RTCCertificateStats[1] added.
[1] https://w3c.github.io/webrtc-stats/#certificatestats-dict*
BUG=chromium:627816, chromium:629436
NOTRY=True
Review-Url: https://codereview.webrtc.org/2243123002
Cr-Commit-Position: refs/heads/master@{#14484}
diff --git a/webrtc/api/rtcstatscollector.cc b/webrtc/api/rtcstatscollector.cc
index d2938a4..084eab1 100644
--- a/webrtc/api/rtcstatscollector.cc
+++ b/webrtc/api/rtcstatscollector.cc
@@ -15,7 +15,9 @@
#include <vector>
#include "webrtc/api/peerconnection.h"
+#include "webrtc/api/webrtcsession.h"
#include "webrtc/base/checks.h"
+#include "webrtc/base/sslidentity.h"
namespace webrtc {
@@ -88,7 +90,11 @@
RTC_DCHECK(signaling_thread_->IsCurrent());
rtc::scoped_refptr<RTCStatsReport> report = RTCStatsReport::Create();
- report->AddStats(ProducePeerConnectionStats_s(timestamp_us));
+ SessionStats session_stats;
+ if (pc_->session()->GetTransportStats(&session_stats)) {
+ ProduceCertificateStats_s(timestamp_us, session_stats, report.get());
+ }
+ ProducePeerConnectionStats_s(timestamp_us, report.get());
AddPartialResults(report);
}
@@ -153,8 +159,50 @@
callbacks_.clear();
}
-std::unique_ptr<RTCPeerConnectionStats>
-RTCStatsCollector::ProducePeerConnectionStats_s(int64_t timestamp_us) const {
+void RTCStatsCollector::ProduceCertificateStats_s(
+ int64_t timestamp_us, const SessionStats& session_stats,
+ RTCStatsReport* report) const {
+ RTC_DCHECK(signaling_thread_->IsCurrent());
+ for (const auto& transport : session_stats.transport_stats) {
+ rtc::scoped_refptr<rtc::RTCCertificate> local_certificate;
+ if (pc_->session()->GetLocalCertificate(
+ transport.second.transport_name, &local_certificate)) {
+ ProduceCertificateStatsFromSSLCertificateAndChain_s(
+ timestamp_us, local_certificate->ssl_certificate(), report);
+ }
+ std::unique_ptr<rtc::SSLCertificate> remote_certificate =
+ pc_->session()->GetRemoteSSLCertificate(
+ transport.second.transport_name);
+ if (remote_certificate) {
+ ProduceCertificateStatsFromSSLCertificateAndChain_s(
+ timestamp_us, *remote_certificate.get(), report);
+ }
+ }
+}
+
+void RTCStatsCollector::ProduceCertificateStatsFromSSLCertificateAndChain_s(
+ int64_t timestamp_us, const rtc::SSLCertificate& certificate,
+ RTCStatsReport* report) const {
+ RTC_DCHECK(signaling_thread_->IsCurrent());
+ std::unique_ptr<rtc::SSLCertificateStats> ssl_stats =
+ certificate.GetStats();
+ RTCCertificateStats* prev_stats = nullptr;
+ for (rtc::SSLCertificateStats* s = ssl_stats.get(); s;
+ s = s->issuer.get()) {
+ RTCCertificateStats* stats = new RTCCertificateStats(
+ "RTCCertificate_" + s->fingerprint, timestamp_us);
+ stats->fingerprint = s->fingerprint;
+ stats->fingerprint_algorithm = s->fingerprint_algorithm;
+ stats->base64_certificate = s->base64_certificate;
+ if (prev_stats)
+ prev_stats->issuer_certificate_id = stats->id();
+ report->AddStats(std::unique_ptr<RTCCertificateStats>(stats));
+ prev_stats = stats;
+ }
+}
+
+void RTCStatsCollector::ProducePeerConnectionStats_s(
+ int64_t timestamp_us, RTCStatsReport* report) const {
RTC_DCHECK(signaling_thread_->IsCurrent());
// TODO(hbos): If data channels are removed from the peer connection this will
// yield incorrect counts. Address before closing crbug.com/636818. See
@@ -173,7 +221,7 @@
stats->data_channels_opened = data_channels_opened;
stats->data_channels_closed = static_cast<uint32_t>(data_channels.size()) -
data_channels_opened;
