Change WebRTC SslCipher to be exposed as number only.

talk/app/webrtc/webrtcsession.cc

 /*
  * libjingle
  * Copyright 2012 Google Inc.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
  *
  *  1. Redistributions of source code must retain the above copyright notice,
  *     this list of conditions and the following disclaimer.
  *  2. Redistributions in binary form must reproduce the above copyright notice,
@@ skipping 70 matching lines @@
 const char kSdpWithoutIceUfragPwd[] =
     "Called with SDP without ice-ufrag and ice-pwd.";
 const char kSessionError[] = "Session error code: ";
 const char kSessionErrorDesc[] = "Session error description: ";
 const char kDtlsSetupFailureRtp[] =
     "Couldn't set up DTLS-SRTP on RTP channel.";
 const char kDtlsSetupFailureRtcp[] =
     "Couldn't set up DTLS-SRTP on RTCP channel.";
 const int kMaxUnsignalledRecvStreams = 20;
 
+SrtpCipherType GetSrtpCipherType(const std::string& cipher) {
+  if (cipher == "AES_CM_128_HMAC_SHA1_32")
+    return SrtpCipherType_AES_CM_128_HMAC_SHA1_32;
+  if (cipher == "AES_CM_128_HMAC_SHA1_80")
+    return SrtpCipherType_AES_CM_128_HMAC_SHA1_80;

[Ryan Sleevi, 2015/09/22 21:42:15]

For what it's worth, this registration is also covered by IANA (
https://www.iana.org/assignments/sdp-security-descriptions/sdp-security-descr...
), but since SDP uses string identifiers, I suppose you can't escape needing to
map from string -> histogram value.

[guoweis_webrtc, 2015/09/23 06:46:16]

Even though these are also defined in IANA, do you know why SRTP Crypto doesn't
have value defined as TLS cipher? 

+  return SrtpCipherType_Unknown;
+}
+
+SslCipherType GetSslCipherType(const std::string& cipher) {
+  // TLS v1.0 ciphersuites from RFC2246.
+  if (cipher == "TLS_RSA_RC4_128_SHA")

[Ryan Sleevi, 2015/09/22 21:42:15]

As mentioned by davidben@, you should not design your interface to convert from
uint->string->enum->uint

Each of these ciphersuites has an IANA-assigned value (
http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-param...
), so you can design your interface such that you expose this uint16_t value
from the socket, expose it as a *number* to the stats channel, and then
histogram that numeric value via the metrics observer.

+    return SslCipherType_TLS_RSA_RC4_128_SHA;
+  if (cipher == "TLS_RSA_WITH_3DES_EDE_CBC_SHA")
+    return SslCipherType_TLS_RSA_WITH_3DES_EDE_CBC_SHA;
+
+  // AES ciphersuites from RFC3268.
+  if (cipher == "TLS_RSA_WITH_AES_128_CBC_SHA")
+    return SslCipherType_TLS_RSA_WITH_AES_128_CBC_SHA;
+  if (cipher == "TLS_DHE_RSA_WITH_AES_128_CBC_SHA")
+    return SslCipherType_TLS_DHE_RSA_WITH_AES_128_CBC_SHA;
+  if (cipher == "TLS_RSA_WITH_AES_256_CBC_SHA")
+    return SslCipherType_TLS_RSA_WITH_AES_256_CBC_SHA;
+  if (cipher == "TLS_DHE_RSA_WITH_AES_256_CBC_SHA")
+    return SslCipherType_TLS_DHE_RSA_WITH_AES_256_CBC_SHA;
+
+  // ECC ciphersuites from RFC4492.
+  if (cipher == "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA")
+    return SslCipherType_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA;
+  if (cipher == "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA")
+    return SslCipherType_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA;
+  if (cipher == "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA")
+    return SslCipherType_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA;
+  if (cipher == "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA")
+    return SslCipherType_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA;
+
+  if (cipher == "TLS_ECDHE_RSA_WITH_RC4_128_SHA")
+    return SslCipherType_TLS_ECDHE_RSA_WITH_RC4_128_SHA;
+  if (cipher == "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA")
+    return SslCipherType_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA;
+  if (cipher == "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA")
+    return SslCipherType_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA;
+  if (cipher == "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA")
+    return SslCipherType_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA;
+
+  // TLS v1.2 ciphersuites.
+  if (cipher == "TLS_RSA_WITH_AES_128_CBC_SHA256")
+    return SslCipherType_TLS_RSA_WITH_AES_128_CBC_SHA256;
+  if (cipher == "TLS_RSA_WITH_AES_256_CBC_SHA256")
+    return SslCipherType_TLS_RSA_WITH_AES_256_CBC_SHA256;
+  if (cipher == "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256")
+    return SslCipherType_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256;
+  if (cipher == "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256")
+    return SslCipherType_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256;
+
+  // TLS v1.2 GCM ciphersuites from RFC5288.
+  if (cipher == "TLS_RSA_WITH_AES_128_GCM_SHA256")
+    return SslCipherType_TLS_RSA_WITH_AES_128_GCM_SHA256;
+  if (cipher == "TLS_RSA_WITH_AES_256_GCM_SHA384")
+    return SslCipherType_TLS_RSA_WITH_AES_256_GCM_SHA384;
+  if (cipher == "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256")
+    return SslCipherType_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256;
+  if (cipher == "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384")
+    return SslCipherType_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384;
+  if (cipher == "TLS_DH_RSA_WITH_AES_128_GCM_SHA256")
+    return SslCipherType_TLS_DH_RSA_WITH_AES_128_GCM_SHA256;
+  if (cipher == "TLS_DH_RSA_WITH_AES_256_GCM_SHA384")
+    return SslCipherType_TLS_DH_RSA_WITH_AES_256_GCM_SHA384;
+
+  // ECDH HMAC based ciphersuites from RFC5289.
+  if (cipher == "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256")
+    return SslCipherType_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
+  if (cipher == "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384")
+    return SslCipherType_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;
+  if (cipher == "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256")
+    return SslCipherType_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
+  if (cipher == "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384")
+    return SslCipherType_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384;
+
+  // ECDH GCM based ciphersuites from RFC5289.
+  if (cipher == "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256")
+    return SslCipherType_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
+  if (cipher == "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384")
+    return SslCipherType_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
+  if (cipher == "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")
+    return SslCipherType_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
+  if (cipher == "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
+    return SslCipherType_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
+  if (cipher == "TLS_RSA_RC4_128_SHA")
+    return SslCipherType_TLS_RSA_RC4_128_SHA;
+
+  return SslCipherType_Unknown;
+}
+
 IceCandidatePairType GetIceCandidatePairCounter(
     const cricket::Candidate& local,
     const cricket::Candidate& remote) {
   const auto& l = local.type();
   const auto& r = remote.type();
   const auto& host = LOCAL_PORT_TYPE;
   const auto& srflx = STUN_PORT_TYPE;
   const auto& relay = RELAY_PORT_TYPE;
   const auto& prflx = PRFLX_PORT_TYPE;
   if (l == host && r == host) {
@@ skipping 1946 matching lines @@
             kPeerConnectionAddressFamilyCounter_Max);
       } else {
         RTC_CHECK(0);
       }
 
