RTCCertificateStats[1] added.

[1] https://w3c.github.io/webrtc-stats/#certificatestats-dict* BUG=chromium:627816, chromium:629436 NOTRY=True Review-Url: https://codereview.webrtc.org/2243123002 Cr-Commit-Position: refs/heads/master@{#14484}
2016-10-03 14:16:56 -07:00
parent 607d9d7f60
commit 6ab97ce0b9
5 changed files with 325 additions and 6 deletions
--- a/webrtc/api/rtcstatscollector.cc
+++ b/webrtc/api/rtcstatscollector.cc
@ -15,7 +15,9 @@
 #include <vector>

 #include "webrtc/api/peerconnection.h"
+#include "webrtc/api/webrtcsession.h"
 #include "webrtc/base/checks.h"
+#include "webrtc/base/sslidentity.h"

 namespace webrtc {

@ -88,7 +90,11 @@ void RTCStatsCollector::ProducePartialResultsOnSignalingThread(
  RTC_DCHECK(signaling_thread_->IsCurrent());
  rtc::scoped_refptr<RTCStatsReport> report = RTCStatsReport::Create();

-  report->AddStats(ProducePeerConnectionStats_s(timestamp_us));
+  SessionStats session_stats;
+  if (pc_->session()->GetTransportStats(&session_stats)) {
+    ProduceCertificateStats_s(timestamp_us, session_stats, report.get());
+  }
+  ProducePeerConnectionStats_s(timestamp_us, report.get());

  AddPartialResults(report);
 }
@ -153,8 +159,50 @@ void RTCStatsCollector::DeliverCachedReport() {
  callbacks_.clear();
 }

-std::unique_ptr<RTCPeerConnectionStats>
-RTCStatsCollector::ProducePeerConnectionStats_s(int64_t timestamp_us) const {
+void RTCStatsCollector::ProduceCertificateStats_s(
+    int64_t timestamp_us, const SessionStats& session_stats,
+    RTCStatsReport* report) const {
+  RTC_DCHECK(signaling_thread_->IsCurrent());
+  for (const auto& transport : session_stats.transport_stats) {
+    rtc::scoped_refptr<rtc::RTCCertificate> local_certificate;
+    if (pc_->session()->GetLocalCertificate(
+        transport.second.transport_name, &local_certificate)) {
+      ProduceCertificateStatsFromSSLCertificateAndChain_s(
+          timestamp_us, local_certificate->ssl_certificate(), report);
+    }
+    std::unique_ptr<rtc::SSLCertificate> remote_certificate =
+        pc_->session()->GetRemoteSSLCertificate(
+            transport.second.transport_name);
+    if (remote_certificate) {
+      ProduceCertificateStatsFromSSLCertificateAndChain_s(
+          timestamp_us, *remote_certificate.get(), report);
+    }
+  }
+}
+
+void RTCStatsCollector::ProduceCertificateStatsFromSSLCertificateAndChain_s(
+    int64_t timestamp_us, const rtc::SSLCertificate& certificate,
+    RTCStatsReport* report) const {
+  RTC_DCHECK(signaling_thread_->IsCurrent());
+  std::unique_ptr<rtc::SSLCertificateStats> ssl_stats =
+      certificate.GetStats();
+  RTCCertificateStats* prev_stats = nullptr;
+  for (rtc::SSLCertificateStats* s = ssl_stats.get(); s;
+       s = s->issuer.get()) {
+    RTCCertificateStats* stats = new RTCCertificateStats(
+        "RTCCertificate_" + s->fingerprint, timestamp_us);
+    stats->fingerprint = s->fingerprint;
+    stats->fingerprint_algorithm = s->fingerprint_algorithm;
+    stats->base64_certificate = s->base64_certificate;
+    if (prev_stats)
+      prev_stats->issuer_certificate_id = stats->id();
+    report->AddStats(std::unique_ptr<RTCCertificateStats>(stats));
+    prev_stats = stats;
+  }
+}
+
+void RTCStatsCollector::ProducePeerConnectionStats_s(
+    int64_t timestamp_us, RTCStatsReport* report) const {
  RTC_DCHECK(signaling_thread_->IsCurrent());
  // TODO(hbos): If data channels are removed from the peer connection this will
  // yield incorrect counts. Address before closing crbug.com/636818. See
@ -173,7 +221,7 @@ RTCStatsCollector::ProducePeerConnectionStats_s(int64_t timestamp_us) const {
  stats->data_channels_opened = data_channels_opened;
  stats->data_channels_closed = static_cast<uint32_t>(data_channels.size()) -
                                data_channels_opened;
-  return stats;
+  report->AddStats(std::move(stats));
 }