- return stats;
+ report->AddStats(std::move(stats));
}
} // namespace webrtc
diff --git a/webrtc/api/rtcstatscollector.h b/webrtc/api/rtcstatscollector.h
index 61edc52..2f5ed86 100644
--- a/webrtc/api/rtcstatscollector.h
+++ b/webrtc/api/rtcstatscollector.h
@@ -21,9 +21,16 @@
#include "webrtc/base/scoped_ref_ptr.h"
#include "webrtc/base/timeutils.h"
+namespace rtc {
+
+class SSLCertificate;
+
+} // namespace rtc
+
namespace webrtc {
class PeerConnection;
+struct SessionStats;
class RTCStatsCollectorCallback : public virtual rtc::RefCountInterface {
public:
@@ -69,8 +76,14 @@
void AddPartialResults_s(rtc::scoped_refptr<RTCStatsReport> partial_report);
void DeliverCachedReport();
- std::unique_ptr<RTCPeerConnectionStats> ProducePeerConnectionStats_s(
- int64_t timestamp_us) const;
+ void ProduceCertificateStats_s(
+ int64_t timestamp_us, const SessionStats& session_stats,
+ RTCStatsReport* report) const;
+ void ProduceCertificateStatsFromSSLCertificateAndChain_s(
+ int64_t timestamp_us, const rtc::SSLCertificate& certificate,
+ RTCStatsReport* report) const;
+ void ProducePeerConnectionStats_s(
+ int64_t timestamp_us, RTCStatsReport* report) const;
PeerConnection* const pc_;
rtc::Thread* const signaling_thread_;
diff --git a/webrtc/api/rtcstatscollector_unittest.cc b/webrtc/api/rtcstatscollector_unittest.cc
index 446990c..020a759 100644
--- a/webrtc/api/rtcstatscollector_unittest.cc
+++ b/webrtc/api/rtcstatscollector_unittest.cc
@@ -22,6 +22,7 @@
#include "webrtc/api/test/mock_webrtcsession.h"
#include "webrtc/base/checks.h"
#include "webrtc/base/fakeclock.h"
+#include "webrtc/base/fakesslidentity.h"
#include "webrtc/base/gunit.h"
#include "webrtc/base/logging.h"
#include "webrtc/base/thread_checker.h"
@@ -29,6 +30,8 @@
#include "webrtc/base/timeutils.h"
#include "webrtc/media/base/fakemediaengine.h"
+using testing::_;
+using testing::Invoke;
using testing::Return;
using testing::ReturnRef;
@@ -38,6 +41,56 @@
const int64_t kGetStatsReportTimeoutMs = 1000;
+struct CertificateInfo {
+ rtc::scoped_refptr<rtc::RTCCertificate> certificate;
+ std::vector<std::string> ders;
+ std::vector<std::string> pems;
+ std::vector<std::string> fingerprints;
+};
+
+std::unique_ptr<CertificateInfo> CreateFakeCertificateAndInfoFromDers(
+ const std::vector<std::string>& ders) {
+ RTC_CHECK(!ders.empty());
+ std::unique_ptr<CertificateInfo> info(new CertificateInfo());
+ info->ders = ders;
+ for (const std::string& der : ders) {
+ info->pems.push_back(rtc::SSLIdentity::DerToPem(
+ "CERTIFICATE",
+ reinterpret_cast<const unsigned char*>(der.c_str()),
+ der.length()));
+ }
+ info->certificate =
+ rtc::RTCCertificate::Create(std::unique_ptr<rtc::FakeSSLIdentity>(
+ new rtc::FakeSSLIdentity(rtc::FakeSSLCertificate(info->pems))));
+ // Strip header/footer and newline characters of PEM strings.
+ for (size_t i = 0; i < info->pems.size(); ++i) {
+ rtc::replace_substrs("-----BEGIN CERTIFICATE-----", 27,
+ "", 0, &info->pems[i]);
+ rtc::replace_substrs("-----END CERTIFICATE-----", 25,
+ "", 0, &info->pems[i]);
+ rtc::replace_substrs("\n", 1,
+ "", 0, &info->pems[i]);
+ }
+ // Fingerprint of leaf certificate.
+ std::unique_ptr<rtc::SSLFingerprint> fp(
+ rtc::SSLFingerprint::Create("sha-1",
+ &info->certificate->ssl_certificate()));
+ EXPECT_TRUE(fp);
+ info->fingerprints.push_back(fp->GetRfc4572Fingerprint());
+ // Fingerprints of the rest of the chain.
