Add certificate generate/set functionality to bring iOS closer to JS API

The JS API supports two operations which have never been implemented in
the iOS counterpart:
 - generate a new certificate
 - use this certificate when creating a new PeerConnection

Both functions are illustrated in the generateCertificate example code:
 - https://developer.mozilla.org/en-US/docs/Web/API/RTCPeerConnection/generateCertificate

Currently, on iOS, a new certificate is automatically generated for
every PeerConnection with no programmatic way to set a specific
certificate.

Work sponsored by |pipe|

Bug: webrtc:9498
Change-Id: Ic1936c3de8b8bd18aef67c784727b72f90e7157c
Reviewed-on: https://webrtc-review.googlesource.com/87303
Commit-Queue: Steve Anton <steveanton@webrtc.org>
Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24276}

sdk/objc/Framework/Classes/PeerConnection/RTCConfiguration.mm

@@ -23,6 +23,7 @@
 @implementation RTCConfiguration
 
 @synthesize iceServers = _iceServers;
+@synthesize certificate = _certificate;
 @synthesize iceTransportPolicy = _iceTransportPolicy;
 @synthesize bundlePolicy = _bundlePolicy;
 @synthesize rtcpMuxPolicy = _rtcpMuxPolicy;
@@ -63,6 +64,14 @@
       [iceServers addObject:iceServer];
     }
     _iceServers = iceServers;
+    if (!config.certificates.empty()) {
+      rtc::scoped_refptr<rtc::RTCCertificate> native_cert;
+      native_cert = config.certificates[0];
+      rtc::RTCCertificatePEM native_pem = native_cert->ToPEM();
+      _certificate =
+          [[RTCCertificate alloc] initWithPrivateKey:@(native_pem.private_key().c_str())
+                                         certificate:@(native_pem.certificate().c_str())];
+    }
     _iceTransportPolicy =
         [[self class] transportPolicyForTransportsType:config.type];
     _bundlePolicy =
@@ -168,16 +177,32 @@
       _iceBackupCandidatePairPingInterval;
   rtc::KeyType keyType =
       [[self class] nativeEncryptionKeyTypeForKeyType:_keyType];
-  // Generate non-default certificate.
-  if (keyType != rtc::KT_DEFAULT) {
-    rtc::scoped_refptr<rtc::RTCCertificate> certificate =
-        rtc::RTCCertificateGenerator::GenerateCertificate(rtc::KeyParams(keyType),
-                                                          absl::optional<uint64_t>());
+  if (_certificate != nullptr) {
+    // if offered a pemcert use it...
+    RTC_LOG(LS_INFO) << "Have configured cert - using it.";
+    std::string pem_private_key = [[_certificate private_key] UTF8String];
+    std::string pem_certificate = [[_certificate certificate] UTF8String];
+    rtc::RTCCertificatePEM pem = rtc::RTCCertificatePEM(pem_private_key, pem_certificate);
+    rtc::scoped_refptr<rtc::RTCCertificate> certificate = rtc::RTCCertificate::FromPEM(pem);
+    RTC_LOG(LS_INFO) << "Created cert from PEM strings.";
     if (!certificate) {
-      RTCLogError(@"Failed to generate certificate.");
+      RTC_LOG(LS_ERROR) << "Failed to generate certificate from PEM.";
       return nullptr;
     }
     nativeConfig->certificates.push_back(certificate);
+  } else {
+    RTC_LOG(LS_INFO) << "Don't have configured cert.";
+    // Generate non-default certificate.
+    if (keyType != rtc::KT_DEFAULT) {
+      rtc::scoped_refptr<rtc::RTCCertificate> certificate =
+          rtc::RTCCertificateGenerator::GenerateCertificate(rtc::KeyParams(keyType),
+                                                            absl::optional<uint64_t>());
+      if (!certificate) {
+        RTCLogError(@"Failed to generate certificate.");
+        return nullptr;
+      }
+      nativeConfig->certificates.push_back(certificate);
+    }
   }
   nativeConfig->ice_candidate_pool_size = _iceCandidatePoolSize;
   nativeConfig->prune_turn_ports = _shouldPruneTurnPorts ? true : false;