 }  // namespace webrtc
--- a/webrtc/api/rtcstatscollector.h
+++ b/webrtc/api/rtcstatscollector.h
@ -21,9 +21,16 @@
 #include "webrtc/base/scoped_ref_ptr.h"
 #include "webrtc/base/timeutils.h"

+namespace rtc {
+
+class SSLCertificate;
+
+}  // namespace rtc
+
 namespace webrtc {

 class PeerConnection;
+struct SessionStats;

 class RTCStatsCollectorCallback : public virtual rtc::RefCountInterface {
 public:
@ -69,8 +76,14 @@ class RTCStatsCollector : public virtual rtc::RefCountInterface {
  void AddPartialResults_s(rtc::scoped_refptr<RTCStatsReport> partial_report);
  void DeliverCachedReport();

-  std::unique_ptr<RTCPeerConnectionStats> ProducePeerConnectionStats_s(
-      int64_t timestamp_us) const;
+  void ProduceCertificateStats_s(
+      int64_t timestamp_us, const SessionStats& session_stats,
+      RTCStatsReport* report) const;
+  void ProduceCertificateStatsFromSSLCertificateAndChain_s(
+      int64_t timestamp_us, const rtc::SSLCertificate& certificate,
+      RTCStatsReport* report) const;
+  void ProducePeerConnectionStats_s(
+      int64_t timestamp_us, RTCStatsReport* report) const;

  PeerConnection* const pc_;
  rtc::Thread* const signaling_thread_;
--- a/webrtc/api/rtcstatscollector_unittest.cc
+++ b/webrtc/api/rtcstatscollector_unittest.cc
@ -22,6 +22,7 @@
 #include "webrtc/api/test/mock_webrtcsession.h"
 #include "webrtc/base/checks.h"
 #include "webrtc/base/fakeclock.h"
+#include "webrtc/base/fakesslidentity.h"
 #include "webrtc/base/gunit.h"
 #include "webrtc/base/logging.h"
 #include "webrtc/base/thread_checker.h"
@ -29,6 +30,8 @@
 #include "webrtc/base/timeutils.h"
 #include "webrtc/media/base/fakemediaengine.h"

+using testing::_;
+using testing::Invoke;
 using testing::Return;
 using testing::ReturnRef;

@ -38,6 +41,56 @@ namespace {

 const int64_t kGetStatsReportTimeoutMs = 1000;

+struct CertificateInfo {
+  rtc::scoped_refptr<rtc::RTCCertificate> certificate;
+  std::vector<std::string> ders;
+  std::vector<std::string> pems;
+  std::vector<std::string> fingerprints;
+};
+
+std::unique_ptr<CertificateInfo> CreateFakeCertificateAndInfoFromDers(
+    const std::vector<std::string>& ders) {
+  RTC_CHECK(!ders.empty());
+  std::unique_ptr<CertificateInfo> info(new CertificateInfo());
+  info->ders = ders;
+  for (const std::string& der : ders) {
+    info->pems.push_back(rtc::SSLIdentity::DerToPem(
+        "CERTIFICATE",
+        reinterpret_cast<const unsigned char*>(der.c_str()),
+        der.length()));
+  }
+  info->certificate =
+      rtc::RTCCertificate::Create(std::unique_ptr<rtc::FakeSSLIdentity>(
+          new rtc::FakeSSLIdentity(rtc::FakeSSLCertificate(info->pems))));
+  // Strip header/footer and newline characters of PEM strings.
+  for (size_t i = 0; i < info->pems.size(); ++i) {
+    rtc::replace_substrs("-----BEGIN CERTIFICATE-----", 27,
+                         "", 0, &info->pems[i]);
+    rtc::replace_substrs("-----END CERTIFICATE-----", 25,
+                         "", 0, &info->pems[i]);
+    rtc::replace_substrs("\n", 1,
+                         "", 0, &info->pems[i]);
+  }
+  // Fingerprint of leaf certificate.
+  std::unique_ptr<rtc::SSLFingerprint> fp(
+      rtc::SSLFingerprint::Create("sha-1",
+                                  &info->certificate->ssl_certificate()));
+  EXPECT_TRUE(fp);
+  info->fingerprints.push_back(fp->GetRfc4572Fingerprint());
+  // Fingerprints of the rest of the chain.
+  std::unique_ptr<rtc::SSLCertChain> chain =
+      info->certificate->ssl_certificate().GetChain();
+  if (chain) {
+    for (size_t i = 0; i < chain->GetSize(); i++) {
+      fp.reset(rtc::SSLFingerprint::Create("sha-1", &chain->Get(i)));
+      EXPECT_TRUE(fp);
+      info->fingerprints.push_back(fp->GetRfc4572Fingerprint());
+    }
+  }
+  EXPECT_EQ(info->ders.size(), info->fingerprints.size());
+  return info;
+}
+
 class RTCStatsCollectorTestHelper : public SetSessionDescriptionObserver {
 public:
  RTCStatsCollectorTestHelper()
@ -53,9 +106,11 @@ class RTCStatsCollectorTestHelper : public SetSessionDescriptionObserver {
                                             channel_manager_.get())),
        session_(media_controller_.get()),
        pc_() {
+    // Default return values for mocks.
    EXPECT_CALL(pc_, session()).WillRepeatedly(Return(&session_));
    EXPECT_CALL(pc_, sctp_data_channels()).WillRepeatedly(
        ReturnRef(data_channels_));
+    EXPECT_CALL(session_, GetTransportStats(_)).WillRepeatedly(Return(false));
  }

