len(cs)); // NOLINT
|
||||
EXPECT_EQ(out_len,
|
||||
rtcp_len_ + 4 + rtcp_auth_tag_len(crypto_suite)); // NOLINT
|
||||
EXPECT_NE(0, memcmp(rtcp_packet_, kRtcpReport, rtcp_len_));
|
||||
rtcp_len_ = out_len;
|
||||
}
|
||||
void TestUnprotectRtp(const std::string& cs) {
|
||||
void TestUnprotectRtp(int crypto_suite) {
|
||||
int out_len = 0, expected_len = sizeof(kPcmuFrame);
|
||||
EXPECT_TRUE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
|
||||
EXPECT_EQ(expected_len, out_len);
|
||||
EXPECT_EQ(0, memcmp(rtp_packet_, kPcmuFrame, out_len));
|
||||
}
|
||||
void TestUnprotectRtcp(const std::string& cs) {
|
||||
void TestUnprotectRtcp(int crypto_suite) {
|
||||
int out_len = 0, expected_len = sizeof(kRtcpReport);
|
||||
EXPECT_TRUE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
|
||||
EXPECT_EQ(expected_len, out_len);
|
||||
@ -115,10 +116,10 @@ TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_80) {
|
||||
kEncryptedHeaderExtensionIds));
|
||||
EXPECT_TRUE(s2_.SetRecv(kSrtpAes128CmSha1_80, kTestKey1, kTestKeyLen,
|
||||
kEncryptedHeaderExtensionIds));
|
||||
TestProtectRtp(kCsAesCm128HmacSha1_80);
|
||||
TestProtectRtcp(kCsAesCm128HmacSha1_80);
|
||||
TestUnprotectRtp(kCsAesCm128HmacSha1_80);
|
||||
TestUnprotectRtcp(kCsAesCm128HmacSha1_80);
|
||||
TestProtectRtp(kSrtpAes128CmSha1_80);
|
||||
TestProtectRtcp(kSrtpAes128CmSha1_80);
|
||||
TestUnprotectRtp(kSrtpAes128CmSha1_80);
|
||||
TestUnprotectRtcp(kSrtpAes128CmSha1_80);
|
||||
}
|
||||
|
||||
// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_32.
|
||||
@ -127,10 +128,10 @@ TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_32) {
|
||||
kEncryptedHeaderExtensionIds));
|
||||
EXPECT_TRUE(s2_.SetRecv(kSrtpAes128CmSha1_32, kTestKey1, kTestKeyLen,
|
||||
kEncryptedHeaderExtensionIds));
|
||||
TestProtectRtp(kCsAesCm128HmacSha1_32);
|
||||
TestProtectRtcp(kCsAesCm128HmacSha1_32);
|
||||
TestUnprotectRtp(kCsAesCm128HmacSha1_32);
|
||||
TestUnprotectRtcp(kCsAesCm128HmacSha1_32);
|
||||
TestProtectRtp(kSrtpAes128CmSha1_32);
|
||||
TestProtectRtcp(kSrtpAes128CmSha1_32);
|
||||
TestUnprotectRtp(kSrtpAes128CmSha1_32);
|
||||
TestUnprotectRtcp(kSrtpAes128CmSha1_32);
|
||||
}
|
||||
|
||||
TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) {
|
||||
@ -152,8 +153,8 @@ TEST_F(SrtpSessionTest, TestTamperReject) {
|
||||
kEncryptedHeaderExtensionIds));
|
||||
EXPECT_TRUE(s2_.SetRecv(kSrtpAes128CmSha1_80, kTestKey1, kTestKeyLen,
|
||||
kEncryptedHeaderExtensionIds));
|
||||
TestProtectRtp(kCsAesCm128HmacSha1_80);
|
||||
TestProtectRtcp(kCsAesCm128HmacSha1_80);
|
||||
TestProtectRtp(kSrtpAes128CmSha1_80);
|
||||
TestProtectRtcp(kSrtpAes128CmSha1_80);
|
||||
rtp_packet_[0] = 0x12;
|
||||
rtcp_packet_[1] = 0x34;
|
||||
EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
|
||||
|
104
third_party/libwebrtc/pc/srtp_transport_unittest.cc
vendored
104
third_party/libwebrtc/pc/srtp_transport_unittest.cc
vendored
@ -98,10 +98,10 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> {
|
||||
// unprotect would fail. Check accessing the information about the
|
||||
// tag instead, similar to what the actual code would do that relies
|
||||
// on external auth.