+ std::unique_ptr<rtc::SSLCertChain> chain =
+ info->certificate->ssl_certificate().GetChain();
+ if (chain) {
+ for (size_t i = 0; i < chain->GetSize(); i++) {
+ fp.reset(rtc::SSLFingerprint::Create("sha-1", &chain->Get(i)));
+ EXPECT_TRUE(fp);
+ info->fingerprints.push_back(fp->GetRfc4572Fingerprint());
+ }
+ }
+ EXPECT_EQ(info->ders.size(), info->fingerprints.size());
+ return info;
+}
+
class RTCStatsCollectorTestHelper : public SetSessionDescriptionObserver {
public:
RTCStatsCollectorTestHelper()
@@ -53,9 +106,11 @@
channel_manager_.get())),
session_(media_controller_.get()),
pc_() {
+ // Default return values for mocks.
EXPECT_CALL(pc_, session()).WillRepeatedly(Return(&session_));
EXPECT_CALL(pc_, sctp_data_channels()).WillRepeatedly(
ReturnRef(data_channels_));
+ EXPECT_CALL(session_, GetTransportStats(_)).WillRepeatedly(Return(false));
}
rtc::ScopedFakeClock& fake_clock() { return fake_clock_; }
@@ -253,6 +308,27 @@
return callback->report();
}
+ void ExpectReportContainsCertificateInfo(
+ const rtc::scoped_refptr<const RTCStatsReport>& report,
+ const CertificateInfo& cert_info) {
+ for (size_t i = 0; i < cert_info.fingerprints.size(); ++i) {
+ const RTCStats* stats = report->Get(
+ "RTCCertificate_" + cert_info.fingerprints[i]);
+ EXPECT_TRUE(stats);
+ const RTCCertificateStats& cert_stats =
+ stats->cast_to<const RTCCertificateStats>();
+ EXPECT_EQ(*cert_stats.fingerprint, cert_info.fingerprints[i]);
+ EXPECT_EQ(*cert_stats.fingerprint_algorithm, "sha-1");
+ EXPECT_EQ(*cert_stats.base64_certificate, cert_info.pems[i]);
+ if (i + 1 < cert_info.fingerprints.size()) {
+ EXPECT_EQ(*cert_stats.issuer_certificate_id,
+ "RTCCertificate_" + cert_info.fingerprints[i + 1]);
+ } else {
+ EXPECT_FALSE(cert_stats.issuer_certificate_id.is_defined());
+ }
+ }
+ }
+
protected:
rtc::scoped_refptr<RTCStatsCollectorTestHelper> test_;
rtc::scoped_refptr<RTCStatsCollector> collector_;
@@ -312,6 +388,152 @@
EXPECT_NE(c.get(), b.get());
}
+TEST_F(RTCStatsCollectorTest, CollectRTCCertificateStatsSingle) {
+ std::unique_ptr<CertificateInfo> local_certinfo =
+ CreateFakeCertificateAndInfoFromDers(
+ std::vector<std::string>({ "(local) single certificate" }));
+ std::unique_ptr<CertificateInfo> remote_certinfo =
+ CreateFakeCertificateAndInfoFromDers(
+ std::vector<std::string>({ "(remote) single certificate" }));
+
+ // Mock the session to return the local and remote certificates.
