1 /* 2 * Copyright 2018 The WebRTC project authors. All Rights Reserved. 3 * 4 * Use of this source code is governed by a BSD-style license 5 * that can be found in the LICENSE file in the root of the source 6 * tree. An additional intellectual property rights grant can be found 7 * in the file PATENTS. All contributing project authors may 8 * be found in the AUTHORS file in the root of the source tree. 9 */ 10 11 package org.webrtc; 12 13 /** 14 * CryptoOptions defines advanced cryptographic settings for native WebRTC. 15 * These settings must be passed into RTCConfiguration. WebRTC is secur by 16 * default and you should not need to set any of these options unless you are 17 * specifically looking for an additional crypto feature such as AES_GCM 18 * support. This class is the Java binding of native api/crypto/cryptooptions.h 19 */ 20 public final class CryptoOptions { 21 /** 22 * SRTP Related Peer Connection Options. 23 */ 24 public final class Srtp { 25 /** 26 * Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used 27 * if both sides enable it 28 */ 29 private final boolean enableGcmCryptoSuites; 30 /** 31 * If set to true, the (potentially insecure) crypto cipher 32 * SRTP_AES128_CM_SHA1_32 will be included in the list of supported ciphers 33 * during negotiation. It will only be used if both peers support it and no 34 * other ciphers get preferred. 35 */ 36 private final boolean enableAes128Sha1_32CryptoCipher; 37 /** 38 * If set to true, encrypted RTP header extensions as defined in RFC 6904 39 * will be negotiated. They will only be used if both peers support them. 40 */ 41 private final boolean enableEncryptedRtpHeaderExtensions; 42 Srtp(boolean enableGcmCryptoSuites, boolean enableAes128Sha1_32CryptoCipher, boolean enableEncryptedRtpHeaderExtensions)43 private Srtp(boolean enableGcmCryptoSuites, boolean enableAes128Sha1_32CryptoCipher, 44 boolean enableEncryptedRtpHeaderExtensions) { 45 this.enableGcmCryptoSuites = enableGcmCryptoSuites; 46 this.enableAes128Sha1_32CryptoCipher = enableAes128Sha1_32CryptoCipher; 47 this.enableEncryptedRtpHeaderExtensions = enableEncryptedRtpHeaderExtensions; 48 } 49 50 @CalledByNative("Srtp") getEnableGcmCryptoSuites()51 public boolean getEnableGcmCryptoSuites() { 52 return enableGcmCryptoSuites; 53 } 54 55 @CalledByNative("Srtp") getEnableAes128Sha1_32CryptoCipher()56 public boolean getEnableAes128Sha1_32CryptoCipher() { 57 return enableAes128Sha1_32CryptoCipher; 58 } 59 60 @CalledByNative("Srtp") getEnableEncryptedRtpHeaderExtensions()61 public boolean getEnableEncryptedRtpHeaderExtensions() { 62 return enableEncryptedRtpHeaderExtensions; 63 } 64 } 65 66 /** 67 * Options to be used when the FrameEncryptor / FrameDecryptor APIs are used. 68 */ 69 public final class SFrame { 70 /** 71 * If set all RtpSenders must have an FrameEncryptor attached to them before 72 * they are allowed to send packets. All RtpReceivers must have a 73 * FrameDecryptor attached to them before they are able to receive packets. 74 */ 75 private final boolean requireFrameEncryption; 76 SFrame(boolean requireFrameEncryption)77 private SFrame(boolean requireFrameEncryption) { 78 this.requireFrameEncryption = requireFrameEncryption; 79 } 80 81 @CalledByNative("SFrame") getRequireFrameEncryption()82 public boolean getRequireFrameEncryption() { 83 return requireFrameEncryption; 84 } 85 } 86 87 private final Srtp srtp; 88 private final SFrame sframe; 89 CryptoOptions(boolean enableGcmCryptoSuites, boolean enableAes128Sha1_32CryptoCipher, boolean enableEncryptedRtpHeaderExtensions, boolean requireFrameEncryption)90 private CryptoOptions(boolean enableGcmCryptoSuites, boolean enableAes128Sha1_32CryptoCipher, 91 boolean enableEncryptedRtpHeaderExtensions, boolean requireFrameEncryption) { 92 this.srtp = new Srtp( 93 enableGcmCryptoSuites, enableAes128Sha1_32CryptoCipher, enableEncryptedRtpHeaderExtensions); 94 this.sframe = new SFrame(requireFrameEncryption); 95 } 96 builder()97 public static Builder builder() { 98 return new Builder(); 99 } 100 101 @CalledByNative getSrtp()102 public Srtp getSrtp() { 103 return srtp; 104 } 105 106 @CalledByNative getSFrame()107 public SFrame getSFrame() { 108 return sframe; 109 } 110 111 public static class Builder { 112 private boolean enableGcmCryptoSuites; 113 private boolean enableAes128Sha1_32CryptoCipher; 114 private boolean enableEncryptedRtpHeaderExtensions; 115 private boolean requireFrameEncryption; 116 Builder()117 private Builder() {} 118 setEnableGcmCryptoSuites(boolean enableGcmCryptoSuites)119 public Builder setEnableGcmCryptoSuites(boolean enableGcmCryptoSuites) { 120 this.enableGcmCryptoSuites = enableGcmCryptoSuites; 121 return this; 122 } 123 setEnableAes128Sha1_32CryptoCipher(boolean enableAes128Sha1_32CryptoCipher)124 public Builder setEnableAes128Sha1_32CryptoCipher(boolean enableAes128Sha1_32CryptoCipher) { 125 this.enableAes128Sha1_32CryptoCipher = enableAes128Sha1_32CryptoCipher; 126 return this; 127 } 128 setEnableEncryptedRtpHeaderExtensions( boolean enableEncryptedRtpHeaderExtensions)129 public Builder setEnableEncryptedRtpHeaderExtensions( 130 boolean enableEncryptedRtpHeaderExtensions) { 131 this.enableEncryptedRtpHeaderExtensions = enableEncryptedRtpHeaderExtensions; 132 return this; 133 } 134 setRequireFrameEncryption(boolean requireFrameEncryption)135 public Builder setRequireFrameEncryption(boolean requireFrameEncryption) { 136 this.requireFrameEncryption = requireFrameEncryption; 137 return this; 138 } 139 createCryptoOptions()140 public CryptoOptions createCryptoOptions() { 141 return new CryptoOptions(enableGcmCryptoSuites, enableAes128Sha1_32CryptoCipher, 142 enableEncryptedRtpHeaderExtensions, requireFrameEncryption); 143 } 144 } 145 } 146