|
||||
void TestRtpAuthParams(SrtpTransport* transport, const std::string& cs) {
|
||||
void TestRtpAuthParams(SrtpTransport* transport, int crypto_suite) {
|
||||
int overhead;
|
||||
EXPECT_TRUE(transport->GetSrtpOverhead(&overhead));
|
||||
switch (rtc::SrtpCryptoSuiteFromName(cs)) {
|
||||
switch (crypto_suite) {
|
||||
case rtc::kSrtpAes128CmSha1_32:
|
||||
EXPECT_EQ(32 / 8, overhead); // 32-bit tag.
|
||||
break;
|
||||
@ -122,9 +122,9 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> {
|
||||
EXPECT_EQ(overhead, tag_len);
|
||||
}
|
||||
|
||||
void TestSendRecvRtpPacket(const std::string& cipher_suite_name) {
|
||||
void TestSendRecvRtpPacket(int crypto_suite) {
|
||||
size_t rtp_len = sizeof(kPcmuFrame);
|
||||
size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(cipher_suite_name);
|
||||
size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(crypto_suite);
|
||||
rtc::Buffer rtp_packet_buffer(packet_size);
|
||||
char* rtp_packet_data = rtp_packet_buffer.data<char>();
|
||||
memcpy(rtp_packet_data, kPcmuFrame, rtp_len);
|
||||
@ -146,7 +146,7 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> {
|
||||
ASSERT_TRUE(srtp_transport1_->SendRtpPacket(&rtp_packet1to2, options,
|
||||
cricket::PF_SRTP_BYPASS));
|
||||
if (srtp_transport1_->IsExternalAuthActive()) {
|
||||
TestRtpAuthParams(srtp_transport1_.get(), cipher_suite_name);
|
||||
TestRtpAuthParams(srtp_transport1_.get(), crypto_suite);
|
||||
} else {
|
||||
ASSERT_TRUE(rtp_sink2_.last_recv_rtp_packet().data());
|
||||
EXPECT_EQ(0, memcmp(rtp_sink2_.last_recv_rtp_packet().data(),
|
||||
@ -163,7 +163,7 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> {
|
||||
ASSERT_TRUE(srtp_transport2_->SendRtpPacket(&rtp_packet2to1, options,
|
||||
cricket::PF_SRTP_BYPASS));
|
||||
if (srtp_transport2_->IsExternalAuthActive()) {
|
||||
TestRtpAuthParams(srtp_transport2_.get(), cipher_suite_name);
|
||||
TestRtpAuthParams(srtp_transport2_.get(), crypto_suite);
|
||||
} else {
|
||||
ASSERT_TRUE(rtp_sink1_.last_recv_rtp_packet().data());
|
||||
EXPECT_EQ(0, memcmp(rtp_sink1_.last_recv_rtp_packet().data(),
|
||||
@ -175,10 +175,9 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> {
|
||||
}
|
||||
}
|
||||
|
||||
void TestSendRecvRtcpPacket(const std::string& cipher_suite_name) {
|
||||
void TestSendRecvRtcpPacket(int crypto_suite) {
|
||||
size_t rtcp_len = sizeof(::kRtcpReport);
|
||||
size_t packet_size =
|
||||
rtcp_len + 4 + rtc::rtcp_auth_tag_len(cipher_suite_name);
|
||||
size_t packet_size = rtcp_len + 4 + rtc::rtcp_auth_tag_len(crypto_suite);
|
||||
rtc::Buffer rtcp_packet_buffer(packet_size);
|
||||
char* rtcp_packet_data = rtcp_packet_buffer.data<char>();
|
||||
memcpy(rtcp_packet_data, ::kRtcpReport, rtcp_len);
|
||||
@ -216,45 +215,47 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> {
|
||||
}
|
||||
|
||||
void TestSendRecvPacket(bool enable_external_auth,
|
||||
int cs,
|
||||
int crypto_suite,
|
||||
const uint8_t* key1,
|
||||
int key1_len,
|
||||
const uint8_t* key2,
|
||||
int key2_len,
|
||||
const std::string& cipher_suite_name) {
|
||||
int key2_len) {
|
||||
EXPECT_EQ(key1_len, key2_len);
|
||||
EXPECT_EQ(cipher_suite_name, rtc::SrtpCryptoSuiteToName(cs));
