commit c392866d86d4f53c9cf185d5b816bb842b4555d2
author Taylor Brandstetter <deadbeef@webrtc.org> Fri Feb 23 21:04:51 2018
committer Commit Bot <commit-bot@chromium.org> Sat Feb 24 00:44:06 2018
tree 92d49330628cdb4072b6cb30e20ab19ce38c3678
parent 29ef9f066ccc62d45b0b25f745a16c38be963476

Implement certificate chain stats.

There was an implementation, but it relied on SSLCertificate::GetChain,
which was never implemented. Except in the fake certificate classes
used by the stats collector tests, hence the tests were passing.

Instead of implementing GetChain, we decided (in
https://webrtc-review.googlesource.com/c/src/+/6500) to add
methods that return a SSLCertChain directly, since it results in a
somewhat cleaner object model.

So this CL switches everything to use the "chain" methods, and gets
rid of the obsolete methods and member variables.

Bug: webrtc:8920
Change-Id: Ie9d7d53654ba859535462521b54c788adec7badf
Reviewed-on: https://webrtc-review.googlesource.com/56961
Commit-Queue: Taylor Brandstetter <deadbeef@webrtc.org>
Reviewed-by: Zhi Huang <zhihuang@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#22177}

pc/statscollector_unittest.cc

diff --git a/pc/statscollector_unittest.cc b/pc/statscollector_unittest.cc
index 46e7bd2..081c0b3 100644
--- a/pc/statscollector_unittest.cc
+++ b/pc/statscollector_unittest.cc
@@ -636,11 +636,10 @@
     }
   }
 
-  void TestCertificateReports(
-      const rtc::FakeSSLCertificate& local_cert,
-      const std::vector<std::string>& local_ders,
-      std::unique_ptr<rtc::FakeSSLCertificate> remote_cert,
-      const std::vector<std::string>& remote_ders) {
+  void TestCertificateReports(const rtc::FakeSSLIdentity& local_identity,
+                              const std::vector<std::string>& local_ders,
+                              const rtc::FakeSSLIdentity& remote_identity,
+                              const std::vector<std::string>& remote_ders) {
     const std::string kTransportName = "transport";
 
     auto pc = CreatePeerConnection();
@@ -656,12 +655,13 @@
         internal::TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA;
     pc->SetTransportStats(kTransportName, channel_stats);
 
-    // Fake certificate to report
+    // Fake certificate to report.
     rtc::scoped_refptr<rtc::RTCCertificate> local_certificate(
         rtc::RTCCertificate::Create(
-            rtc::MakeUnique<rtc::FakeSSLIdentity>(local_cert)));
+            std::unique_ptr<rtc::SSLIdentity>(local_identity.GetReference())));
     pc->SetLocalCertificate(kTransportName, local_certificate);
-    pc->SetRemoteCertificate(kTransportName, std::move(remote_cert));
+    pc->SetRemoteCertChain(kTransportName,
+                           remote_identity.cert_chain().UniqueCopy());
 
     stats->UpdateStats(PeerConnectionInterface::kStatsOutputLevelStandard);
 
@@ -1329,7 +1329,7 @@
   local_ders[2] = "some";
   local_ders[3] = "der";
   local_ders[4] = "values";
-  rtc::FakeSSLCertificate local_cert(DersToPems(local_ders));
+  rtc::FakeSSLIdentity local_identity(DersToPems(local_ders));
 
   // Build remote certificate chain
   std::vector<std::string> remote_ders(4);
@@ -1337,10 +1337,9 @@
   remote_ders[1] = "non-";
   remote_ders[2] = "intersecting";
   remote_ders[3] = "set";
-  std::unique_ptr<rtc::FakeSSLCertificate> remote_cert(
-      new rtc::FakeSSLCertificate(DersToPems(remote_ders)));
+  rtc::FakeSSLIdentity remote_identity(DersToPems(remote_ders));
 
-  TestCertificateReports(local_cert, local_ders, std::move(remote_cert),
+  TestCertificateReports(local_identity, local_ders, remote_identity,
                          remote_ders);
 }
 
@@ -1349,15 +1348,14 @@
 TEST_F(StatsCollectorTest, ChainlessCertificateReportsCreated) {
   // Build local certificate.
   std::string local_der = "This is the local der.";
-  rtc::FakeSSLCertificate local_cert(DerToPem(local_der));
+  rtc::FakeSSLIdentity local_identity(DerToPem(local_der));
 
   // Build remote certificate.
   std::string remote_der = "This is somebody else's der.";
-  std::unique_ptr<rtc::FakeSSLCertificate> remote_cert(
-      new rtc::FakeSSLCertificate(DerToPem(remote_der)));
+  rtc::FakeSSLIdentity remote_identity(DerToPem(remote_der));
 
-  TestCertificateReports(local_cert, std::vector<std::string>(1, local_der),
-                         std::move(remote_cert),
+  TestCertificateReports(local_identity, std::vector<std::string>(1, local_der),
+                         remote_identity,
                          std::vector<std::string>(1, remote_der));
 }
 
@@ -1405,16 +1403,16 @@
 TEST_F(StatsCollectorTest, UnsupportedDigestIgnored) {
   // Build a local certificate.
   std::string local_der = "This is the local der.";
-  rtc::FakeSSLCertificate local_cert(DerToPem(local_der));
+  rtc::FakeSSLIdentity local_identity(DerToPem(local_der));
 
   // Build a remote certificate with an unsupported digest algorithm.
   std::string remote_der = "This is somebody else's der.";
-  std::unique_ptr<rtc::FakeSSLCertificate> remote_cert(
-      new rtc::FakeSSLCertificate(DerToPem(remote_der)));
-  remote_cert->set_digest_algorithm("foobar");
+  rtc::FakeSSLCertificate remote_cert(DerToPem(remote_der));
+  remote_cert.set_digest_algorithm("foobar");
+  rtc::FakeSSLIdentity remote_identity(remote_cert);
 
-  TestCertificateReports(local_cert, std::vector<std::string>(1, local_der),
-                         std::move(remote_cert), std::vector<std::string>());
+  TestCertificateReports(local_identity, std::vector<std::string>(1, local_der),
+                         remote_identity, std::vector<std::string>());
 }
 
 // This test verifies that the audio/video related stats which are -1 initially