Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / webrtc / c259a3b0e985e0c1ad23beb6fe91c37e84521a29 / . / pc / srtp_session.h
blob: dd89e4398203bb56c8353b7837030266bca26f25 [file] [log] [blame]
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]1/*
2 * Copyright 2017 The WebRTC project authors. All Rights Reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Steve Anton10542f22019-01-11 09:11:00 -0800[diff] [blame]11#ifndef PC_SRTP_SESSION_H_
12#define PC_SRTP_SESSION_H_
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]13
14#include <vector>
15
Steve Antondb67ba12018-03-19 17:41:42 -0700[diff] [blame]16#include "rtc_base/scoped_ref_ptr.h"
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]17#include "rtc_base/thread_checker.h"
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]18
19// Forward declaration to avoid pulling in libsrtp headers here
20struct srtp_event_data_t;
21struct srtp_ctx_t_;
22
23namespace cricket {
24
25// Class that wraps a libSRTP session.
26class SrtpSession {
27 public:
28 SrtpSession();
29 ~SrtpSession();
30
31 // Configures the session for sending data using the specified
32 // cipher-suite and key. Receiving must be done by a separate session.
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]33 bool SetSend(int cs,
34 const uint8_t* key,
35 size_t len,
36 const std::vector<int>& extension_ids);
37 bool UpdateSend(int cs,
38 const uint8_t* key,
39 size_t len,
40 const std::vector<int>& extension_ids);
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]41
42 // Configures the session for receiving data using the specified
43 // cipher-suite and key. Sending must be done by a separate session.
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]44 bool SetRecv(int cs,
45 const uint8_t* key,
46 size_t len,
47 const std::vector<int>& extension_ids);
48 bool UpdateRecv(int cs,
49 const uint8_t* key,
50 size_t len,
51 const std::vector<int>& extension_ids);
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]52
53 // Encrypts/signs an individual RTP/RTCP packet, in-place.
54 // If an HMAC is used, this will increase the packet size.
55 bool ProtectRtp(void* data, int in_len, int max_len, int* out_len);
56 // Overloaded version, outputs packet index.
57 bool ProtectRtp(void* data,
58 int in_len,
59 int max_len,
60 int* out_len,
61 int64_t* index);
62 bool ProtectRtcp(void* data, int in_len, int max_len, int* out_len);
63 // Decrypts/verifies an invidiual RTP/RTCP packet.
64 // If an HMAC is used, this will decrease the packet size.
65 bool UnprotectRtp(void* data, int in_len, int* out_len);
66 bool UnprotectRtcp(void* data, int in_len, int* out_len);
67
68 // Helper method to get authentication params.
69 bool GetRtpAuthParams(uint8_t** key, int* key_len, int* tag_len);
70
71 int GetSrtpOverhead() const;
72
73 // If external auth is enabled, SRTP will write a dummy auth tag that then
74 // later must get replaced before the packet is sent out. Only supported for
75 // non-GCM cipher suites and can be checked through "IsExternalAuthActive"
76 // if it is actually used. This method is only valid before the RTP params
77 // have been set.
78 void EnableExternalAuth();
79 bool IsExternalAuthEnabled() const;
80
81 // A SRTP session supports external creation of the auth tag if a non-GCM
82 // cipher is used. This method is only valid after the RTP params have
83 // been set.
84 bool IsExternalAuthActive() const;
85
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]86 private:
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]87 bool DoSetKey(int type,
88 int cs,
89 const uint8_t* key,
90 size_t len,
91 const std::vector<int>& extension_ids);
92 bool SetKey(int type,
93 int cs,
94 const uint8_t* key,
95 size_t len,
96 const std::vector<int>& extension_ids);
97 bool UpdateKey(int type,
98 int cs,
99 const uint8_t* key,
100 size_t len,
101 const std::vector<int>& extension_ids);
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]102 // Returns send stream current packet index from srtp db.
103 bool GetSendStreamPacketIndex(void* data, int in_len, int64_t* index);
104
Taylor Brandstetterb140b9f2017-10-12 17:24:16 -0700[diff] [blame]105 // These methods are responsible for initializing libsrtp (if the usage count
106 // is incremented from 0 to 1) or deinitializing it (when decremented from 1
107 // to 0).
108 //
109 // Returns true if successful (will always be successful if already inited).
110 static bool IncrementLibsrtpUsageCountAndMaybeInit();
111 static void DecrementLibsrtpUsageCountAndMaybeDeinit();
112
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]113 void HandleEvent(const srtp_event_data_t* ev);
114 static void HandleEventThunk(srtp_event_data_t* ev);
115
116 rtc::ThreadChecker thread_checker_;
117 srtp_ctx_t_* session_ = nullptr;
118 int rtp_auth_tag_len_ = 0;
119 int rtcp_auth_tag_len_ = 0;
Taylor Brandstetterb140b9f2017-10-12 17:24:16 -0700[diff] [blame]120 bool inited_ = false;
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]121 static rtc::GlobalLockPod lock_;
122 int last_send_seq_num_ = -1;
123 bool external_auth_active_ = false;
124 bool external_auth_enabled_ = false;
erikvarga@webrtc.orgd76a0fc2018-10-09 12:31:28 +0200[diff] [blame]125 int decryption_failure_count_ = 0;
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]126 RTC_DISALLOW_COPY_AND_ASSIGN(SrtpSession);
127};
128
129} // namespace cricket
130
Steve Anton10542f22019-01-11 09:11:00 -0800[diff] [blame]131#endif // PC_SRTP_SESSION_H_