Change WebRTC SslCipher to be exposed as number only.

webrtc/base/sslstreamadapter.h

 /*
  *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
 #ifndef WEBRTC_BASE_SSLSTREAMADAPTER_H_
 #define WEBRTC_BASE_SSLSTREAMADAPTER_H_
 
 #include <string>
 #include <vector>
 
 #include "webrtc/base/stream.h"
 #include "webrtc/base/sslidentity.h"
 
 namespace rtc {
 
+// Constants for SRTP profiles.
+const uint16_t SRTP_AES128_CM_SHA1_80 = 0x0001;
+const uint16_t SRTP_AES128_CM_SHA1_32 = 0x0002;
+
+// Cipher suite to use for SRTP. Typically a 80-bit HMAC will be used, except
+// in applications (voice) where the additional bandwidth may be significant.
+// A 80-bit HMAC is always used for SRTCP.
+// 128-bit AES with 80-bit SHA-1 HMAC.
+extern const char CS_AES_CM_128_HMAC_SHA1_80[];
+// 128-bit AES with 32-bit SHA-1 HMAC.
+extern const char CS_AES_CM_128_HMAC_SHA1_32[];
+
+// Returns the DTLS-SRTP protection profile ID, as defined in
+// https://tools.ietf.org/html/rfc5764#section-4.1.2, for the given SRTP
+// Crypto-suite, as defined in https://tools.ietf.org/html/rfc4568#section-6.2
+uint16_t GetSrtpCryptoSuiteFromName(const std::string& cipher_rfc_name);
+
 // SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS.
 // After SSL has been started, the stream will only open on successful
 // SSL verification of certificates, and the communication is
 // encrypted of course.
 //
 // This class was written with SSLAdapter as a starting point. It
 // offers a similar interface, with two differences: there is no
 // support for a restartable SSL connection, and this class has a
 // peer-to-peer mode.
 //
@@ skipping 94 matching lines @@
   // SSLStream makes a copy of the digest value.
   virtual bool SetPeerCertificateDigest(const std::string& digest_alg,
                                         const unsigned char* digest_val,
                                         size_t digest_len) = 0;
 
   // Retrieves the peer's X.509 certificate, if a connection has been
   // established. It returns the transmitted over SSL, including the entire
   // chain. The returned certificate is owned by the caller.
   virtual bool GetPeerCertificate(SSLCertificate** cert) const = 0;
 
-  // Retrieves the name of the cipher suite used for the connection
-  // (e.g. "TLS_RSA_WITH_AES_128_CBC_SHA").
-  virtual bool GetSslCipher(std::string* cipher);
+  // Retrieves the IANA registration id of the cipher suite used for the
+  // connection (e.g. 0x2F for "TLS_RSA_WITH_AES_128_CBC_SHA").
+  virtual bool GetSslCipherSuite(uint16_t* cipher);
 
   // Key Exporter interface from RFC 5705
   // Arguments are:
   // label               -- the exporter label.
   //                        part of the RFC defining each exporter
   //                        usage (IN)
   // context/context_len -- a context to bind to for this connection;
   //                        optional, can be NULL, 0 (IN)
   // use_context         -- whether to use the context value
   //                        (needed to distinguish no context from
@@ skipping 11 matching lines @@
   virtual bool SetDtlsSrtpCiphers(const std::vector<std::string>& ciphers);
   virtual bool GetDtlsSrtpCipher(std::string* cipher);
 
   // Capabilities testing
   static bool HaveDtls();
   static bool HaveDtlsSrtp();
   static bool HaveExporter();
 
   // Returns the default Ssl cipher used between streams of this class
   // for the given protocol version. This is used by the unit tests.
-  // TODO(torbjorng@webrtc.org): Fix callers to avoid default parameter.
-  static std::string GetDefaultSslCipher(SSLProtocolVersion version,
-                                         KeyType key_type = KT_DEFAULT);
+  // TODO(guoweis): Move this away from a static class method.
+  static uint16_t GetDefaultSslCipherForTest(SSLProtocolVersion version,
+                                             KeyType key_type);
+
+  // TODO(guoweis): Move this away from a static class method. Currently this is
+  // introduced such that any caller could depend on sslstreamadapter.h without
+  // depending on specific SSL implementation.
+  static std::string GetSslCipherSuiteName(uint16_t cipher);
 
  private:
   // If true, the server certificate need not match the configured
   // server_name, and in fact missing certificate authority and other
   // verification errors are ignored.
   bool ignore_bad_cert_;
 
   // If true (default), the client is required to provide a certificate during
   // handshake. If no certificate is given, handshake fails. This applies to
   // server mode only.
   bool client_auth_enabled_;
 };
 
 }  // namespace rtc
 
 #endif  // WEBRTC_BASE_SSLSTREAMADAPTER_H_