  rtc::ScopedFakeClock& fake_clock() { return fake_clock_; }
@ -253,6 +308,27 @@ class RTCStatsCollectorTest : public testing::Test {
    return callback->report();
  }

+  void ExpectReportContainsCertificateInfo(
+      const rtc::scoped_refptr<const RTCStatsReport>& report,
+      const CertificateInfo& cert_info) {
+    for (size_t i = 0; i < cert_info.fingerprints.size(); ++i) {
+      const RTCStats* stats = report->Get(
+          "RTCCertificate_" + cert_info.fingerprints[i]);
+      EXPECT_TRUE(stats);
+      const RTCCertificateStats& cert_stats =
+          stats->cast_to<const RTCCertificateStats>();
+      EXPECT_EQ(*cert_stats.fingerprint, cert_info.fingerprints[i]);
+      EXPECT_EQ(*cert_stats.fingerprint_algorithm, "sha-1");
+      EXPECT_EQ(*cert_stats.base64_certificate, cert_info.pems[i]);
+      if (i + 1 < cert_info.fingerprints.size()) {
+        EXPECT_EQ(*cert_stats.issuer_certificate_id,
+                  "RTCCertificate_" + cert_info.fingerprints[i + 1]);
+      } else {
+        EXPECT_FALSE(cert_stats.issuer_certificate_id.is_defined());
+      }
+    }
+  }
+
 protected:
  rtc::scoped_refptr<RTCStatsCollectorTestHelper> test_;
  rtc::scoped_refptr<RTCStatsCollector> collector_;
@ -312,6 +388,152 @@ TEST_F(RTCStatsCollectorTest, MultipleCallbacksWithInvalidatedCacheInBetween) {
  EXPECT_NE(c.get(), b.get());
 }

