Add AEAD support to Frame Encryption API. Add Contribuitng Source To Decryptor.
This change allows supporting additional data for authentication and adds a
requirement for the contributing source to be provided during decryption.
Change-Id: Ifc19cb2d8a7d6c3715c83c95cf12f64df0bca454
Bug: webrtc:9681
Reviewed-on: https://webrtc-review.googlesource.com/100001
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24712}
diff --git a/api/crypto/framedecryptorinterface.h b/api/crypto/framedecryptorinterface.h
index 1c49b51..587df47 100644
--- a/api/crypto/framedecryptorinterface.h
+++ b/api/crypto/framedecryptorinterface.h
@@ -11,6 +11,8 @@
#ifndef API_CRYPTO_FRAMEDECRYPTORINTERFACE_H_
#define API_CRYPTO_FRAMEDECRYPTORINTERFACE_H_
+#include <vector>
+
#include "api/array_view.h"
#include "api/mediatypes.h"
#include "rtc_base/refcount.h"
@@ -24,21 +26,23 @@
// addition to the standard SRTP mechanism and is not intended to be used
// without it. You may assume that this interface will have the same lifetime
// as the RTPReceiver it is attached to. It must only be attached to one
-// RTPReceiver.
+// RTPReceiver. Additional data may be null.
// Note: This interface is not ready for production use.
class FrameDecryptorInterface : public rtc::RefCountInterface {
public:
~FrameDecryptorInterface() override {}
// Attempts to decrypt the encrypted frame. You may assume the frame size will
- // be allocated to the size returned from GetOutputSize. You may assume that
- // the frames are in order if SRTP is enabled. The stream is not provided here
- // and it is up to the implementor to transport this information to the
+ // be allocated to the size returned from GetMaxPlaintextSize. You may assume
+ // that the frames are in order if SRTP is enabled. The stream is not provided
+ // here and it is up to the implementor to transport this information to the
// receiver if they care about it. You must set bytes_written to how many
// bytes you wrote to in the frame buffer. 0 must be returned if successful
// all other numbers can be selected by the implementer to represent error
// codes.
virtual int Decrypt(cricket::MediaType media_type,
+ const std::vector<uint32_t>& csrcs,
+ rtc::ArrayView<const uint8_t> additional_data,
rtc::ArrayView<const uint8_t> encrypted_frame,
rtc::ArrayView<uint8_t> frame,
size_t* bytes_written) = 0;
diff --git a/api/crypto/frameencryptorinterface.h b/api/crypto/frameencryptorinterface.h
index a99549c..72bc04b 100644
--- a/api/crypto/frameencryptorinterface.h
+++ b/api/crypto/frameencryptorinterface.h
@@ -23,7 +23,7 @@
// the receiving device. Note this is an additional layer of encryption in
// addition to the standard SRTP mechanism and is not intended to be used
// without it. Implementations of this interface will have the same lifetime as
-// the RTPSenders it is attached to.
+// the RTPSenders it is attached to. Additional data may be null.
// Note: This interface is not ready for production use.
class FrameEncryptorInterface : public rtc::RefCountInterface {
public:
@@ -38,6 +38,7 @@
// selected by the implementer to represent error codes.
virtual int Encrypt(cricket::MediaType media_type,
uint32_t ssrc,
+ rtc::ArrayView<const uint8_t> additional_data,
rtc::ArrayView<const uint8_t> frame,
rtc::ArrayView<uint8_t> encrypted_frame,
size_t* bytes_written) = 0;