+ EXPECT_CALL(test_->session(), GetTransportStats(_)).WillRepeatedly(Invoke(
+ [this](SessionStats* stats) {
+ stats->transport_stats["transport"].transport_name = "transport";
+ return true;
+ }));
+ EXPECT_CALL(test_->session(), GetLocalCertificate(_, _)).WillRepeatedly(
+ Invoke([this, &local_certinfo](const std::string& transport_name,
+ rtc::scoped_refptr<rtc::RTCCertificate>* certificate) {
+ if (transport_name == "transport") {
+ *certificate = local_certinfo->certificate;
+ return true;
+ }
+ return false;
+ }));
+ EXPECT_CALL(test_->session(),
+ GetRemoteSSLCertificate_ReturnsRawPointer(_)).WillRepeatedly(Invoke(
+ [this, &remote_certinfo](const std::string& transport_name) {
+ if (transport_name == "transport")
+ return remote_certinfo->certificate->ssl_certificate().GetReference();
+ return static_cast<rtc::SSLCertificate*>(nullptr);
+ }));
+
+ rtc::scoped_refptr<const RTCStatsReport> report = GetStatsReport();
+ ExpectReportContainsCertificateInfo(report, *local_certinfo.get());
+ ExpectReportContainsCertificateInfo(report, *remote_certinfo.get());
+}
+
+TEST_F(RTCStatsCollectorTest, CollectRTCCertificateStatsMultiple) {
+ std::unique_ptr<CertificateInfo> audio_local_certinfo =
+ CreateFakeCertificateAndInfoFromDers(
+ std::vector<std::string>({ "(local) audio" }));
+ audio_local_certinfo = CreateFakeCertificateAndInfoFromDers(
+ audio_local_certinfo->ders);
+ std::unique_ptr<CertificateInfo> audio_remote_certinfo =
+ CreateFakeCertificateAndInfoFromDers(
+ std::vector<std::string>({ "(remote) audio" }));
+ audio_remote_certinfo = CreateFakeCertificateAndInfoFromDers(
+ audio_remote_certinfo->ders);
+
+ std::unique_ptr<CertificateInfo> video_local_certinfo =
+ CreateFakeCertificateAndInfoFromDers(
+ std::vector<std::string>({ "(local) video" }));
+ video_local_certinfo = CreateFakeCertificateAndInfoFromDers(
+ video_local_certinfo->ders);
+ std::unique_ptr<CertificateInfo> video_remote_certinfo =
+ CreateFakeCertificateAndInfoFromDers(
+ std::vector<std::string>({ "(remote) video" }));
+ video_remote_certinfo = CreateFakeCertificateAndInfoFromDers(
+ video_remote_certinfo->ders);
+
+ // Mock the session to return the local and remote certificates.
+ EXPECT_CALL(test_->session(), GetTransportStats(_)).WillRepeatedly(Invoke(
+ [this](SessionStats* stats) {
+ stats->transport_stats["audio"].transport_name = "audio";
+ stats->transport_stats["video"].transport_name = "video";
+ return true;
+ }));
+ EXPECT_CALL(test_->session(), GetLocalCertificate(_, _)).WillRepeatedly(
+ Invoke([this, &audio_local_certinfo, &video_local_certinfo](
+ const std::string& transport_name,
+ rtc::scoped_refptr<rtc::RTCCertificate>* certificate) {
+ if (transport_name == "audio") {
+ *certificate = audio_local_certinfo->certificate;
+ return true;
+ }
+ if (transport_name == "video") {
+ *certificate = video_local_certinfo->certificate;
+ return true;
+ }
+ return false;
+ }));
+ EXPECT_CALL(test_->session(),
+ GetRemoteSSLCertificate_ReturnsRawPointer(_)).WillRepeatedly(Invoke(
+ [this, &audio_remote_certinfo, &video_remote_certinfo](
+ const std::string& transport_name) {
+ if (transport_name == "audio") {
+ return audio_remote_certinfo->certificate->ssl_certificate()
+ .GetReference();
+ }
+ if (transport_name == "video") {
+ return video_remote_certinfo->certificate->ssl_certificate()
+ .GetReference();
+ }
+ return static_cast<rtc::SSLCertificate*>(nullptr);
+ }));
+
+ rtc::scoped_refptr<const RTCStatsReport> report = GetStatsReport();
+ ExpectReportContainsCertificateInfo(report, *audio_local_certinfo.get());
+ ExpectReportContainsCertificateInfo(report, *audio_remote_certinfo.get());
+ ExpectReportContainsCertificateInfo(report, *video_local_certinfo.get());
+ ExpectReportContainsCertificateInfo(report, *video_remote_certinfo.get());
+}
+
+TEST_F(RTCStatsCollectorTest, CollectRTCCertificateStatsChain) {
+ std::vector<std::string> local_ders;
+ local_ders.push_back("(local) this");
+ local_ders.push_back("(local) is");
+ local_ders.push_back("(local) a");
+ local_ders.push_back("(local) chain");
+ std::unique_ptr<CertificateInfo> local_certinfo =
+ CreateFakeCertificateAndInfoFromDers(local_ders);
+ std::vector<std::string> remote_ders;
+ remote_ders.push_back("(remote) this");
+ remote_ders.push_back("(remote) is");
+ remote_ders.push_back("(remote) another");
+ remote_ders.push_back("(remote) chain");
+ std::unique_ptr<CertificateInfo> remote_certinfo =
+ CreateFakeCertificateAndInfoFromDers(remote_ders);
+
+ // Mock the session to return the local and remote certificates.
