From 75cd73e3c4e1d428d1a6d8a4f8a5794d8ed59f59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?The=CC=81o=20Monnom?= Date: Mon, 4 Sep 2023 10:16:35 -0700 Subject: [PATCH] wip --- examples/wgpu_room/src/service.rs | 13 +- livekit-webrtc/src/frame_cryptor.rs | 142 ----------------- livekit-webrtc/src/lib.rs | 2 +- livekit-webrtc/src/native/frame_cryptor.rs | 147 ++++++++++-------- .../src/native/peer_connection_factory.rs | 2 +- livekit-webrtc/src/native/video_frame.rs | 2 +- livekit/src/room/e2ee/key_provider.rs | 86 ++++------ livekit/src/room/e2ee/manager.rs | 6 +- livekit/src/room/mod.rs | 7 +- webrtc-sys/include/livekit/frame_cryptor.h | 38 +++-- webrtc-sys/src/frame_cryptor.cpp | 10 +- webrtc-sys/src/frame_cryptor.rs | 34 ++-- 12 files changed, 174 insertions(+), 315 deletions(-) delete mode 100644 livekit-webrtc/src/frame_cryptor.rs diff --git a/examples/wgpu_room/src/service.rs b/examples/wgpu_room/src/service.rs index f78467b6..2dfa5481 100644 --- a/examples/wgpu_room/src/service.rs +++ b/examples/wgpu_room/src/service.rs @@ -196,18 +196,7 @@ async fn service_task(inner: Arc, mut cmd_rx: mpsc::UnboundedRecei if let Some(state) = running_state.as_ref() { let e2ee_manager = state.room.e2ee_manager(); if let Some(key_provider) = e2ee_manager.key_provider() { - // Ratchet all local cryptors - e2ee_manager.frame_cryptors().iter().for_each( - |((participant_identity, _), cryptor)| { - if participant_identity.as_str() - != state.room.local_participant().identity().as_str() - { - return; - } - - key_provider.ratchet_key(cryptor.participant_id(), 0); - }, - ); + key_provider.ratchet_shared_key(0); } } } diff --git a/livekit-webrtc/src/frame_cryptor.rs b/livekit-webrtc/src/frame_cryptor.rs deleted file mode 100644 index d1b7e867..00000000 --- a/livekit-webrtc/src/frame_cryptor.rs +++ /dev/null @@ -1,142 +0,0 @@ -// Copyright 2023 LiveKit, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -use crate::{imp::frame_cryptor as fc_imp, prelude::RtpReceiver, rtp_sender::RtpSender}; - -#[derive(Debug, Clone)] -pub struct KeyProviderOptions { - pub shared_key: bool, - pub ratchet_window_size: i32, - pub ratchet_salt: Vec, - pub uncrypted_magic_bytes: Vec, -} - -#[derive(Debug, Clone, Copy, PartialEq, Eq)] -pub enum Algorithm { - AesGcm, - AesCbc, -} - -#[derive(Debug, Clone, Copy, PartialEq, Eq)] -pub enum EncryptionState { - New, - Ok, - EncryptionFailed, - DecryptionFailed, - MissingKey, - KeyRatcheted, - InternalError, -} - -#[derive(Clone)] -pub struct KeyProvider { - pub(crate) handle: fc_imp::KeyProvider, -} - -impl KeyProvider { - pub fn new(options: KeyProviderOptions) -> Self { - Self { - handle: fc_imp::KeyProvider::new(options), - } - } - - pub fn set_shared_key(&self, key_index: i32, key: Vec) -> bool { - self.handle.set_shared_key(key_index, key) - } - - pub fn ratchet_shared_key(&self, key_index: i32) -> Vec { - self.handle.ratchet_shared_key(key_index) - } - - pub fn export_shared_key(&self, key_index: i32) -> Vec { - self.handle.export_shared_key(key_index) - } - - pub fn set_key(&self, participant_id: String, key_index: i32, key: Vec) -> bool { - self.handle.set_key(participant_id, key_index, key) - } - - pub fn ratchet_key(&self, participant_id: String, key_index: i32) -> Vec { - self.handle.ratchet_key(participant_id, key_index) - } - - pub fn export_key(&self, participant_id: String, key_index: i32) -> Vec { - self.handle.export_key(participant_id, key_index) - } -} - -#[derive(Clone)] -pub struct FrameCryptor { - pub(crate) handle: fc_imp::FrameCryptor, -} - -pub type OnStateChange = Box; - -impl FrameCryptor { - pub fn new_for_rtp_sender( - participant_id: String, - algorithm: Algorithm, - key_provider: KeyProvider, - sender: RtpSender, - ) -> Self { - Self { - handle: fc_imp::FrameCryptor::new_for_rtp_sender( - participant_id, - algorithm, - key_provider.handle, - sender.handle, - ), - } - } - - pub fn new_for_rtp_receiver( - participant_id: String, - algorithm: Algorithm, - key_provider: KeyProvider, - receiver: RtpReceiver, - ) -> Self { - Self { - handle: fc_imp::FrameCryptor::new_for_rtp_receiver( - participant_id, - algorithm, - key_provider.handle, - receiver.handle, - ), - } - } - - pub fn set_enabled(self: &FrameCryptor, enabled: bool) { - self.handle.set_enabled(enabled) - } - - pub fn enabled(self: &FrameCryptor) -> bool { - self.handle.enabled() - } - - pub fn set_key_index(self: &FrameCryptor, index: i32) { - self.handle.set_key_index(index) - } - - pub fn key_index(self: &FrameCryptor) -> i32 { - self.handle.key_index() - } - - pub fn participant_id(self: &FrameCryptor) -> String { - self.handle.participant_id() - } - - pub fn on_state_change(&self, callback: Option) { - self.handle.on_state_change(callback) - } -} diff --git a/livekit-webrtc/src/lib.rs b/livekit-webrtc/src/lib.rs index 0ba25cc8..bb097b79 100644 --- a/livekit-webrtc/src/lib.rs +++ b/livekit-webrtc/src/lib.rs @@ -60,11 +60,11 @@ pub mod video_frame; pub mod video_source; pub mod video_stream; pub mod video_track; -pub mod frame_cryptor; #[cfg(not(target_arch = "wasm32"))] pub mod native { pub use crate::imp::audio_resampler; + pub use crate::imp::frame_cryptor; pub use crate::imp::yuv_helper; pub use webrtc_sys::webrtc::ffi::create_random_uuid; } diff --git a/livekit-webrtc/src/native/frame_cryptor.rs b/livekit-webrtc/src/native/frame_cryptor.rs index f847bf66..668206e7 100644 --- a/livekit-webrtc/src/native/frame_cryptor.rs +++ b/livekit-webrtc/src/native/frame_cryptor.rs @@ -1,55 +1,35 @@ -use crate::frame_cryptor::{Algorithm, EncryptionState, KeyProviderOptions, OnStateChange}; - use cxx::SharedPtr; use parking_lot::Mutex; use std::sync::Arc; use webrtc_sys::frame_cryptor::{self as sys_fc}; -use super::{rtp_receiver::RtpReceiver, rtp_sender::RtpSender}; +use crate::{rtp_receiver::RtpReceiver, rtp_sender::RtpSender}; -impl From for Algorithm { - fn from(value: sys_fc::ffi::Algorithm) -> Self { - match value { - sys_fc::ffi::Algorithm::AesGcm => Self::AesGcm, - sys_fc::ffi::Algorithm::AesCbc => Self::AesCbc, - _ => panic!("unknown frame cyrptor Algorithm"), - } - } -} +pub type OnStateChange = Box; -impl From for sys_fc::ffi::Algorithm { - fn from(value: Algorithm) -> Self { - match value { - Algorithm::AesGcm => Self::AesGcm, - Algorithm::AesCbc => Self::AesCbc, - } - } +#[derive(Debug, Clone)] +pub struct KeyProviderOptions { + pub shared_key: bool, + pub ratchet_window_size: i32, + pub ratchet_salt: Vec, + pub uncrypted_magic_bytes: Vec, } -impl From for EncryptionState { - fn from(value: sys_fc::ffi::FrameCryptionState) -> Self { - match value { - sys_fc::ffi::FrameCryptionState::New => Self::New, - sys_fc::ffi::FrameCryptionState::Ok => Self::Ok, - sys_fc::ffi::FrameCryptionState::EncryptionFailed => Self::EncryptionFailed, - sys_fc::ffi::FrameCryptionState::DecryptionFailed => Self::DecryptionFailed, - sys_fc::ffi::FrameCryptionState::MissingKey => Self::MissingKey, - sys_fc::ffi::FrameCryptionState::KeyRatcheted => Self::KeyRatcheted, - sys_fc::ffi::FrameCryptionState::InternalError => Self::InternalError, - _ => panic!