+TEST_F(RTCStatsCollectorTest, CollectRTCCertificateStatsSingle) {
+  std::unique_ptr<CertificateInfo> local_certinfo =
+      CreateFakeCertificateAndInfoFromDers(
+          std::vector<std::string>({ "(local) single certificate" }));
+  std::unique_ptr<CertificateInfo> remote_certinfo =
+      CreateFakeCertificateAndInfoFromDers(
+          std::vector<std::string>({ "(remote) single certificate" }));
+
+  // Mock the session to return the local and remote certificates.
+  EXPECT_CALL(test_->session(), GetTransportStats(_)).WillRepeatedly(Invoke(
+      [this](SessionStats* stats) {
+        stats->transport_stats["transport"].transport_name = "transport";
+        return true;
+      }));
+  EXPECT_CALL(test_->session(), GetLocalCertificate(_, _)).WillRepeatedly(
+      Invoke([this, &local_certinfo](const std::string& transport_name,
+             rtc::scoped_refptr<rtc::RTCCertificate>* certificate) {
+        if (transport_name == "transport") {
+          *certificate = local_certinfo->certificate;
+          return true;
+        }
+        return false;
+      }));
+  EXPECT_CALL(test_->session(),
+      GetRemoteSSLCertificate_ReturnsRawPointer(_)).WillRepeatedly(Invoke(
+      [this, &remote_certinfo](const std::string& transport_name) {
+        if (transport_name == "transport")
+          return remote_certinfo->certificate->ssl_certificate().GetReference();
+        return static_cast<rtc::SSLCertificate*>(nullptr);
+      }));
+
+  rtc::scoped_refptr<const RTCStatsReport> report = GetStatsReport();
+  ExpectReportContainsCertificateInfo(report, *local_certinfo.get());
+  ExpectReportContainsCertificateInfo(report, *remote_certinfo.get());
+}
+
+TEST_F(RTCStatsCollectorTest, CollectRTCCertificateStatsMultiple) {
+  std::unique_ptr<CertificateInfo> audio_local_certinfo =
+      CreateFakeCertificateAndInfoFromDers(
+          std::vector<std::string>({ "(local) audio" }));
+  audio_local_certinfo = CreateFakeCertificateAndInfoFromDers(
+      audio_local_certinfo->ders);
+  std::unique_ptr<CertificateInfo> audio_remote_certinfo =
+      CreateFakeCertificateAndInfoFromDers(
+          std::vector<std::string>({ "(remote) audio" }));
+  audio_remote_certinfo = CreateFakeCertificateAndInfoFromDers(
+      audio_remote_certinfo->ders);
+
+  std::unique_ptr<CertificateInfo> video_local_certinfo =
+      CreateFakeCertificateAndInfoFromDers(
+          std::vector<std::string>({ "(local) video" }));
+  video_local_certinfo = CreateFakeCertificateAndInfoFromDers(
+      video_local_certinfo->ders);
+  std::unique_ptr<CertificateInfo> video_remote_certinfo =
+      CreateFakeCertificateAndInfoFromDers(
+          std::vector<std::string>({ "(remote) video" }));
+  video_remote_certinfo = CreateFakeCertificateAndInfoFromDers(
+      video_remote_certinfo->ders);
+
+  // Mock the session to return the local and remote certificates.
+  EXPECT_CALL(test_->session(), GetTransportStats(_)).WillRepeatedly(Invoke(
+      [this](SessionStats* stats) {
+        stats->transport_stats["audio"].transport_name = "audio";
+        stats->transport_stats["video"].transport_name = "video";
+        return true;
+      }));
+  EXPECT_CALL(test_->session(), GetLocalCertificate(_, _)).WillRepeatedly(
+      Invoke([this, &audio_local_certinfo, &video_local_certinfo](
+            const std::string& transport_name,
+            rtc::scoped_refptr<rtc::RTCCertificate>* certificate) {
+        if (transport_name == "audio") {
+          *certificate = audio_local_certinfo->certificate;
+          return true;
+        }
+        if (transport_name == "video") {
+          *certificate = video_local_certinfo->certificate;
+          return true;
+        }
+        return false;
+      }));
+  EXPECT_CALL(test_->session(),
+      GetRemoteSSLCertificate_ReturnsRawPointer(_)).WillRepeatedly(Invoke(
+      [this, &audio_remote_certinfo, &video_remote_certinfo](
+          const std::string& transport_name) {
+        if (transport_name == "audio") {
+          return audio_remote_certinfo->certificate->ssl_certificate()
+              .GetReference();
+        }
+        if (transport_name == "video") {
+          return video_remote_certinfo->certificate->ssl_certificate()
+              .GetReference();
+        }
+        return static_cast<rtc::SSLCertificate*>(nullptr);
+      }));
+
+  rtc::scoped_refptr<const RTCStatsReport> report = GetStatsReport();
+  ExpectReportContainsCertificateInfo(report, *audio_local_certinfo.get());
+  ExpectReportContainsCertificateInfo(report, *audio_remote_certinfo.get());
+  ExpectReportContainsCertificateInfo(report, *video_local_certinfo.get());
+  ExpectReportContainsCertificateInfo(report, *video_remote_certinfo.get());
+}
+
+TEST_F(RTCStatsCollectorTest, CollectRTCCertificateStatsChain) {
+  std::vector<std::string> local_ders;
+  local_ders.push_back("(local) this");
+  local_ders.push_back("(local) is");
+  local_ders.push_back("(local) a");
+  local_ders.push_back("(local) chain");
+  std::unique_ptr<CertificateInfo> local_certinfo =
+      CreateFakeCertificateAndInfoFromDers(local_ders);
+  std::vector<std::string> remote_ders;
+  remote_ders.push_back("(remote) this");
+  remote_ders.push_back("(remote) is");
+  remote_ders.push_back("(remote) another");
+  remote_ders.push_back("(remote) chain");
+  std::unique_ptr<CertificateInfo> remote_certinfo =
+      CreateFakeCertificateAndInfoFromDers(remote_ders);
+
+  // Mock the session to return the local and remote certificates.
+  EXPECT_CALL(test_->session(), GetTransportStats(_)).WillRepeatedly(Invoke(
+      [this](SessionStats* stats) {
+        stats->transport_stats["transport"].transport_name = "transport";
+        return true;
+      }));
+  EXPECT_CALL(test_->session(), GetLocalCertificate(_, _)).WillRepeatedly(
+      Invoke([this, &local_certinfo](const std::string& transport_name,
+             rtc::scoped_refptr<rtc::RTCCertificate>* certificate) {
+        if (transport_name == "transport") {
+          *certificate = local_certinfo->certificate;
+          return true;
+        }
+        return false;
+      }));
+  EXPECT_CALL(test_->session(),
+      GetRemoteSSLCertificate_ReturnsRawPointer(_)).WillRepeatedly(Invoke(
+      [this, &remote_certinfo](const std::string& transport_name) {
+        if (transport_name == "transport")
+          return remote_certinfo->certificate->ssl_certificate().GetReference();
+        return static_cast<rtc::SSLCertificate*>(nullptr);
+      }));
+
+  rtc::scoped_refptr<const RTCStatsReport> report = GetStatsReport();
+  ExpectReportContainsCertificateInfo(report, *local_certinfo.get());
+  ExpectReportContainsCertificateInfo(report, *remote_certinfo.get());
+}
+
 TEST_F(RTCStatsCollectorTest, CollectRTCPeerConnectionStats) {
  int64_t before = rtc::TimeUTCMicros();
  rtc::scoped_refptr<const RTCStatsReport> report = GetStatsReport();
--- a/webrtc/api/stats/rtcstats_objects.h
+++ b/webrtc/api/stats/rtcstats_objects.h
@ -17,6 +17,26 @@