|
||||
if (enable_external_auth) {
|
||||
srtp_transport1_->EnableExternalAuth();
|
||||
srtp_transport2_->EnableExternalAuth();
|
||||
}
|
||||
std::vector<int> extension_ids;
|
||||
EXPECT_TRUE(srtp_transport1_->SetRtpParams(
|
||||
cs, key1, key1_len, extension_ids, cs, key2, key2_len, extension_ids));
|
||||
EXPECT_TRUE(srtp_transport2_->SetRtpParams(
|
||||
cs, key2, key2_len, extension_ids, cs, key1, key1_len, extension_ids));
|
||||
EXPECT_TRUE(srtp_transport1_->SetRtcpParams(
|
||||
cs, key1, key1_len, extension_ids, cs, key2, key2_len, extension_ids));
|
||||
EXPECT_TRUE(srtp_transport2_->SetRtcpParams(
|
||||
cs, key2, key2_len, extension_ids, cs, key1, key1_len, extension_ids));
|
||||
EXPECT_TRUE(srtp_transport1_->SetRtpParams(crypto_suite, key1, key1_len,
|
||||
extension_ids, crypto_suite,
|
||||
key2, key2_len, extension_ids));
|
||||
EXPECT_TRUE(srtp_transport2_->SetRtpParams(crypto_suite, key2, key2_len,
|
||||
extension_ids, crypto_suite,
|
||||
key1, key1_len, extension_ids));
|
||||
EXPECT_TRUE(srtp_transport1_->SetRtcpParams(crypto_suite, key1, key1_len,
|
||||
extension_ids, crypto_suite,
|
||||
key2, key2_len, extension_ids));
|
||||
EXPECT_TRUE(srtp_transport2_->SetRtcpParams(crypto_suite, key2, key2_len,
|
||||
extension_ids, crypto_suite,
|
||||
key1, key1_len, extension_ids));
|
||||
EXPECT_TRUE(srtp_transport1_->IsSrtpActive());
|
||||
EXPECT_TRUE(srtp_transport2_->IsSrtpActive());
|
||||
if (rtc::IsGcmCryptoSuite(cs)) {
|
||||
if (rtc::IsGcmCryptoSuite(crypto_suite)) {
|
||||
EXPECT_FALSE(srtp_transport1_->IsExternalAuthActive());
|
||||
EXPECT_FALSE(srtp_transport2_->IsExternalAuthActive());
|
||||
} else if (enable_external_auth) {
|
||||
EXPECT_TRUE(srtp_transport1_->IsExternalAuthActive());
|
||||
EXPECT_TRUE(srtp_transport2_->IsExternalAuthActive());
|
||||
}
|
||||
TestSendRecvRtpPacket(cipher_suite_name);
|
||||
TestSendRecvRtcpPacket(cipher_suite_name);
|
||||
TestSendRecvRtpPacket(crypto_suite);
|
||||
TestSendRecvRtcpPacket(crypto_suite);
|
||||
}
|
||||
|
||||
void TestSendRecvPacketWithEncryptedHeaderExtension(
|
||||
const std::string& cs,
|
||||
int crypto_suite,
|
||||
const std::vector<int>& encrypted_header_ids) {
|
||||
size_t rtp_len = sizeof(kPcmuFrameWithExtensions);
|
||||
size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(cs);
|
||||
size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(crypto_suite);
|
||||
rtc::Buffer rtp_packet_buffer(packet_size);
|
||||
char* rtp_packet_data = rtp_packet_buffer.data<char>();
|
||||
memcpy(rtp_packet_data, kPcmuFrameWithExtensions, rtp_len);
|
||||
@ -307,29 +308,28 @@ class SrtpTransportTest : public ::testing::Test, public sigslot::has_slots<> {
|
||||
original_rtp_data, rtp_len, encrypted_header_ids, false);
|
||||
}
|
||||
|
||||
void TestSendRecvEncryptedHeaderExtension(int cs,
|
||||
void TestSendRecvEncryptedHeaderExtension(int crypto_suite,
|
||||
const uint8_t* key1,
|
||||
int key1_len,
|
||||
const uint8_t* key2,
|
||||
int key2_len,
|
||||
const std::string& cs_name) {
|
||||
int key2_len) {
|
||||
std::vector<int> encrypted_headers;
|
||||
encrypted_headers.push_back(kHeaderExtensionIDs[0]);
|
||||
// Don't encrypt header ids 2 and 3.
