mirror of
https://github.com/mollyim/webrtc.git
synced 2025-05-17 23:57:59 +01:00
bfb444ce2c
This change adds a new subcategory to the public native webrtc::CryptoOptions structure: webrtc::CryptoOptions::Frame. This new structure has a single off by default property: crypto_options.frame.require_frame_encryption. This new flag if set prevents RtpSenders from sending outgoing payloads unless a frame_encryptor_ is attached and prevents RtpReceivers from receiving incoming payloads unless a frame_decryptor_ is attached. This option is important to enforce no unencrypted data can ever leave the device or be received. I have also attached bindings for Java and Objective-C. I have implemented this functionality for E2EE audio but not E2EE video since the changes are still in review. Bug: webrtc:9681 Change-Id: Ie184711190e0cdf5ac781f69e9489ceec904736f Reviewed-on: https://webrtc-review.googlesource.com/c/105540 Reviewed-by: Niels Moller <nisse@webrtc.org> Reviewed-by: Steve Anton <steveanton@webrtc.org> Reviewed-by: Oskar Sundbom <ossu@webrtc.org> Reviewed-by: Sami Kalliomäki <sakal@webrtc.org> Reviewed-by: Kári Helgason <kthelgason@webrtc.org> Commit-Queue: Benjamin Wright <benwright@webrtc.org> Cr-Commit-Position: refs/heads/master@{#25238}
64 lines
2.5 KiB
Text
64 lines
2.5 KiB
Text
/*
|
|
* Copyright 2017 The WebRTC project authors. All Rights Reserved.
|
|
*
|
|
* Use of this source code is governed by a BSD-style license
|
|
* that can be found in the LICENSE file in the root of the source
|
|
* tree. An additional intellectual property rights grant can be found
|
|
* in the file PATENTS. All contributing project authors may
|
|
* be found in the AUTHORS file in the root of the source tree.
|
|
*/
|
|
|
|
#import "RTCPeerConnectionFactoryOptions+Private.h"
|
|
|
|
#include "rtc_base/network_constants.h"
|
|
|
|
namespace {
|
|
|
|
void setNetworkBit(webrtc::PeerConnectionFactoryInterface::Options* options,
|
|
rtc::AdapterType type,
|
|
bool ignore) {
|
|
if (ignore) {
|
|
options->network_ignore_mask |= type;
|
|
} else {
|
|
options->network_ignore_mask &= ~type;
|
|
}
|
|
}
|
|
} // namespace
|
|
|
|
@implementation RTCPeerConnectionFactoryOptions
|
|
|
|
@synthesize disableEncryption = _disableEncryption;
|
|
@synthesize disableNetworkMonitor = _disableNetworkMonitor;
|
|
@synthesize ignoreLoopbackNetworkAdapter = _ignoreLoopbackNetworkAdapter;
|
|
@synthesize ignoreVPNNetworkAdapter = _ignoreVPNNetworkAdapter;
|
|
@synthesize ignoreCellularNetworkAdapter = _ignoreCellularNetworkAdapter;
|
|
@synthesize ignoreWiFiNetworkAdapter = _ignoreWiFiNetworkAdapter;
|
|
@synthesize ignoreEthernetNetworkAdapter = _ignoreEthernetNetworkAdapter;
|
|
@synthesize enableAes128Sha1_32CryptoCipher = _enableAes128Sha1_32CryptoCipher;
|
|
@synthesize enableGcmCryptoSuites = _enableGcmCryptoSuites;
|
|
@synthesize requireFrameEncryption = _requireFrameEncryption;
|
|
|
|
- (instancetype)init {
|
|
return [super init];
|
|
}
|
|
|
|
- (webrtc::PeerConnectionFactoryInterface::Options)nativeOptions {
|
|
webrtc::PeerConnectionFactoryInterface::Options options;
|
|
options.disable_encryption = self.disableEncryption;
|
|
options.disable_network_monitor = self.disableNetworkMonitor;
|
|
|
|
setNetworkBit(&options, rtc::ADAPTER_TYPE_LOOPBACK, self.ignoreLoopbackNetworkAdapter);
|
|
setNetworkBit(&options, rtc::ADAPTER_TYPE_VPN, self.ignoreVPNNetworkAdapter);
|
|
setNetworkBit(&options, rtc::ADAPTER_TYPE_CELLULAR, self.ignoreCellularNetworkAdapter);
|
|
setNetworkBit(&options, rtc::ADAPTER_TYPE_WIFI, self.ignoreWiFiNetworkAdapter);
|
|
setNetworkBit(&options, rtc::ADAPTER_TYPE_ETHERNET, self.ignoreEthernetNetworkAdapter);
|
|
|
|
options.crypto_options.srtp.enable_aes128_sha1_32_crypto_cipher =
|
|
self.enableAes128Sha1_32CryptoCipher;
|
|
options.crypto_options.srtp.enable_gcm_crypto_suites = self.enableGcmCryptoSuites;
|
|
options.crypto_options.sframe.require_frame_encryption = self.requireFrameEncryption;
|
|
|
|
return options;
|
|
}
|
|
|
|
@end
|