blob: ceb898b9fb1c1d950d6d25e663498238f37be68d [file] [log] [blame]
/*
* Copyright 2016 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#ifndef P2P_BASE_DTLS_TRANSPORT_INTERNAL_H_
#define P2P_BASE_DTLS_TRANSPORT_INTERNAL_H_
#include <stddef.h>
#include <stdint.h>
#include <memory>
#include <string>
#include <utility>
#include "absl/base/attributes.h"
#include "absl/strings/string_view.h"
#include "api/crypto/crypto_options.h"
#include "api/dtls_transport_interface.h"
#include "api/scoped_refptr.h"
#include "p2p/base/ice_transport_internal.h"
#include "p2p/base/packet_transport_internal.h"
#include "rtc_base/callback_list.h"
#include "rtc_base/ssl_certificate.h"
#include "rtc_base/ssl_fingerprint.h"
#include "rtc_base/ssl_stream_adapter.h"
namespace cricket {
enum PacketFlags {
PF_NORMAL = 0x00, // A normal packet.
PF_SRTP_BYPASS = 0x01, // An encrypted SRTP packet; bypass any additional
// crypto provided by the transport (e.g. DTLS)
};
// DtlsTransportInternal is an internal interface that does DTLS, also
// negotiating SRTP crypto suites so that it may be used for DTLS-SRTP.
//
// Once the public interface is supported,
// (https://www.w3.org/TR/webrtc/#rtcdtlstransport-interface)
// the DtlsTransportInterface will be split from this class.
class DtlsTransportInternal : public rtc::PacketTransportInternal {
public:
~DtlsTransportInternal() override;
DtlsTransportInternal(const DtlsTransportInternal&) = delete;
DtlsTransportInternal& operator=(const DtlsTransportInternal&) = delete;
virtual webrtc::DtlsTransportState dtls_state() const = 0;
virtual int component() const = 0;
virtual bool IsDtlsActive() const = 0;
virtual bool GetDtlsRole(rtc::SSLRole* role) const = 0;
virtual bool SetDtlsRole(rtc::SSLRole role) = 0;
// Finds out which TLS/DTLS version is running.
virtual bool GetSslVersionBytes(int* version) const = 0;
// Finds out which DTLS-SRTP cipher was negotiated.
// TODO(zhihuang): Remove this once all dependencies implement this.
virtual bool GetSrtpCryptoSuite(int* cipher) const = 0;
// Finds out which DTLS cipher was negotiated.
// TODO(zhihuang): Remove this once all dependencies implement this.
virtual bool GetSslCipherSuite(int* cipher) const = 0;
virtual std::optional<absl::string_view> GetTlsCipherSuiteName() const = 0;
// Find out which signature algorithm was used by the peer. Returns values
// from
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-signaturescheme
// If not applicable, it returns zero.
virtual uint16_t GetSslPeerSignatureAlgorithm() const = 0;
// Gets the local RTCCertificate used for DTLS.
virtual rtc::scoped_refptr<rtc::RTCCertificate> GetLocalCertificate()
const = 0;
virtual bool SetLocalCertificate(
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) = 0;
// Gets a copy of the remote side's SSL certificate chain.
virtual std::unique_ptr<rtc::SSLCertChain> GetRemoteSSLCertChain() const = 0;
// Allows key material to be extracted for external encryption.
virtual bool ExportSrtpKeyingMaterial(
rtc::ZeroOnFreeBuffer<uint8_t>& keying_material) = 0;
// Set DTLS remote fingerprint. Must be after local identity set.
ABSL_DEPRECATED("Use SetRemoteParameters instead.")
virtual bool SetRemoteFingerprint(absl::string_view digest_alg,
const uint8_t* digest,
size_t digest_len) = 0;
// Set DTLS remote fingerprint and role. Must be after local identity set.
virtual webrtc::RTCError SetRemoteParameters(
absl::string_view digest_alg,
const uint8_t* digest,
size_t digest_len,
std::optional<rtc::SSLRole> role) = 0;
ABSL_DEPRECATED("Set the max version via construction.")
bool SetSslMaxProtocolVersion(rtc::SSLProtocolVersion version) {
return true;
}
// Expose the underneath IceTransport.
virtual IceTransportInternal* ice_transport() = 0;
// F: void(DtlsTransportInternal*, const webrtc::DtlsTransportState)
template <typename F>
void SubscribeDtlsTransportState(F&& callback) {
dtls_transport_state_callback_list_.AddReceiver(std::forward<F>(callback));
}
template <typename F>
void SubscribeDtlsTransportState(const void* id, F&& callback) {
dtls_transport_state_callback_list_.AddReceiver(id,
std::forward<F>(callback));
}
// Unsubscribe the subscription with given id.
void UnsubscribeDtlsTransportState(const void* id) {
dtls_transport_state_callback_list_.RemoveReceivers(id);
}
void SendDtlsState(DtlsTransportInternal* transport,
webrtc::DtlsTransportState state) {
dtls_transport_state_callback_list_.Send(transport, state);
}
// Emitted whenever the Dtls handshake failed on some transport channel.
// F: void(rtc::SSLHandshakeError)
template <typename F>
void SubscribeDtlsHandshakeError(F&& callback) {
dtls_handshake_error_callback_list_.AddReceiver(std::forward<F>(callback));
}
void SendDtlsHandshakeError(rtc::SSLHandshakeError error) {
dtls_handshake_error_callback_list_.Send(error);
}
protected:
DtlsTransportInternal();
private:
webrtc::CallbackList<const rtc::SSLHandshakeError>
dtls_handshake_error_callback_list_;
webrtc::CallbackList<DtlsTransportInternal*, const webrtc::DtlsTransportState>
dtls_transport_state_callback_list_;
};
} // namespace cricket
#endif // P2P_BASE_DTLS_TRANSPORT_INTERNAL_H_