crypto_options.h 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172
  1. /*
  2. * Copyright 2018 The WebRTC Project Authors. All rights reserved.
  3. *
  4. * Use of this source code is governed by a BSD-style license
  5. * that can be found in the LICENSE file in the root of the source
  6. * tree. An additional intellectual property rights grant can be found
  7. * in the file PATENTS. All contributing project authors may
  8. * be found in the AUTHORS file in the root of the source tree.
  9. */
  10. #ifndef API_CRYPTO_CRYPTO_OPTIONS_H_
  11. #define API_CRYPTO_CRYPTO_OPTIONS_H_
  12. #include <vector>
  13. #include "rtc_base/system/rtc_export.h"
  14. namespace webrtc {
  15. // CryptoOptions defines advanced cryptographic settings for native WebRTC.
  16. // These settings must be passed into PeerConnectionFactoryInterface::Options
  17. // and are only applicable to native use cases of WebRTC.
  18. struct RTC_EXPORT CryptoOptions {
  19. CryptoOptions();
  20. CryptoOptions(const CryptoOptions& other);
  21. ~CryptoOptions();
  22. // Helper method to return an instance of the CryptoOptions with GCM crypto
  23. // suites disabled. This method should be used instead of depending on current
  24. // default values set by the constructor.
  25. static CryptoOptions NoGcm();
  26. // Returns a list of the supported DTLS-SRTP Crypto suites based on this set
  27. // of crypto options.
  28. std::vector<int> GetSupportedDtlsSrtpCryptoSuites() const;
  29. bool operator==(const CryptoOptions& other) const;
  30. bool operator!=(const CryptoOptions& other) const;
  31. // SRTP Related Peer Connection options.
  32. struct Srtp {
  33. // Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used
  34. // if both sides enable it.
  35. bool enable_gcm_crypto_suites = false;
  36. // If set to true, the (potentially insecure) crypto cipher
  37. // SRTP_AES128_CM_SHA1_32 will be included in the list of supported ciphers
  38. // during negotiation. It will only be used if both peers support it and no
  39. // other ciphers get preferred.
  40. bool enable_aes128_sha1_32_crypto_cipher = false;
  41. // The most commonly used cipher. Can be disabled, mostly for testing
  42. // purposes.
  43. bool enable_aes128_sha1_80_crypto_cipher = true;
  44. // If set to true, encrypted RTP header extensions as defined in RFC 6904
  45. // will be negotiated. They will only be used if both peers support them.
  46. bool enable_encrypted_rtp_header_extensions = false;
  47. } srtp;
  48. // Options to be used when the FrameEncryptor / FrameDecryptor APIs are used.
  49. struct SFrame {
  50. // If set all RtpSenders must have an FrameEncryptor attached to them before
  51. // they are allowed to send packets. All RtpReceivers must have a
  52. // FrameDecryptor attached to them before they are able to receive packets.
  53. bool require_frame_encryption = false;
  54. } sframe;
  55. };
  56. } // namespace webrtc
  57. #endif // API_CRYPTO_CRYPTO_OPTIONS_H_