 namespace webrtc {

+// https://w3c.github.io/webrtc-stats/#certificatestats-dict*
+class RTCCertificateStats : public RTCStats {
+ public:
+  RTCCertificateStats(const std::string& id, int64_t timestamp_us);
+  RTCCertificateStats(std::string&& id, int64_t timestamp_us);
+
+  WEBRTC_RTCSTATS_IMPL(RTCStats, RTCCertificateStats,
+      &fingerprint,
+      &fingerprint_algorithm,
+      &base64_certificate,
+      &issuer_certificate_id);
+
+  RTCStatsMember<std::string> fingerprint;
+  RTCStatsMember<std::string> fingerprint_algorithm;
+  RTCStatsMember<std::string> base64_certificate;
+  RTCStatsMember<std::string> issuer_certificate_id;
+};
+
+// https://w3c.github.io/webrtc-stats/#pcstats-dict*
+// TODO(hbos): Tracking bug crbug.com/636818
 class RTCPeerConnectionStats : public RTCStats {
 public:
  RTCPeerConnectionStats(const std::string& id, int64_t timestamp_us);
--- a/webrtc/stats/rtcstats_objects.cc
+++ b/webrtc/stats/rtcstats_objects.cc
@ -12,6 +12,22 @@

 namespace webrtc {

+const char RTCCertificateStats::kType[] = "certificate";
+
+RTCCertificateStats::RTCCertificateStats(
+    const std::string& id, int64_t timestamp_us)
+    : RTCCertificateStats(std::string(id), timestamp_us) {
+}
+
+RTCCertificateStats::RTCCertificateStats(
+    std::string&& id, int64_t timestamp_us)
+    : RTCStats(std::move(id), timestamp_us),
+      fingerprint("fingerprint"),
+      fingerprint_algorithm("fingerprintAlgorithm"),
+      base64_certificate("base64Certificate"),
+      issuer_certificate_id("issuerCertificateId") {
+}
+
 const char RTCPeerConnectionStats::kType[] = "peer-connection";

 RTCPeerConnectionStats::RTCPeerConnectionStats(