webrtc: enable GCM srtp ciphers by default

Enables the gcm cipher suites for SRTP by default. Since these ciphersuites
are not the first choice this does not change the default behaviour when
talking to other Chrome instances.

BUG=chromium:713701

Change-Id: I133da5b9fabc4605e557f0b787fe63ffa5c1746a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1917095Reviewed-by: Harald Alvestrand <hta@chromium.org>
Commit-Queue: Philipp Hancke <philipp.hancke@googlemail.com>
Cr-Commit-Position: refs/heads/master@{#759955}

third_party/blink/renderer/modules/peerconnection/rtc_peer_connection_handler.cc

@@ -1134,8 +1134,7 @@ bool RTCPeerConnectionHandler::Initialize(
 
   // Configure optional SRTP configurations enabled via the command line.
   configuration_.crypto_options = webrtc::CryptoOptions{};
-  configuration_.crypto_options->srtp.enable_gcm_crypto_suites =
-      blink::Platform::Current()->IsWebRtcSrtpAesGcmEnabled();
+  configuration_.crypto_options->srtp.enable_gcm_crypto_suites = true;
   configuration_.crypto_options->srtp.enable_encrypted_rtp_header_extensions =
       blink::Platform::Current()->IsWebRtcSrtpEncryptedHeadersEnabled();
   configuration_.enable_implicit_rollback = true;

third_party/blink/web_tests/fast/peerconnection/RTCPeerConnection-sdes-gcm.html

+<!DOCTYPE html>
+<html>
+<head>
+<title>RTCPeerConnection with AES-GCM ciphersuites (and SDES)</title>
+<script src="../../resources/testharness.js"></script>
+<script src="../../resources/testharnessreport.js"></script>
+</head>
+<body>
+<script>
+'use strict'
+const sdes_constraint = {mandatory: {DtlsSrtpKeyAgreement: false}};
+
+function parseCrypto(line) {
+  var parts = line.substr(9).split(' ');
+  return {
+    tag: parseInt(parts[0], 10),
+    cryptoSuite: parts[1],
+    keyParams: parts[2],
+    sessionParams: parts.slice(3),
+  };
+};
+
+function filterSuites(sdp, allowedSuites) {
+  return sdp.split('\r\n').filter(line => {
+    if (!line.startsWith('a=crypto:')) {
+      return true;
+    }
+    const crypto = parseCrypto(line);
+    return allowedSuites.includes(crypto.cryptoSuite);
+  }).join('\r\n');
+}
+
+// Note: (legacy) getStats-based tests don't work since srtpCipher is not set
+// when using SDES.
+['AEAD_AES_256_GCM', 'AEAD_AES_128_GCM'].forEach(suite => {
+  promise_test(async t => {
+    const pc1 = new RTCPeerConnection(null, sdes_constraint);
+    t.add_cleanup(() => pc1.close());
+    const pc2 = new RTCPeerConnection(null, sdes_constraint);
+    t.add_cleanup(() => pc2.close());
+    pc1.onicecandidate = (e) => e.candidate && pc2.signalingState !== 'closed' && pc2.addIceCandidate(e.candidate);
+    pc2.onicecandidate = (e) => e.candidate && pc1.signalingState !== 'closed' && pc1.addIceCandidate(e.candidate);
+
+    const loadedMetadata = new Promise(resolve => {
+      pc2.ontrack = (e) => {
+        const v = document.createElement('video');
+        v.autoplay = true;
+        v.srcObject = e.streams[0];
+        v.onloadedmetadata = () => resolve();
+      };
+    });
+
+    const stream = await navigator.mediaDevices.getUserMedia({video: true});
+    const track = stream.getTracks()[0];
+    pc1.addTrack(track, stream);
+    const offer = await pc1.createOffer();
+    await pc1.setLocalDescription(offer);
+    const sdp = filterSuites(offer.sdp, [suite]);
+    await pc2.setRemoteDescription({type: 'offer', sdp});
+    const answer = await pc2.createAnswer();
+    await pc2.setLocalDescription(answer);
+    await pc1.setRemoteDescription(answer);
+
+    return loadedMetadata;
+  }, 'Support for ' + suite + ' ciphersuite');
+});
+</script>
+</body>
+</html>