1 /*
2  *  Copyright 2017 The WebRTC project authors. All Rights Reserved.
3  *
4  *  Use of this source code is governed by a BSD-style license
5  *  that can be found in the LICENSE file in the root of the source
6  *  tree. An additional intellectual property rights grant can be found
7  *  in the file PATENTS.  All contributing project authors may
8  *  be found in the AUTHORS file in the root of the source tree.
9  */
10 
11 #ifndef PC_DTLS_SRTP_TRANSPORT_H_
12 #define PC_DTLS_SRTP_TRANSPORT_H_
13 
14 #include <vector>
15 
16 #include "absl/types/optional.h"
17 #include "api/crypto_params.h"
18 #include "api/rtc_error.h"
19 #include "p2p/base/dtls_transport_internal.h"
20 #include "p2p/base/packet_transport_internal.h"
21 #include "pc/srtp_transport.h"
22 #include "rtc_base/buffer.h"
23 #include "rtc_base/third_party/sigslot/sigslot.h"
24 
25 namespace webrtc {
26 
27 // The subclass of SrtpTransport is used for DTLS-SRTP. When the DTLS handshake
28 // is finished, it extracts the keying materials from DtlsTransport and
29 // configures the SrtpSessions in the base class.
30 class DtlsSrtpTransport : public SrtpTransport {
31  public:
32   explicit DtlsSrtpTransport(bool rtcp_mux_enabled);
33 
34   // Set P2P layer RTP/RTCP DtlsTransports. When using RTCP-muxing,
35   // |rtcp_dtls_transport| is null.
36   void SetDtlsTransports(cricket::DtlsTransportInternal* rtp_dtls_transport,
37                          cricket::DtlsTransportInternal* rtcp_dtls_transport);
38 
39   void SetRtcpMuxEnabled(bool enable) override;
40 
41   // Set the header extension ids that should be encrypted.
42   void UpdateSendEncryptedHeaderExtensionIds(
43       const std::vector<int>& send_extension_ids);
44 
45   void UpdateRecvEncryptedHeaderExtensionIds(
46       const std::vector<int>& recv_extension_ids);
47 
48   sigslot::signal<DtlsSrtpTransport*, bool> SignalDtlsSrtpSetupFailure;
49   sigslot::signal<> SignalDtlsStateChange;
50 
SetSrtpSendKey(const cricket::CryptoParams & params)51   RTCError SetSrtpSendKey(const cricket::CryptoParams& params) override {
52     return RTCError(RTCErrorType::UNSUPPORTED_OPERATION,
53                     "Set SRTP keys for DTLS-SRTP is not supported.");
54   }
SetSrtpReceiveKey(const cricket::CryptoParams & params)55   RTCError SetSrtpReceiveKey(const cricket::CryptoParams& params) override {
56     return RTCError(RTCErrorType::UNSUPPORTED_OPERATION,
57                     "Set SRTP keys for DTLS-SRTP is not supported.");
58   }
59 
60   // If |active_reset_srtp_params_| is set to be true, the SRTP parameters will
61   // be reset whenever the DtlsTransports are reset.
SetActiveResetSrtpParams(bool active_reset_srtp_params)62   void SetActiveResetSrtpParams(bool active_reset_srtp_params) {
63     active_reset_srtp_params_ = active_reset_srtp_params;
64   }
65 
66  private:
67   bool IsDtlsActive();
68   bool IsDtlsConnected();
69   bool IsDtlsWritable();
70   bool DtlsHandshakeCompleted();
71   void MaybeSetupDtlsSrtp();
72   void SetupRtpDtlsSrtp();
73   void SetupRtcpDtlsSrtp();
74   bool ExtractParams(cricket::DtlsTransportInternal* dtls_transport,
75                      int* selected_crypto_suite,
76                      rtc::ZeroOnFreeBuffer<unsigned char>* send_key,
77                      rtc::ZeroOnFreeBuffer<unsigned char>* recv_key);
78   void SetDtlsTransport(cricket::DtlsTransportInternal* new_dtls_transport,
79                         cricket::DtlsTransportInternal** old_dtls_transport);
80   void SetRtpDtlsTransport(cricket::DtlsTransportInternal* rtp_dtls_transport);
81   void SetRtcpDtlsTransport(
82       cricket::DtlsTransportInternal* rtcp_dtls_transport);
83 
84   void OnDtlsState(cricket::DtlsTransportInternal* dtls_transport,
85                    cricket::DtlsTransportState state);
86 
87   // Override the SrtpTransport::OnWritableState.
88   void OnWritableState(rtc::PacketTransportInternal* packet_transport) override;
89 
90   // Owned by the TransportController.
91   cricket::DtlsTransportInternal* rtp_dtls_transport_ = nullptr;
92   cricket::DtlsTransportInternal* rtcp_dtls_transport_ = nullptr;
93 
94   // The encrypted header extension IDs.
95   absl::optional<std::vector<int>> send_extension_ids_;
96   absl::optional<std::vector<int>> recv_extension_ids_;
97 
98   bool active_reset_srtp_params_ = false;
99 };
100 
101 }  // namespace webrtc
102 
103 #endif  // PC_DTLS_SRTP_TRANSPORT_H_
104