|
||||
encrypted_headers.push_back(kHeaderExtensionIDs[1]);
|
||||
EXPECT_EQ(key1_len, key2_len);
|
||||
EXPECT_EQ(cs_name, rtc::SrtpCryptoSuiteToName(cs));
|
||||
EXPECT_TRUE(srtp_transport1_->SetRtpParams(cs, key1, key1_len,
|
||||
encrypted_headers, cs, key2,
|
||||
key2_len, encrypted_headers));
|
||||
EXPECT_TRUE(srtp_transport2_->SetRtpParams(cs, key2, key2_len,
|
||||
encrypted_headers, cs, key1,
|
||||
key1_len, encrypted_headers));
|
||||
EXPECT_TRUE(srtp_transport1_->SetRtpParams(
|
||||
crypto_suite, key1, key1_len, encrypted_headers, crypto_suite, key2,
|
||||
key2_len, encrypted_headers));
|
||||
EXPECT_TRUE(srtp_transport2_->SetRtpParams(
|
||||
crypto_suite, key2, key2_len, encrypted_headers, crypto_suite, key1,
|
||||
key1_len, encrypted_headers));
|
||||
EXPECT_TRUE(srtp_transport1_->IsSrtpActive());
|
||||
EXPECT_TRUE(srtp_transport2_->IsSrtpActive());
|
||||
EXPECT_FALSE(srtp_transport1_->IsExternalAuthActive());
|
||||
EXPECT_FALSE(srtp_transport2_->IsExternalAuthActive());
|
||||
TestSendRecvPacketWithEncryptedHeaderExtension(cs_name, encrypted_headers);
|
||||
TestSendRecvPacketWithEncryptedHeaderExtension(crypto_suite,
|
||||
encrypted_headers);
|
||||
}
|
||||
|
||||
std::unique_ptr<SrtpTransport> srtp_transport1_;
|
||||
@ -353,30 +353,26 @@ TEST_P(SrtpTransportTestWithExternalAuth,
|
||||
SendAndRecvPacket_AES_CM_128_HMAC_SHA1_80) {
|
||||
bool enable_external_auth = GetParam();
|
||||
TestSendRecvPacket(enable_external_auth, rtc::kSrtpAes128CmSha1_80, kTestKey1,
|
||||
kTestKeyLen, kTestKey2, kTestKeyLen,
|
||||
rtc::kCsAesCm128HmacSha1_80);
|
||||
kTestKeyLen, kTestKey2, kTestKeyLen);
|
||||
}
|
||||
|
||||
TEST_F(SrtpTransportTest,
|
||||
SendAndRecvPacketWithHeaderExtension_AES_CM_128_HMAC_SHA1_80) {
|
||||
TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAes128CmSha1_80, kTestKey1,
|
||||
kTestKeyLen, kTestKey2, kTestKeyLen,
|
||||
rtc::kCsAesCm128HmacSha1_80);
|
||||
kTestKeyLen, kTestKey2, kTestKeyLen);
|
||||
}
|
||||
|
||||
TEST_P(SrtpTransportTestWithExternalAuth,
|
||||
SendAndRecvPacket_AES_CM_128_HMAC_SHA1_32) {
|
||||
bool enable_external_auth = GetParam();
|
||||
TestSendRecvPacket(enable_external_auth, rtc::kSrtpAes128CmSha1_32, kTestKey1,
|
||||
kTestKeyLen, kTestKey2, kTestKeyLen,
|
||||
rtc::kCsAesCm128HmacSha1_32);
|
||||
