zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2017 The WebRTC project authors. All Rights Reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | |
Mirko Bonadei | 92ea95e | 2017-09-15 06:47:31 +0200 | [diff] [blame] | 11 | #ifndef PC_SRTPTRANSPORT_H_ |
| 12 | #define PC_SRTPTRANSPORT_H_ |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 13 | |
| 14 | #include <memory> |
| 15 | #include <string> |
| 16 | #include <utility> |
Steve Anton | 36b29d1 | 2017-10-30 09:57:42 -0700 | [diff] [blame] | 17 | #include <vector> |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 18 | |
Zhi Huang | 942bc2e | 2017-11-13 13:26:07 -0800 | [diff] [blame] | 19 | #include "p2p/base/icetransportinternal.h" |
Zhi Huang | f2d7beb | 2017-11-20 14:35:11 -0800 | [diff] [blame] | 20 | #include "pc/rtptransportinternaladapter.h" |
Mirko Bonadei | 92ea95e | 2017-09-15 06:47:31 +0200 | [diff] [blame] | 21 | #include "pc/srtpfilter.h" |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 22 | #include "pc/srtpsession.h" |
Mirko Bonadei | 92ea95e | 2017-09-15 06:47:31 +0200 | [diff] [blame] | 23 | #include "rtc_base/checks.h" |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 24 | |
| 25 | namespace webrtc { |
| 26 | |
| 27 | // This class will eventually be a wrapper around RtpTransportInternal |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 28 | // that protects and unprotects sent and received RTP packets. |
Zhi Huang | f2d7beb | 2017-11-20 14:35:11 -0800 | [diff] [blame] | 29 | class SrtpTransport : public RtpTransportInternalAdapter { |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 30 | public: |
| 31 | SrtpTransport(bool rtcp_mux_enabled, const std::string& content_name); |
| 32 | |
Zhi Huang | f2d7beb | 2017-11-20 14:35:11 -0800 | [diff] [blame] | 33 | SrtpTransport(std::unique_ptr<RtpTransportInternal> rtp_transport, |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 34 | const std::string& content_name); |
| 35 | |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 36 | bool SendRtpPacket(rtc::CopyOnWriteBuffer* packet, |
| 37 | const rtc::PacketOptions& options, |
| 38 | int flags) override; |
| 39 | |
| 40 | bool SendRtcpPacket(rtc::CopyOnWriteBuffer* packet, |
| 41 | const rtc::PacketOptions& options, |
| 42 | int flags) override; |
| 43 | |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 44 | // The transport becomes active if the send_session_ and recv_session_ are |
| 45 | // created. |
| 46 | bool IsActive() const; |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 47 | |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 48 | // TODO(zstein): Remove this when we remove RtpTransportAdapter. |
| 49 | RtpTransportAdapter* GetInternal() override { return nullptr; } |
| 50 | |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 51 | // Create new send/recv sessions and set the negotiated crypto keys for RTP |
| 52 | // packet encryption. The keys can either come from SDES negotiation or DTLS |
| 53 | // handshake. |
| 54 | bool SetRtpParams(int send_cs, |
| 55 | const uint8_t* send_key, |
| 56 | int send_key_len, |
Zhi Huang | c99b6c7 | 2017-11-10 16:44:46 -0800 | [diff] [blame] | 57 | const std::vector<int>& send_extension_ids, |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 58 | int recv_cs, |
| 59 | const uint8_t* recv_key, |
Zhi Huang | c99b6c7 | 2017-11-10 16:44:46 -0800 | [diff] [blame] | 60 | int recv_key_len, |
| 61 | const std::vector<int>& recv_extension_ids); |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 62 | |
| 63 | // Create new send/recv sessions and set the negotiated crypto keys for RTCP |
| 64 | // packet encryption. The keys can either come from SDES negotiation or DTLS |
| 65 | // handshake. |
| 66 | bool SetRtcpParams(int send_cs, |
| 67 | const uint8_t* send_key, |
| 68 | int send_key_len, |
Zhi Huang | c99b6c7 | 2017-11-10 16:44:46 -0800 | [diff] [blame] | 69 | const std::vector<int>& send_extension_ids, |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 70 | int recv_cs, |
| 71 | const uint8_t* recv_key, |
Zhi Huang | c99b6c7 | 2017-11-10 16:44:46 -0800 | [diff] [blame] | 72 | int recv_key_len, |
