1*d9f75844SAndroid Build Coastguard Worker /* 2*d9f75844SAndroid Build Coastguard Worker * Copyright 2018 The WebRTC Project Authors. All rights reserved. 3*d9f75844SAndroid Build Coastguard Worker * 4*d9f75844SAndroid Build Coastguard Worker * Use of this source code is governed by a BSD-style license 5*d9f75844SAndroid Build Coastguard Worker * that can be found in the LICENSE file in the root of the source 6*d9f75844SAndroid Build Coastguard Worker * tree. An additional intellectual property rights grant can be found 7*d9f75844SAndroid Build Coastguard Worker * in the file PATENTS. All contributing project authors may 8*d9f75844SAndroid Build Coastguard Worker * be found in the AUTHORS file in the root of the source tree. 9*d9f75844SAndroid Build Coastguard Worker */ 10*d9f75844SAndroid Build Coastguard Worker 11*d9f75844SAndroid Build Coastguard Worker #ifndef API_CRYPTO_CRYPTO_OPTIONS_H_ 12*d9f75844SAndroid Build Coastguard Worker #define API_CRYPTO_CRYPTO_OPTIONS_H_ 13*d9f75844SAndroid Build Coastguard Worker 14*d9f75844SAndroid Build Coastguard Worker #include <vector> 15*d9f75844SAndroid Build Coastguard Worker 16*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/system/rtc_export.h" 17*d9f75844SAndroid Build Coastguard Worker 18*d9f75844SAndroid Build Coastguard Worker namespace webrtc { 19*d9f75844SAndroid Build Coastguard Worker 20*d9f75844SAndroid Build Coastguard Worker // CryptoOptions defines advanced cryptographic settings for native WebRTC. 21*d9f75844SAndroid Build Coastguard Worker // These settings must be passed into PeerConnectionFactoryInterface::Options 22*d9f75844SAndroid Build Coastguard Worker // and are only applicable to native use cases of WebRTC. 23*d9f75844SAndroid Build Coastguard Worker struct RTC_EXPORT CryptoOptions { 24*d9f75844SAndroid Build Coastguard Worker CryptoOptions(); 25*d9f75844SAndroid Build Coastguard Worker CryptoOptions(const CryptoOptions& other); 26*d9f75844SAndroid Build Coastguard Worker ~CryptoOptions(); 27*d9f75844SAndroid Build Coastguard Worker 28*d9f75844SAndroid Build Coastguard Worker // Helper method to return an instance of the CryptoOptions with GCM crypto 29*d9f75844SAndroid Build Coastguard Worker // suites disabled. This method should be used instead of depending on current 30*d9f75844SAndroid Build Coastguard Worker // default values set by the constructor. 31*d9f75844SAndroid Build Coastguard Worker static CryptoOptions NoGcm(); 32*d9f75844SAndroid Build Coastguard Worker 33*d9f75844SAndroid Build Coastguard Worker // Returns a list of the supported DTLS-SRTP Crypto suites based on this set 34*d9f75844SAndroid Build Coastguard Worker // of crypto options. 35*d9f75844SAndroid Build Coastguard Worker std::vector<int> GetSupportedDtlsSrtpCryptoSuites() const; 36*d9f75844SAndroid Build Coastguard Worker 37*d9f75844SAndroid Build Coastguard Worker bool operator==(const CryptoOptions& other) const; 38*d9f75844SAndroid Build Coastguard Worker bool operator!=(const CryptoOptions& other) const; 39*d9f75844SAndroid Build Coastguard Worker 40*d9f75844SAndroid Build Coastguard Worker // SRTP Related Peer Connection options. 41*d9f75844SAndroid Build Coastguard Worker struct Srtp { 42*d9f75844SAndroid Build Coastguard Worker // Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used 43*d9f75844SAndroid Build Coastguard Worker // if both sides enable it. 44*d9f75844SAndroid Build Coastguard Worker bool enable_gcm_crypto_suites = false; 45*d9f75844SAndroid Build Coastguard Worker 46*d9f75844SAndroid Build Coastguard Worker // If set to true, the (potentially insecure) crypto cipher 47*d9f75844SAndroid Build Coastguard Worker // kSrtpAes128CmSha1_32 will be included in the list of supported ciphers 48*d9f75844SAndroid Build Coastguard Worker // during negotiation. It will only be used if both peers support it and no 49*d9f75844SAndroid Build Coastguard Worker // other ciphers get preferred. 50*d9f75844SAndroid Build Coastguard Worker bool enable_aes128_sha1_32_crypto_cipher = false; 51*d9f75844SAndroid Build Coastguard Worker 52*d9f75844SAndroid Build Coastguard Worker // The most commonly used cipher. Can be disabled, mostly for testing 53*d9f75844SAndroid Build Coastguard Worker // purposes. 54*d9f75844SAndroid Build Coastguard Worker bool enable_aes128_sha1_80_crypto_cipher = true; 55*d9f75844SAndroid Build Coastguard Worker 56*d9f75844SAndroid Build Coastguard Worker // If set to true, encrypted RTP header extensions as defined in RFC 6904 57*d9f75844SAndroid Build Coastguard Worker // will be negotiated. They will only be used if both peers support them. 58*d9f75844SAndroid Build Coastguard Worker bool enable_encrypted_rtp_header_extensions = false; 59*d9f75844SAndroid Build Coastguard Worker } srtp; 60*d9f75844SAndroid Build Coastguard Worker 61*d9f75844SAndroid Build Coastguard Worker // Options to be used when the FrameEncryptor / FrameDecryptor APIs are used. 62*d9f75844SAndroid Build Coastguard Worker struct SFrame { 63*d9f75844SAndroid Build Coastguard Worker // If set all RtpSenders must have an FrameEncryptor attached to them before 64*d9f75844SAndroid Build Coastguard Worker // they are allowed to send packets. All RtpReceivers must have a 65*d9f75844SAndroid Build Coastguard Worker // FrameDecryptor attached to them before they are able to receive packets. 66*d9f75844SAndroid Build Coastguard Worker bool require_frame_encryption = false; 67*d9f75844SAndroid Build Coastguard Worker } sframe; 68*d9f75844SAndroid Build Coastguard Worker }; 69*d9f75844SAndroid Build Coastguard Worker 70*d9f75844SAndroid Build Coastguard Worker } // namespace webrtc 71*d9f75844SAndroid Build Coastguard Worker 72*d9f75844SAndroid Build Coastguard Worker #endif // API_CRYPTO_CRYPTO_OPTIONS_H_ 73