kTestKeyLen, kTestKey2, kTestKeyLen);
|
||||
}
|
||||
|
||||
TEST_F(SrtpTransportTest,
|
||||
SendAndRecvPacketWithHeaderExtension_AES_CM_128_HMAC_SHA1_32) {
|
||||
TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAes128CmSha1_32, kTestKey1,
|
||||
kTestKeyLen, kTestKey2, kTestKeyLen,
|
||||
rtc::kCsAesCm128HmacSha1_32);
|
||||
kTestKeyLen, kTestKey2, kTestKeyLen);
|
||||
}
|
||||
|
||||
TEST_P(SrtpTransportTestWithExternalAuth,
|
||||
@ -384,14 +380,14 @@ TEST_P(SrtpTransportTestWithExternalAuth,
|
||||
bool enable_external_auth = GetParam();
|
||||
TestSendRecvPacket(enable_external_auth, rtc::kSrtpAeadAes128Gcm,
|
||||
kTestKeyGcm128_1, kTestKeyGcm128Len, kTestKeyGcm128_2,
|
||||
kTestKeyGcm128Len, rtc::kCsAeadAes128Gcm);
|
||||
kTestKeyGcm128Len);
|
||||
}
|
||||
|
||||
TEST_F(SrtpTransportTest,
|
||||
SendAndRecvPacketWithHeaderExtension_kSrtpAeadAes128Gcm) {
|
||||
TestSendRecvEncryptedHeaderExtension(
|
||||
rtc::kSrtpAeadAes128Gcm, kTestKeyGcm128_1, kTestKeyGcm128Len,
|
||||
kTestKeyGcm128_2, kTestKeyGcm128Len, rtc::kCsAeadAes128Gcm);
|
||||
TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAeadAes128Gcm,
|
||||
kTestKeyGcm128_1, kTestKeyGcm128Len,
|
||||
kTestKeyGcm128_2, kTestKeyGcm128Len);
|
||||
}
|
||||
|
||||
TEST_P(SrtpTransportTestWithExternalAuth,
|
||||
@ -399,14 +395,14 @@ TEST_P(SrtpTransportTestWithExternalAuth,
|
||||
bool enable_external_auth = GetParam();
|
||||
TestSendRecvPacket(enable_external_auth, rtc::kSrtpAeadAes256Gcm,
|
||||
kTestKeyGcm256_1, kTestKeyGcm256Len, kTestKeyGcm256_2,
|
||||
kTestKeyGcm256Len, rtc::kCsAeadAes256Gcm);
|
||||
kTestKeyGcm256Len);
|
||||
}
|
||||
|
||||
TEST_F(SrtpTransportTest,
|
||||
SendAndRecvPacketWithHeaderExtension_kSrtpAeadAes256Gcm) {
|
||||
TestSendRecvEncryptedHeaderExtension(
|
||||
rtc::kSrtpAeadAes256Gcm, kTestKeyGcm256_1, kTestKeyGcm256Len,
|
||||
kTestKeyGcm256_2, kTestKeyGcm256Len, rtc::kCsAeadAes256Gcm);
|
||||
TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAeadAes256Gcm,
|
||||
kTestKeyGcm256_1, kTestKeyGcm256Len,
|
||||
kTestKeyGcm256_2, kTestKeyGcm256Len);
|
||||
}
|
||||
|
||||
// Run all tests both with and without external auth enabled.
|
||||
@ -453,7 +449,7 @@ TEST_F(SrtpTransportTest, RemoveSrtpReceiveStream) {
|
||||
|
||||
// Create a packet and try to send it three times.