("unknown frame cyrptor FrameCryptionState"), - } - } +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub enum EncryptionAlgorithm { + AesGcm, + AesCbc, } -impl From for sys_fc::ffi::KeyProviderOptions { - fn from(value: KeyProviderOptions) -> Self { - Self { - shared_key: value.shared_key, - ratchet_window_size: value.ratchet_window_size, - ratchet_salt: value.ratchet_salt, - uncrypted_magic_bytes: value.uncrypted_magic_bytes, - } - } +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub enum EncryptionState { + New, + Ok, + EncryptionFailed, + DecryptionFailed, + MissingKey, + KeyRatcheted, + InternalError, } #[derive(Clone)] @@ -58,7 +38,7 @@ pub struct KeyProvider { } impl KeyProvider { - pub fn new(options: crate::frame_cryptor::KeyProviderOptions) -> Self { + pub fn new(options: KeyProviderOptions) -> Self { Self { sys_handle: sys_fc::ffi::new_key_provider(options.into()), } @@ -68,53 +48,53 @@ impl KeyProvider { self.sys_handle.set_shared_key(key_index, key) } - pub fn ratchet_shared_key(&self, key_index: i32) -> Vec { - self.sys_handle.ratchet_shared_key(key_index) + pub fn ratchet_shared_key(&self, key_index: i32) -> Option> { + self.sys_handle.ratchet_shared_key(key_index).ok() } - pub fn export_shared_key(&self, key_index: i32) -> Vec { - self.sys_handle.export_shared_key(key_index) + pub fn get_shared_key(&self, key_index: i32) -> Option> { + self.sys_handle.get_shared_key(key_index).ok() } pub fn set_key(&self, participant_id: String, key_index: i32, key: Vec) -> bool { self.sys_handle.set_key(participant_id, key_index, key) } - pub fn ratchet_key(&self, participant_id: String, key_index: i32) -> Vec { - self.sys_handle.ratchet_key(participant_id, key_index) + pub fn ratchet_key(&self, participant_id: String, key_index: i32) -> Option> { + self.sys_handle.ratchet_key(participant_id, key_index).ok() } - pub fn export_key(&self, participant_id: String, key_index: i32) -> Vec { - self.sys_handle.export_key(participant_id, key_index) + pub fn get_key(&self, participant_id: String, key_index: i32) -> Option> { + self.sys_handle.get_key(participant_id, key_index).ok() } } #[derive(Clone)] pub struct FrameCryptor { - observer: Arc, + observer: Arc, pub(crate) sys_handle: SharedPtr, } impl FrameCryptor { pub fn new_for_rtp_sender( participant_id: String, - algorithm: Algorithm, + algorithm: EncryptionAlgorithm, key_provider: KeyProvider, sender: RtpSender, ) -> Self { - let observer = Arc::new(RTCFrameCryptorObserver::default()); + let observer = Arc::new(RtcFrameCryptorObserver::default()); let sys_handle = sys_fc::ffi::new_frame_cryptor_for_rtp_sender( participant_id, algorithm.into(), key_provider.sys_handle, - sender.sys_handle, + sender.handle.sys_handle, ); let fc = Self { observer: observer.clone(), sys_handle: sys_handle.clone(), }; fc.sys_handle - .register_observer(Box::new(sys_fc::RTCFrameCryptorObserverWrapper::new( + .register_observer(Box::new(sys_fc::RtcFrameCryptorObserverWrapper::new( observer, ))); fc @@ -122,23 +102,23 @@ impl FrameCryptor { pub fn new_for_rtp_receiver( participant_id: String, - algorithm: Algorithm, + algorithm: EncryptionAlgorithm, key_provider: KeyProvider, receiver: RtpReceiver, ) -> Self { - let observer = Arc::new(RTCFrameCryptorObserver::default()); + let observer = Arc::new(RtcFrameCryptorObserver::default()); let sys_handle = sys_fc::ffi::new_frame_cryptor_for_rtp_receiver( participant_id, algorithm.into(), key_provider.sys_handle, - receiver.sys_handle, + receiver.handle.sys_handle, ); let fc = Self { observer: observer.clone(), sys_handle: sys_handle.clone(), }; fc.sys_handle - .register_observer(Box::new(sys_fc::RTCFrameCryptorObserverWrapper::new( + .register_observer(Box::new(sys_fc::RtcFrameCryptorObserverWrapper::new( observer, ))); fc @@ -170,11 +150,11 @@ impl FrameCryptor { } #[derive(Default)] -struct RTCFrameCryptorObserver { +struct RtcFrameCryptorObserver { state_change_handler: Mutex>, } -impl sys_fc::RTCFrameCryptorObserver for RTCFrameCryptorObserver { +impl sys_fc::RtcFrameCryptorObserver for RtcFrameCryptorObserver { fn on_frame_cryption_state_change( &self, participant_id: String, @@ -186,3 +166,48 @@ impl sys_fc::RTCFrameCryptorObserver for RTCFrameCryptorObserver { } } } + +impl From for EncryptionAlgorithm { + fn from(value: sys_fc::ffi::Algorithm) -> Self { + match value { + sys_fc::ffi::Algorithm::AesGcm => Self::AesGcm, + sys_fc::ffi::Algorithm::AesCbc => Self::AesCbc, + _ => panic!("unknown frame cyrptor Algorithm"), + } + } +} + +impl From for sys_fc::ffi::Algorithm { + fn from(value: EncryptionAlgorithm) -> Self { + match value { + EncryptionAlgorithm::AesGcm => Self::AesGcm, + EncryptionAlgorithm::AesCbc => Self::AesCbc, + } + } +} + +impl From for EncryptionState { + fn from(value: sys_fc::ffi::FrameCryptionState) -> Self { + match value { + sys_fc::ffi::FrameCryptionState::New => Self::New, + sys_fc::ffi::FrameCryptionState::Ok => Self::Ok, + sys_fc::ffi::FrameCryptionState::EncryptionFailed => Self::EncryptionFailed, + sys_fc::ffi::FrameCryptionState::DecryptionFailed => Self::DecryptionFailed, + sys_fc::ffi::FrameCryptionState::MissingKey => Self::MissingKey, + sys_fc::ffi::FrameCryptionState::KeyRatcheted => Self::KeyRatcheted, + sys_fc::ffi::FrameCryptionState::InternalError => Self::InternalError, + _ => panic!("unknown frame cyrptor FrameCryptionState"), + } + } +} + +impl From for sys_fc::ffi::KeyProviderOptions { + fn from(value: KeyProviderOptions) -> Self { + Self { + shared_key: value.shared_key, + ratchet_window_size: value.ratchet_window_size, + ratchet_salt: value.ratchet_salt, + uncrypted_magic_bytes: value.uncrypted_magic_bytes, + } + } +} diff --git a/livekit-webrtc/src/native/peer_connection_factory.rs b/livekit-webrtc/src/native/peer_connection_factory.rs index 6be75a32..ecc8f299 100644 --- a/livekit-webrtc/src/native/peer_connection_factory.rs +++ b/livekit-webrtc/src/native/peer_connection_factory.rs @@ -50,7 +50,7 @@ impl Default for PeerConnectionFactory { *log_sink = Some(sys_rtc::ffi::new_log_sink(|msg, severity| { let msg = msg .strip_suffix("\r\n") - .or(msg.strip_suffix("\n")) + .or(msg.strip_suffix('\n')) .unwrap_or(&msg); let lvl = match severity { diff --git a/livekit-webrtc/src/native/video_frame.rs b/livekit-webrtc/src/native/video_frame.rs index 456d01b2..9b727a58 100644 --- a/livekit-webrtc/src/native/video_frame.rs +++ b/livekit-webrtc/src/native/video_frame.rs @@ -160,7 +160,7 @@ macro_rules! impl_to_argb { #[allow(unused_unsafe)] impl NativeBuffer { pub fn sys_handle(&self) -> &vfb_sys::ffi::VideoFrameBuffer { - &*self.sys_handle + &self.sys_handle } pub fn width(&self) -> u32 { diff --git a/livekit/src/room/e2ee/key_provider.rs b/livekit/src/room/e2ee/key_provider.rs index 19d108df..4403b21d 100644 --- a/livekit/src/room/e2ee/key_provider.rs +++ b/livekit/src/room/e2ee/key_provider.rs @@ -12,54 +12,25 @@ // See the License for the specific language governing permissions and // limitations under the License. -use livekit_webrtc::frame_cryptor as fc; +use livekit_webrtc::native::frame_cryptor as fc; const DEFAULT_RATCHET_SALT: &str = "LKFrameEncryptionKey"; const DEFAULT_MAGIC_BYTES: &str = "LK-ROCKS"; -const DEFAULT_RATCHET_WINDOW_SIZE: i32 = 16; +const DEFAULT_RATCHET_WINDOW_SIZE: i32 = 0; #[derive(Clone)] pub struct KeyProviderOptions { - pub shared_key: bool, pub ratchet_window_size: i32, pub ratchet_salt: Vec, pub uncrypted_magic_bytes: Vec, } -impl KeyProviderOptions { - pub fn new( - shared_key: bool, - ratchet_window_size: i32, - ratchet_salt: Vec, - uncrypted_magic_bytes: Vec, - ) -> Self { - Self { - shared_key, - ratchet_window_size, - ratchet_salt, - uncrypted_magic_bytes, - } - } -} - impl Default for KeyProviderOptions { fn default() -> Self { Self { - shared_key: true, ratchet_window_size: DEFAULT_RATCHET_WINDOW_SIZE, - ratchet_salt: DEFAULT_RATCHET_SALT.as_bytes().to_vec(), - uncrypted_magic_bytes: DEFAULT_MAGIC_BYTES.as_bytes().to_vec(), - } - } -} - -impl From for fc::KeyProviderOptions { - fn from(options: KeyProviderOptions) -> Self { - Self { - shared_key: options.shared_key, - ratchet_window_size: options.ratchet_window_size, - ratchet_salt: options.ratchet_salt, - uncrypted_magic_bytes: options.uncrypted_magic_bytes, + ratchet_salt: DEFAULT_RATCHET_SALT.to_owned().into_bytes(), + uncrypted_magic_bytes: DEFAULT_MAGIC_BYTES.to_owned().into_bytes(), } } } @@ -69,56 +40,51 @@ pub struct KeyProvider { pub(crate) handle: fc::KeyProvider, } -impl Default for KeyProvider { - fn default() -> Self { - Self { - handle: fc::KeyProvider::new(KeyProviderOptions::default().into()), - } - } -} - impl KeyProvider { + /// By default, the key provider is not shared pub fn new(options: KeyProviderOptions) -> Self { Self { - handle: fc::KeyProvider::new(options.into()), + handle: fc::KeyProvider::new(fc::KeyProviderOptions { + shared_key: false, + ratchet_window_size: options.ratchet_window_size, + ratchet_salt: options.ratchet_salt, + uncrypted_magic_bytes: options.uncrypted_magic_bytes, + }), } } - // create a new key provider with a shared key - pub fn new_with_shared_key(shared_key: Vec) -> Self { - let handle = fc::KeyProvider::new(KeyProviderOptions::default().into()); + pub fn with_shared_key(options: KeyProviderOptions, shared_key: Vec) -> Self { + let handle = fc::KeyProvider::new(fc::KeyProviderOptions { + shared_key: true, + ratchet_window_size: options.ratchet_window_size, + ratchet_salt: options.ratchet_salt, + uncrypted_magic_bytes: options.uncrypted_magic_bytes, + }); handle.set_shared_key(0, shared_key); Self { handle } } - // set shared key, default key index is 0 - pub fn set_shared_key(&self, shared_key: Vec, key_index: Option) { - self.handle - .set_shared_key(key_index.unwrap_or(0), shared_key); + pub fn set_shared_key(&self, shared_key: Vec, key_index: i32) { + self.handle.set_shared_key(key_index, shared_key); } - // ratchet shared key by key index. - pub fn ratchet_shared_key(&self, key_index: i32) -> Vec { + pub fn ratchet_shared_key(&self, key_index: i32) -> Option> { self.handle.ratchet_shared_key(key_index) } - // export shared key by key index. - pub fn export_shared_key(&self, key_index: i32) -> Vec { - self.handle.export_shared_key(key_index) + pub fn get_shared_key(&self, key_index: i32) -> Option> { + self.handle.get_shared_key(key_index) } - // set key for a participant, with a key index pub fn set_key(&self, participant_id: String, key_index: i32, key: Vec) -> bool { self.handle.set_key(participant_id, key_index, key) } - // ratchet key for a participant, with a key index - pub fn ratchet_key(&self, participant_id: String, key_index: i32) -> Vec { + pub fn ratchet_key(&self, participant_id: String, key_index: i32) -> Option> { self.handle.ratchet_key(participant_id, key_index) } - // export current key for a participant, with a key index - pub fn export_key(&self, participant_id: String, key_index: i32) -> Vec { - self.handle.export_key(participant_id, key_index) + pub fn get_key(&self, participant_id: String, key_index: i32) -> Option> { + self.handle.get_key(participant_id, key_index) } } diff --git a/livekit/src/room/e2ee/manager.rs b/livekit/src/room/e2ee/manager.rs index 911e5101..03f649e9 100644 --- a/livekit/src/room/e2ee/manager.rs +++ b/livekit/src/room/e2ee/manager.rs @@ -18,7 +18,7 @@ use crate::e2ee::E2eeOptions; use crate::id::{ParticipantIdentity, TrackSid}; use crate::participant::{LocalParticipant, RemoteParticipant}; use crate::prelude::{LocalTrack, LocalTrackPublication, RemoteTrack, RemoteTrackPublication}; -use livekit_webrtc::frame_cryptor::{Algorithm, EncryptionState, FrameCryptor}; +use livekit_webrtc::native::frame_cryptor::{EncryptionAlgorithm, EncryptionState, FrameCryptor}; use livekit_webrtc::{rtp_receiver::RtpReceiver, rtp_sender::RtpSender}; use parking_lot::Mutex; use std::collections::HashMap; @@ -187,7 +187,7 @@ impl E2eeManager { let frame_cryptor = FrameCryptor::new_for_rtp_sender( participant_identity.to_string(), - Algorithm::AesGcm, + EncryptionAlgorithm::AesGcm, options.key_provider.handle.clone(), sender, ); @@ -205,7 +205,7 @@ impl E2eeManager { let frame_cryptor = FrameCryptor::new_for_rtp_receiver( participant_identity.to_string(), - Algorithm::AesGcm, + EncryptionAlgorithm::AesGcm, options.key_provider.handle.clone(), receiver, ); diff --git a/livekit/src/room/mod.rs b/livekit/src/room/mod.rs index 3a0af801..20050218 100644 --- a/livekit/src/room/mod.rs +++ b/livekit/src/room/mod.rs @@ -12,6 +12,8 @@ // See the License for the specific language governing permissions and // limitations under the License. +use self::e2ee::manager::E2eeManager; +use self::e2ee::E2eeOptions; use crate::participant::ConnectionQuality; use crate::prelude::*; use crate::rtc_engine::EngineError; @@ -19,7 +21,7 @@ use crate::rtc_engine::{EngineEvent, EngineEvents, EngineResult, RtcEngine}; use livekit_api::signal_client::SignalOptions; use livekit_protocol as proto; use livekit_protocol::observer::Dispatcher; -use livekit_webrtc::frame_cryptor::EncryptionState; +use livekit_webrtc::native::frame_cryptor::EncryptionState; use parking_lot::RwLock; use std::collections::HashMap; use std::fmt::Debug; @@ -32,9 +34,6 @@ use tokio::task::JoinHandle; pub use