+ EXPECT_CALL(test_->session(), GetTransportStats(_)).WillRepeatedly(Invoke(
+ [this](SessionStats* stats) {
+ stats->transport_stats["transport"].transport_name = "transport";
+ return true;
+ }));
+ EXPECT_CALL(test_->session(), GetLocalCertificate(_, _)).WillRepeatedly(
+ Invoke([this, &local_certinfo](const std::string& transport_name,
+ rtc::scoped_refptr<rtc::RTCCertificate>* certificate) {
+ if (transport_name == "transport") {
+ *certificate = local_certinfo->certificate;
+ return true;
+ }
+ return false;
+ }));
+ EXPECT_CALL(test_->session(),
+ GetRemoteSSLCertificate_ReturnsRawPointer(_)).WillRepeatedly(Invoke(
+ [this, &remote_certinfo](const std::string& transport_name) {
+ if (transport_name == "transport")
+ return remote_certinfo->certificate->ssl_certificate().GetReference();
+ return static_cast<rtc::SSLCertificate*>(nullptr);
+ }));
+
+ rtc::scoped_refptr<const RTCStatsReport> report = GetStatsReport();
+ ExpectReportContainsCertificateInfo(report, *local_certinfo.get());
+ ExpectReportContainsCertificateInfo(report, *remote_certinfo.get());
+}
+
TEST_F(RTCStatsCollectorTest, CollectRTCPeerConnectionStats) {
int64_t before = rtc::TimeUTCMicros();
rtc::scoped_refptr<const RTCStatsReport> report = GetStatsReport();
diff --git a/webrtc/api/stats/rtcstats_objects.h b/webrtc/api/stats/rtcstats_objects.h
index ac480a9..6ff9f99 100644
--- a/webrtc/api/stats/rtcstats_objects.h
+++ b/webrtc/api/stats/rtcstats_objects.h
@@ -17,6 +17,26 @@
namespace webrtc {
+// https://w3c.github.io/webrtc-stats/#certificatestats-dict*
+class RTCCertificateStats : public RTCStats {
+ public:
+ RTCCertificateStats(const std::string& id, int64_t timestamp_us);
+ RTCCertificateStats(std::string&& id, int64_t timestamp_us);
+
+ WEBRTC_RTCSTATS_IMPL(RTCStats, RTCCertificateStats,
+ &fingerprint,
+ &fingerprint_algorithm,
+ &base64_certificate,
+ &issuer_certificate_id);
+
+ RTCStatsMember<std::string> fingerprint;
+ RTCStatsMember<std::string> fingerprint_algorithm;
+ RTCStatsMember<std::string> base64_certificate;
+ RTCStatsMember<std::string> issuer_certificate_id;
+};
+
+// https://w3c.github.io/webrtc-stats/#pcstats-dict*
+// TODO(hbos): Tracking bug crbug.com/636818
class RTCPeerConnectionStats : public RTCStats {
public:
RTCPeerConnectionStats(const std::string& id, int64_t timestamp_us);
diff --git a/webrtc/stats/rtcstats_objects.cc b/webrtc/stats/rtcstats_objects.cc
index c435908..fbd16ed 100644
--- a/webrtc/stats/rtcstats_objects.cc
+++ b/webrtc/stats/rtcstats_objects.cc
@@ -12,6 +12,22 @@
namespace webrtc {
+const char RTCCertificateStats::kType[] = "certificate";
+
+RTCCertificateStats::RTCCertificateStats(
+ const std::string& id, int64_t timestamp_us)
+ : RTCCertificateStats(std::string(id), timestamp_us) {
+}
+
+RTCCertificateStats::RTCCertificateStats(
+ std::string&& id, int64_t timestamp_us)
+ : RTCStats(std::move(id), timestamp_us),
+ fingerprint("fingerprint"),
+ fingerprint_algorithm("fingerprintAlgorithm"),
+ base64_certificate("base64Certificate"),
+ issuer_certificate_id("issuerCertificateId") {
+}
+
const char RTCPeerConnectionStats::kType[] = "peer-connection";
RTCPeerConnectionStats::RTCPeerConnectionStats(