|
||||
size_t rtp_len = sizeof(kPcmuFrame);
|
||||
size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(rtc::kCsAeadAes128Gcm);
|
||||
size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(rtc::kSrtpAeadAes128Gcm);
|
||||
rtc::Buffer rtp_packet_buffer(packet_size);
|
||||
char* rtp_packet_data = rtp_packet_buffer.data<char>();
|
||||
memcpy(rtp_packet_data, kPcmuFrame, rtp_len);
|
||||
|
40
third_party/libwebrtc/pc/test/srtp_test_util.h
vendored
40
third_party/libwebrtc/pc/test/srtp_test_util.h
vendored
@ -11,32 +11,38 @@
|
||||
#ifndef PC_TEST_SRTP_TEST_UTIL_H_
|
||||
#define PC_TEST_SRTP_TEST_UTIL_H_
|
||||
|
||||
#include <string>
|
||||
#include "rtc_base/ssl_stream_adapter.h"
|
||||
|
||||
namespace rtc {
|
||||
|
||||
extern const char kCsAesCm128HmacSha1_32[];
|
||||
extern const char kCsAeadAes128Gcm[];
|
||||
extern const char kCsAeadAes256Gcm[];
|
||||
|
||||
static const uint8_t kTestKey1[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234";
|
||||
static const uint8_t kTestKey2[] = "4321ZYXWVUTSRQPONMLKJIHGFEDCBA";
|
||||
static const int kTestKeyLen = 30;
|
||||
|
||||
static int rtp_auth_tag_len(const std::string& cs) {
|
||||
if (cs == kCsAesCm128HmacSha1_32) {
|
||||
return 4;
|
||||
} else if (cs == kCsAeadAes128Gcm || cs == kCsAeadAes256Gcm) {
|
||||
return 16;
|
||||
} else {
|
||||
return 10;
|
||||
static int rtp_auth_tag_len(int crypto_suite) {
|
||||
switch (crypto_suite) {
|
||||
case kSrtpAes128CmSha1_32:
|
||||
return 4;
|
||||
case kSrtpAes128CmSha1_80:
|
||||
return 10;
|
||||
case kSrtpAeadAes128Gcm:
|
||||
case kSrtpAeadAes256Gcm:
|
||||
return 16;
|
||||
default:
|
||||
RTC_CHECK_NOTREACHED();
|
||||
}
|
||||
}
|
||||
static int rtcp_auth_tag_len(const std::string& cs) {
|
||||
if (cs == kCsAeadAes128Gcm || cs == kCsAeadAes256Gcm) {
|
||||
return 16;
|
||||
} else {
|
||||
return 10;
|
||||
|
||||
static int rtcp_auth_tag_len(int crypto_suite) {
|
||||
switch (crypto_suite) {
|
||||
case kSrtpAes128CmSha1_32:
|
||||
case kSrtpAes128CmSha1_80:
|
||||
return 10;
|
||||
case kSrtpAeadAes128Gcm:
|
||||
case kSrtpAeadAes256Gcm:
|
||||
return 16;
|
||||
default:
|
||||
RTC_CHECK_NOTREACHED();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -17,17 +17,12 @@
|
||||
#include <openssl/tls1.h>
|
||||
#include <openssl/x509v3.h>
|
||||
|
||||
#include "absl/strings/string_view.h"
|
||||
#ifndef OPENSSL_IS_BORINGSSL
|
||||
#include <openssl/dtls1.h>
|
||||
#include <openssl/ssl.h>
|
||||
#endif
|
||||
|
||||
#include <atomic>
|
||||
#include <memory>
|
||||
#include <utility>
|
||||
#include <vector>
|
||||
|
||||
#include "absl/strings/string_view.h"
|
||||
#include "api/array_view.h"
|
||||
#include "rtc_base/checks.h"
|
||||
#include "rtc_base/logging.h"
|
||||
@ -36,6 +31,9 @@
|
||||
#include "rtc_base/openssl_adapter.h"
|
||||
#include "rtc_base/openssl_digest.h"
|
||||
#ifdef OPENSSL_IS_BORINGSSL
|
||||
#include <openssl/dtls1.h>
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
#include "rtc_base/boringssl_identity.h"
|
||||
#else
|
||||
#include "rtc_base/openssl_identity.h"
|
||||
|
@ -14,12 +14,9 @@
|
||||
#include "absl/strings/string_view.h"
|
||||
#include "rtc_base/openssl_stream_adapter.h"
|
||||
|
||||
///////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
namespace rtc {
|
||||
|
||||
// TODO(guoweis): Move this to SDP layer and use int form internally.
|
||||
// webrtc:5043.
|
||||
// Deprecated, prefer SrtpCryptoSuiteToName.
