1 files changed, 147 insertions, 0 deletions

diff --git a/third_party/libwebrtc/pc/srtp_filter.h b/third_party/libwebrtc/pc/srtp_filter.h
new file mode 100644
index 0000000000..e2848a1090
--- /dev/null
+++ b/third_party/libwebrtc/pc/srtp_filter.h
@@ -0,0 +1,147 @@
+/*
+ *  Copyright 2009 The WebRTC project authors. All Rights Reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#ifndef PC_SRTP_FILTER_H_
+#define PC_SRTP_FILTER_H_
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include <list>
+#include <map>
+#include <memory>
+#include <string>
+#include <vector>
+
+#include "absl/types/optional.h"
+#include "api/array_view.h"
+#include "api/crypto_params.h"
+#include "api/jsep.h"
+#include "api/sequence_checker.h"
+#include "pc/session_description.h"
+#include "rtc_base/buffer.h"
+#include "rtc_base/ssl_stream_adapter.h"
+
+// Forward declaration to avoid pulling in libsrtp headers here
+struct srtp_event_data_t;
+struct srtp_ctx_t_;
+
+namespace cricket {
+
+// A helper class used to negotiate SDES crypto params.
+// TODO(zhihuang): Find a better name for this class, like "SdesNegotiator".
+class SrtpFilter {
+ public:
+  enum Mode { PROTECT, UNPROTECT };
+  enum Error {
+    ERROR_NONE,
+    ERROR_FAIL,
+    ERROR_AUTH,
+    ERROR_REPLAY,
+  };
+
+  SrtpFilter();
+  ~SrtpFilter();
+
+  // Whether the filter is active (i.e. crypto has been properly negotiated).
+  bool IsActive() const;
+
+  // Handle the offer/answer negotiation of the crypto parameters internally.
+  // TODO(zhihuang): Make SetOffer/ProvisionalAnswer/Answer private as helper
+  // methods once start using Process.
+  bool Process(const std::vector<CryptoParams>& cryptos,
+               webrtc::SdpType type,
+               ContentSource source);
+
+  // Indicates which crypto algorithms and keys were contained in the offer.
+  // offer_params should contain a list of available parameters to use, or none,
+  // if crypto is not desired. This must be called before SetAnswer.
+  bool SetOffer(const std::vector<CryptoParams>& offer_params,
+                ContentSource source);
+  // Same as SetAnwer. But multiple calls are allowed to SetProvisionalAnswer
+  // after a call to SetOffer.
+  bool SetProvisionalAnswer(const std::vector<CryptoParams>& answer_params,
+                            ContentSource source);
+  // Indicates which crypto algorithms and keys were contained in the answer.
+  // answer_params should contain the negotiated parameters, which may be none,
+  // if crypto was not desired or could not be negotiated (and not required).
+  // This must be called after SetOffer. If crypto negotiation completes
+  // successfully, this will advance the filter to the active state.
+  bool SetAnswer(const std::vector<CryptoParams>& answer_params,
+                 ContentSource source);
+
+  bool ResetParams();
+
+  static bool ParseKeyParams(const std::string& params,
+                             uint8_t* key,
+                             size_t len);
+
+  absl::optional<int> send_cipher_suite() { return send_cipher_suite_; }
+  absl::optional<int> recv_cipher_suite() { return recv_cipher_suite_; }
+
+  rtc::ArrayView<const uint8_t> send_key() { return send_key_; }
+  rtc::ArrayView<const uint8_t> recv_key() { return recv_key_; }
+
+ protected:
+  bool ExpectOffer(ContentSource source);
+
+  bool StoreParams(const std::vector<CryptoParams>& params,
+                   ContentSource source);
+
+  bool ExpectAnswer(ContentSource source);
+
+  bool DoSetAnswer(const std::vector<CryptoParams>& answer_params,
+                   ContentSource source,
+                   bool final);
+
+  bool NegotiateParams(const std::vector<CryptoParams>& answer_params,
+                       CryptoParams* selected_params);
+
+ private:
+  bool ApplySendParams(const CryptoParams& send_params);
+
+  bool ApplyRecvParams(const CryptoParams& recv_params);
+
+  enum State {
+    ST_INIT,                    // SRTP filter unused.
+    ST_SENTOFFER,               // Offer with SRTP parameters sent.
+    ST_RECEIVEDOFFER,           // Offer with SRTP parameters received.
+    ST_SENTPRANSWER_NO_CRYPTO,  // Sent provisional answer without crypto.
+    // Received provisional answer without crypto.
+    ST_RECEIVEDPRANSWER_NO_CRYPTO,
+    ST_ACTIVE,  // Offer and answer set.
+    // SRTP filter is active but new parameters are offered.
+    // When the answer is set, the state transitions to ST_ACTIVE or ST_INIT.
+    ST_SENTUPDATEDOFFER,
+    // SRTP filter is active but new parameters are received.
+    // When the answer is set, the state transitions back to ST_ACTIVE.
+    ST_RECEIVEDUPDATEDOFFER,
+    // SRTP filter is active but the sent answer is only provisional.
+    // When the final answer is set, the state transitions to ST_ACTIVE or
+    // ST_INIT.
+    ST_SENTPRANSWER,
+    // SRTP filter is active but the received answer is only provisional.
+    // When the final answer is set, the state transitions to ST_ACTIVE or
+    // ST_INIT.
+    ST_RECEIVEDPRANSWER
+  };
+  State state_ = ST_INIT;
+  std::vector<CryptoParams> offer_params_;
+  CryptoParams applied_send_params_;
+  CryptoParams applied_recv_params_;
+  absl::optional<int> send_cipher_suite_;
+  absl::optional<int> recv_cipher_suite_;
+  rtc::ZeroOnFreeBuffer<uint8_t> send_key_;
+  rtc::ZeroOnFreeBuffer<uint8_t> recv_key_;
+};
+
+}  // namespace cricket
+
+#endif  // PC_SRTP_FILTER_H_