crate::rtc_engine::SimulateScenario; pub use proto::DisconnectReason; -use self::e2ee::manager::E2eeManager; -use self::e2ee::E2eeOptions; - pub mod e2ee; pub mod id; pub mod options; diff --git a/webrtc-sys/include/livekit/frame_cryptor.h b/webrtc-sys/include/livekit/frame_cryptor.h index c1a180f7..668dbe62 100644 --- a/webrtc-sys/include/livekit/frame_cryptor.h +++ b/webrtc-sys/include/livekit/frame_cryptor.h @@ -32,16 +32,14 @@ namespace livekit { struct KeyProviderOptions; enum class Algorithm : ::std::int32_t; -class RTCFrameCryptorObserverWrapper; +class RtcFrameCryptorObserverWrapper; class NativeFrameCryptorObserver; /// Shared secret key for frame encryption. class KeyProvider { public: KeyProvider(KeyProviderOptions options); - ~KeyProvider() { - - } + ~KeyProvider() {} bool set_shared_key(int32_t index, rust::Vec<::std::uint8_t> key) const { std::vector key_vec; @@ -49,21 +47,28 @@ class KeyProvider { return impl_->SetSharedKey(index, key_vec); } - rust::Vec<::std::uint8_t> ratchet_shared_key(int32_t key_index) const { rust::Vec vec; auto data = impl_->RatchetSharedKey(key_index); + if (data.empty()) { + throw std::runtime_error("ratchet_shared_key failed"); + } + std::move(data.begin(), data.end(), std::back_inserter(vec)); return vec; } - rust::Vec<::std::uint8_t> export_shared_key(int32_t key_index) const { + rust::Vec<::std::uint8_t> get_shared_key(int32_t key_index) const { rust::Vec vec; auto data = impl_->ExportSharedKey(key_index); + if (data.empty()) { + throw std::runtime_error("get_shared_key failed"); + } + std::move(data.begin(), data.end(), std::back_inserter(vec)); return vec; } - + /// Set the key at the given index. bool set_key(const ::rust::String participant_id, int32_t index, @@ -80,15 +85,23 @@ class KeyProvider { rust::Vec vec; auto data = impl_->RatchetKey( std::string(participant_id.data(), participant_id.size()), key_index); + if (data.empty()) { + throw std::runtime_error("ratchet_key failed"); + } + std::move(data.begin(), data.end(), std::back_inserter(vec)); return vec; } - rust::Vec<::std::uint8_t> export_key(const ::rust::String participant_id, - int32_t key_index) const { + rust::Vec<::std::uint8_t> get_key(const ::rust::String participant_id, + int32_t key_index) const { rust::Vec vec; auto data = impl_->ExportKey( std::string(participant_id.data(), participant_id.size()), key_index); + if (data.empty()) { + throw std::runtime_error("get_key failed"); + } + std::move(data.begin(), data.end(), std::back_inserter(vec)); return vec; } @@ -127,7 +140,8 @@ class FrameCryptor { rust::String participant_id() const { return participant_id_; } - void register_observer(rust::Box observer) const; + void register_observer( + rust::Box observer) const; void unregister_observer() const; @@ -144,7 +158,7 @@ class FrameCryptor { class NativeFrameCryptorObserver : public webrtc::FrameCryptorTransformerObserver { public: - NativeFrameCryptorObserver(rust::Box observer, + NativeFrameCryptorObserver(rust::Box observer, const FrameCryptor* fc); ~NativeFrameCryptorObserver(); @@ -152,7 +166,7 @@ class NativeFrameCryptorObserver webrtc::FrameCryptionState error) override; private: - rust::Box observer_; + rust::Box observer_; const FrameCryptor* fc_; }; diff --git a/webrtc-sys/src/frame_cryptor.cpp b/webrtc-sys/src/frame_cryptor.cpp index 954543ae..a3494e1d 100644 --- a/webrtc-sys/src/frame_cryptor.cpp +++ b/webrtc-sys/src/frame_cryptor.cpp @@ -97,7 +97,7 @@ FrameCryptor::FrameCryptor( FrameCryptor::~FrameCryptor() {} void FrameCryptor::register_observer( - rust::Box observer) const { + rust::Box observer) const { webrtc::MutexLock lock(&mutex_); observer_ = std::make_unique(std::move(observer), this); @@ -111,7 +111,7 @@ void FrameCryptor::unregister_observer() const { } NativeFrameCryptorObserver::NativeFrameCryptorObserver( - rust::Box observer, + rust::Box observer, const FrameCryptor* fc) : observer_(std::move(observer)), fc_(fc) {} @@ -156,9 +156,9 @@ std::shared_ptr new_frame_cryptor_for_rtp_sender( std::shared_ptr key_provider, std::shared_ptr sender) { return std::make_shared( - std::string(participant_id.data(), participant_id.size()), - AlgorithmToFrameCryptorAlgorithm(algorithm), - key_provider->rtc_key_provider(), sender->rtc_sender()); + std::string(participant_id.data(), participant_id.size()), + AlgorithmToFrameCryptorAlgorithm(algorithm), + key_provider->rtc_key_provider(), sender->rtc_sender()); } std::shared_ptr new_frame_cryptor_for_rtp_receiver( diff --git a/webrtc-sys/src/frame_cryptor.rs b/webrtc-sys/src/frame_cryptor.rs index 85b7dc31..888a1011 100644 --- a/webrtc-sys/src/frame_cryptor.rs +++ b/webrtc-sys/src/frame_cryptor.rs @@ -55,9 +55,9 @@ pub mod ffi { pub fn set_shared_key(self: &KeyProvider, key_index: i32, key: Vec) -> bool; - pub fn ratchet_shared_key(self: &KeyProvider, key_index: i32) -> Vec; + pub fn ratchet_shared_key(self: &KeyProvider, key_index: i32) -> Result>; - pub fn export_shared_key(self: &KeyProvider, key_index: i32) -> Vec; + pub fn get_shared_key(self: &KeyProvider, key_index: i32) -> Result>; pub fn set_key( self: &KeyProvider, @@ -66,9 +66,17 @@ pub mod ffi { key: Vec, ) -> bool; - pub fn ratchet_key(self: &KeyProvider, participant_id: String, key_index: i32) -> Vec; + pub fn ratchet_key( + self: &KeyProvider, + participant_id: String, + key_index: i32, + ) -> Result>; - pub fn export_key(self: &KeyProvider, participant_id: String, key_index: i32) -> Vec; + pub fn get_key( + self: &KeyProvider, + participant_id: String, + key_index: i32, + ) -> Result>; } unsafe extern "C++" { @@ -107,17 +115,17 @@ pub mod ffi { pub fn register_observer( self: &FrameCryptor, - observer: Box, + observer: Box, ); pub fn unregister_observer(self: &FrameCryptor); } extern "Rust" { - type RTCFrameCryptorObserverWrapper; + type RtcFrameCryptorObserverWrapper; fn on_frame_cryption_state_change( - self: &RTCFrameCryptorObserverWrapper, + self: &RtcFrameCryptorObserverWrapper, participant_id: String, state: FrameCryptionState, ); @@ -129,21 +137,21 @@ impl_thread_safety!(ffi::KeyProvider, Send + Sync); use ffi::FrameCryptionState; -pub trait RTCFrameCryptorObserver: Send + Sync { +pub trait RtcFrameCryptorObserver: Send + Sync { fn on_frame_cryption_state_change(&self, participant_id: String, state: FrameCryptionState); } -pub struct RTCFrameCryptorObserverWrapper { - observer: Arc, +pub struct RtcFrameCryptorObserverWrapper { + observer: Arc, } -impl RTCFrameCryptorObserverWrapper { - pub fn new(observer: Arc) -> Self { +impl RtcFrameCryptorObserverWrapper { + pub fn new(observer: Arc) -> Self { Self { observer } } fn on_frame_cryption_state_change( - self: &RTCFrameCryptorObserverWrapper, + self: &RtcFrameCryptorObserverWrapper, participant_id: String, state: FrameCryptionState, ) {