|
||||
const char kCsAesCm128HmacSha1_80[] = "AES_CM_128_HMAC_SHA1_80";
|
||||
const char kCsAesCm128HmacSha1_32[] = "AES_CM_128_HMAC_SHA1_32";
|
||||
const char kCsAeadAes128Gcm[] = "AEAD_AES_128_GCM";
|
||||
@ -27,31 +24,19 @@ const char kCsAeadAes256Gcm[] = "AEAD_AES_256_GCM";
|
||||
|
||||
std::string SrtpCryptoSuiteToName(int crypto_suite) {
|
||||
switch (crypto_suite) {
|
||||
case kSrtpAes128CmSha1_32:
|
||||
return kCsAesCm128HmacSha1_32;
|
||||
case kSrtpAes128CmSha1_80:
|
||||
return kCsAesCm128HmacSha1_80;
|
||||
return "AES_CM_128_HMAC_SHA1_80";
|
||||
case kSrtpAes128CmSha1_32:
|
||||
return "AES_CM_128_HMAC_SHA1_32";
|
||||
case kSrtpAeadAes128Gcm:
|
||||
return kCsAeadAes128Gcm;
|
||||
return "AEAD_AES_128_GCM";
|
||||
case kSrtpAeadAes256Gcm:
|
||||
return kCsAeadAes256Gcm;
|
||||
return "AEAD_AES_256_GCM";
|
||||
default:
|
||||
return std::string();
|
||||
}
|
||||
}
|
||||
|
||||
int SrtpCryptoSuiteFromName(absl::string_view crypto_suite) {
|
||||
if (crypto_suite == kCsAesCm128HmacSha1_32)
|
||||
return kSrtpAes128CmSha1_32;
|
||||
if (crypto_suite == kCsAesCm128HmacSha1_80)
|
||||
return kSrtpAes128CmSha1_80;
|
||||
if (crypto_suite == kCsAeadAes128Gcm)
|
||||
return kSrtpAeadAes128Gcm;
|
||||
if (crypto_suite == kCsAeadAes256Gcm)
|
||||
return kSrtpAeadAes256Gcm;
|
||||
return kSrtpInvalidCryptoSuite;
|
||||
}
|
||||
|
||||
bool GetSrtpKeyAndSaltLengths(int crypto_suite,
|
||||
int* key_length,
|
||||
int* salt_length) {
|
||||
@ -86,10 +71,6 @@ bool IsGcmCryptoSuite(int crypto_suite) {
|
||||
crypto_suite == kSrtpAeadAes128Gcm);
|
||||
}
|
||||
|
||||
bool IsGcmCryptoSuiteName(absl::string_view crypto_suite) {
|
||||
return (crypto_suite == kCsAeadAes256Gcm || crypto_suite == kCsAeadAes128Gcm);
|
||||
}
|
||||
|
||||
std::unique_ptr<SSLStreamAdapter> SSLStreamAdapter::Create(
|
||||
std::unique_ptr<StreamInterface> stream,
|
||||
absl::AnyInvocable<void(SSLHandshakeError)> handshake_error) {
|
||||
|
@ -58,9 +58,6 @@ extern const char kCsAeadAes256Gcm[];
|
||||
// name, as defined in https://tools.ietf.org/html/rfc5764#section-4.1.2.
|
||||
std::string SrtpCryptoSuiteToName(int crypto_suite);
|
||||
|
||||
// The reverse of above conversion.
|
||||
int SrtpCryptoSuiteFromName(absl::string_view crypto_suite);
|
||||
|
||||
// Get key length and salt length for given crypto suite. Returns true for
|
||||
// valid suites, otherwise false.
|
||||
bool GetSrtpKeyAndSaltLengths(int crypto_suite,
|
||||
@ -70,9 +67,6 @@ bool GetSrtpKeyAndSaltLengths(int crypto_suite,
|
||||
// Returns true if the given crypto suite id uses a GCM cipher.
|
||||
bool IsGcmCryptoSuite(int crypto_suite);
|
||||
|
||||
// Returns true if the given crypto suite name uses a GCM cipher.
|
||||
bool IsGcmCryptoSuiteName(absl::string_view crypto_suite);
|
||||
|
||||
// SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS.
|
||||
// After SSL has been started, the stream will only open on successful
|
||||
// SSL verification of certificates, and the communication is
|
||||
|
Loading…
Reference in New Issue
Block a user