       return;
     }
   }
 }
 
+// Since this is reported in the first OnTransportCompleted, in the non-bundled
+// case, we might not be reporting anything other than the first completed
+// channel.
 void WebRtcSession::ReportNegotiatedCiphers(
     const cricket::TransportStats& stats) {
   RTC_DCHECK(metrics_observer_ != NULL);
   if (!dtls_enabled_ || stats.channel_stats.empty()) {
     return;
   }
 
   const std::string& srtp_cipher = stats.channel_stats[0].srtp_cipher;
   const std::string& ssl_cipher = stats.channel_stats[0].ssl_cipher;
   if (srtp_cipher.empty() && ssl_cipher.empty()) {
     return;
   }
 
-  PeerConnectionMetricsName srtp_name;
-  PeerConnectionMetricsName ssl_name;
+  PeerConnectionEnumCounterType srtp_counter_type;
+  PeerConnectionEnumCounterType ssl_counter_type;
   if (stats.content_name == cricket::CN_AUDIO) {
-    srtp_name = kAudioSrtpCipher;
-    ssl_name = kAudioSslCipher;
+    srtp_counter_type = kEnumCounterAudioSrtpCipher;
+    ssl_counter_type = kEnumCounterAudioSslCipher;
   } else if (stats.content_name == cricket::CN_VIDEO) {
-    srtp_name = kVideoSrtpCipher;
-    ssl_name = kVideoSslCipher;
+    srtp_counter_type = kEnumCounterVideoSrtpCipher;
+    ssl_counter_type = kEnumCounterVideoSslCipher;
   } else if (stats.content_name == cricket::CN_DATA) {
-    srtp_name = kDataSrtpCipher;
-    ssl_name = kDataSslCipher;
+    srtp_counter_type = kEnumCounterDataSrtpCipher;
+    ssl_counter_type = kEnumCounterDataSslCipher;
   } else {
     RTC_NOTREACHED();
     return;
   }
 
   if (!srtp_cipher.empty()) {
-    metrics_observer_->AddHistogramSample(srtp_name, srtp_cipher);
+    metrics_observer_->IncrementEnumCounter(
+        srtp_counter_type, GetSrtpCipherType(srtp_cipher), SrtpCipherType_Max);
   }
   if (!ssl_cipher.empty()) {
-    metrics_observer_->AddHistogramSample(ssl_name, ssl_cipher);
+    metrics_observer_->IncrementEnumCounter(
+        ssl_counter_type, GetSslCipherType(ssl_cipher), SslCipherType_Max);
   }
 }
 
 }  // namespace webrtc