| 73 | const std::vector<int>& recv_extension_ids); |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 74 | |
| 75 | void ResetParams(); |
| 76 | |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 77 | // If external auth is enabled, SRTP will write a dummy auth tag that then |
| 78 | // later must get replaced before the packet is sent out. Only supported for |
| 79 | // non-GCM cipher suites and can be checked through "IsExternalAuthActive" |
| 80 | // if it is actually used. This method is only valid before the RTP params |
| 81 | // have been set. |
| 82 | void EnableExternalAuth(); |
| 83 | bool IsExternalAuthEnabled() const; |
| 84 | |
| 85 | // A SrtpTransport supports external creation of the auth tag if a non-GCM |
| 86 | // cipher is used. This method is only valid after the RTP params have |
| 87 | // been set. |
| 88 | bool IsExternalAuthActive() const; |
| 89 | |
| 90 | // Returns srtp overhead for rtp packets. |
| 91 | bool GetSrtpOverhead(int* srtp_overhead) const; |
| 92 | |
| 93 | // Returns rtp auth params from srtp context. |
| 94 | bool GetRtpAuthParams(uint8_t** key, int* key_len, int* tag_len); |
| 95 | |
| 96 | // Helper method to get RTP Absoulute SendTime extension header id if |
| 97 | // present in remote supported extensions list. |
| 98 | void CacheRtpAbsSendTimeHeaderExtension(int rtp_abs_sendtime_extn_id) { |
| 99 | rtp_abs_sendtime_extn_id_ = rtp_abs_sendtime_extn_id; |
| 100 | } |
| 101 | |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 102 | private: |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 103 | void CreateSrtpSessions(); |
| 104 | |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 105 | void ConnectToRtpTransport(); |
| 106 | |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 107 | bool SendPacket(bool rtcp, |
| 108 | rtc::CopyOnWriteBuffer* packet, |
| 109 | const rtc::PacketOptions& options, |
| 110 | int flags); |
| 111 | |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 112 | void OnPacketReceived(bool rtcp, |
| 113 | rtc::CopyOnWriteBuffer* packet, |
| 114 | const rtc::PacketTime& packet_time); |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 115 | void OnReadyToSend(bool ready) { SignalReadyToSend(ready); } |
Zhi Huang | 942bc2e | 2017-11-13 13:26:07 -0800 | [diff] [blame] | 116 | void OnNetworkRouteChanged(rtc::Optional<rtc::NetworkRoute> network_route); |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 117 | |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 118 | bool ProtectRtp(void* data, int in_len, int max_len, int* out_len); |
zhihuang | eb23e17 | 2017-09-19 01:12:52 -0700 | [diff] [blame] | 119 | |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 120 | // Overloaded version, outputs packet index. |
| 121 | bool ProtectRtp(void* data, |
| 122 | int in_len, |
| 123 | int max_len, |
| 124 | int* out_len, |
| 125 | int64_t* index); |
| 126 | bool ProtectRtcp(void* data, int in_len, int max_len, int* out_len); |
| 127 | |
| 128 | // Decrypts/verifies an invidiual RTP/RTCP packet. |
| 129 | // If an HMAC is used, this will decrease the packet size. |
| 130 | bool UnprotectRtp(void* data, int in_len, int* out_len); |
| 131 | |
| 132 | bool UnprotectRtcp(void* data, int in_len, int* out_len); |
| 133 | |
| 134 | const std::string content_name_; |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 135 | std::unique_ptr<RtpTransportInternal> rtp_transport_; |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 136 | |
| 137 | std::unique_ptr<cricket::SrtpSession> send_session_; |
| 138 | std::unique_ptr<cricket::SrtpSession> recv_session_; |
| 139 | std::unique_ptr<cricket::SrtpSession> send_rtcp_session_; |
| 140 | std::unique_ptr<cricket::SrtpSession> recv_rtcp_session_; |
| 141 | |
Zhi Huang | cf990f5 | 2017-09-22 12:12:30 -0700 | [diff] [blame] | 142 | bool external_auth_enabled_ = false; |
| 143 | |
| 144 | int rtp_abs_sendtime_extn_id_ = -1; |
zstein | 398c3fd | 2017-07-19 13:38:02 -0700 | [diff] [blame] | 145 | }; |
| 146 | |
| 147 | } // namespace webrtc |
| 148 | |
Mirko Bonadei | 92ea95e | 2017-09-15 06:47:31 +0200 | [diff] [blame] | 149 | #endif // PC_SRTPTRANSPORT_H_ |