RTCCertificate and RTCPeerConnection.generateCertificate added to JavaScript

Source/modules/mediastream/RTCPeerConnection.cpp

Index: Source/modules/mediastream/RTCPeerConnection.cpp
diff --git a/Source/modules/mediastream/RTCPeerConnection.cpp b/Source/modules/mediastream/RTCPeerConnection.cpp
index b3ae4317d8a5817b673b7bd3035222e7243f6680..78ac1446ed97661d770549c3a2b2dde8510d0132 100644
--- a/Source/modules/mediastream/RTCPeerConnection.cpp
+++ b/Source/modules/mediastream/RTCPeerConnection.cpp
@@ -34,6 +34,8 @@
 #include "bindings/core/v8/ArrayValue.h"
 #include "bindings/core/v8/ExceptionMessages.h"
 #include "bindings/core/v8/ExceptionState.h"
+#include "bindings/core/v8/ScriptPromiseResolver.h"
+#include "bindings/modules/v8/V8RTCCertificate.h"
 #include "core/dom/Document.h"
 #include "core/dom/ExceptionCode.h"
 #include "core/dom/ExecutionContext.h"
@@ -82,6 +84,44 @@ static bool throwExceptionIfSignalingStateClosed(RTCPeerConnection::SignalingSta
     return false;
 }
 
+// Helper class for RTCPeerConnection::generateCertificate.
+class WebRTCCertificateObserver : public WebCallbacks<WebRTCCertificate*, void> {
+public:
+    // The created observer is responsible for deleting itself after onSuccess/onError. To avoid memory
+    // leak the observer should therefore be used in a WebRTCCertificateGenerator::generateCertificate call.
+    // which is ensured to invoke one of these. Takes ownership of |resolver|.
+    static WebRTCCertificateObserver* Create(ScriptPromiseResolver* resolver)
+    {
+        return new WebRTCCertificateObserver(resolver);
+    }
+
+    DEFINE_INLINE_TRACE() { visitor->trace(m_resolver); }
+
+private:
+    WebRTCCertificateObserver(ScriptPromiseResolver* resolver)
+        : m_resolver(resolver)
+    {
+    }
+
+    ~WebRTCCertificateObserver() override
+    {
+    }
+
+    void onSuccess(WebRTCCertificate* certificate) override
+    {
+        m_resolver->resolve(new RTCCertificate(certificate));
+        delete this;
+    }
+
+    void onError()
+    {
+        m_resolver->resolve(static_cast<RTCCertificate*>(nullptr));
+        delete this;
+    }
+
+    Persistent<ScriptPromiseResolver> m_resolver;
+};
+
 } // namespace
 
 RTCConfiguration* RTCPeerConnection::parseConfiguration(const Dictionary& configuration, ExceptionState& exceptionState)
@@ -195,6 +235,29 @@ RTCConfiguration* RTCPeerConnection::parseConfiguration(const Dictionary& config
         }
     }
 
+    ArrayValue certificates;
+    if (DictionaryHelper::get(configuration, "certificates", certificates)
+        && !certificates.isUndefinedOrNull()) {
+        size_t numberOfCertificates;
+        certificates.length(numberOfCertificates);
+        for (size_t i = 0; i < numberOfCertificates; ++i) {
+            RTCCertificate* certificate = nullptr;
+
+            Dictionary dictCert;
+            certificates.get(i, dictCert);
+            v8::Local<v8::Value> valCert = dictCert.v8Value();
+            if (!valCert.IsEmpty()) {
+                certificate = V8RTCCertificate::toImplWithTypeCheck(configuration.isolate(), valCert);
+            }
+            if (!certificate) {
+                exceptionState.throwTypeError("Malformed sequence<RTCCertificate>");
+                return 0;
+            }
+
+            rtcConfiguration->appendCertificate(certificate->certificateShallowCopy());

[jochen (gone - plz use gerrit), 2015/09/15 08:04:19]

why do you append a copy instead of just keeping the original?

[hbos_chromium, 2015/09/21 16:12:22]

The WebRTCCertificate is owned by the JavaScript object RTCCertificate and will
be deleted when RTCCertificate is deleted in a garbage collection event. If we
hand out raw pointers there may be a risk that we end up with dangling pointers.
It looks to me like |rtcConfiguration| has a life cycle independent of the
RTCCertificate object and |rtcConfiguration| has a list of certs.

Reference counting could protect the object against being destroyed, but this
has to work across blink and chrome layers.

By creating a shallow copy, I can leave it up to the implementation details to
ensure that the internal data (webrtc layer certificate) is protected by
reference counting. Any shallow copy will have a reference to the webrtc layer
certificate and as long as there is at least one shallow copy alive this data
will not be destroyed.
(The chromium implementation of WebRTCCertificate will have a webrtc type
rtc::scoped_refptr<rtc::RTCCertificate> member).

Alternatively, is there a way to make WebRTCCertificate reference counted so
that it can be referenced and used across both blink and chrome layers? That
would work just as well as shallow copying and be less confusing.

+        }
+    }
+
     return rtcConfiguration;
 }
 
@@ -399,6 +462,59 @@ void RTCPeerConnection::updateIce(const Dictionary& rtcConfiguration, const Dict
         exceptionState.throwDOMException(SyntaxError, "Could not update the ICE Agent with the given configuration.");
 }
 
+ScriptPromise RTCPeerConnection::generateCertificate(ScriptState* scriptState, const Dictionary& keygenAlgorithm, ExceptionState& exceptionState)
+{
+    // Validate and interpret input |keygenAlgorithm|.
+    // The value |keyType| corresponds to the rtc::KeyType in libjingle.
+    int keyType = -1;
+    String name;
+    if (DictionaryHelper::get(keygenAlgorithm, "name", name)) {
+        if (name == "RSASSA-PKCS1-v1_5") {
+            // RSA - Supported |keygenAlgorithm|:
+            // { name: "RSASSA-PKCS1-v1_5", modulusLength: 2048, publicExponent: 65537 }
+            // { name: "RSASSA-PKCS1-v1_5", modulusLength: 1024, publicExponent: 65537 }   (not a MUST in specification, but the one actually being used)
+            // TODO(hbos): Use modulusLength and not the default (1024).
+            int modulusLength = -1;
+            DictionaryHelper::get(keygenAlgorithm, "modulusLength", modulusLength);
+            int publicExponent = -1;
+            DictionaryHelper::get(keygenAlgorithm, "publicExponent", publicExponent);
+            if ((modulusLength == 2048 || modulusLength == 1024) && publicExponent == 65537) {
+                keyType = 0;
+            }
+        } else if (name == "ECDSA") {
+            // ECDSA - Supported |keygenAlgorithm|:
+            // { name: "ECDSA", namedCurve: "P-256" }
+            String namedCurve;
+            DictionaryHelper::get(keygenAlgorithm, "namedCurve", namedCurve);
+            if (namedCurve == "P-256") {
+                keyType = 1;
+            }
+        }
+    }
+    if (keyType == -1) {
+        // Invalid argument.
+        return ScriptPromise::rejectWithDOMException(
+            scriptState, DOMException::create(InvalidAccessError, ExceptionMessages::argumentNullOrIncorrectType(1, "AlgorithmIdentifier")));
+    }
+
+    ScriptPromiseResolver* resolver = ScriptPromiseResolver::create(scriptState);
+    ScriptPromise promise = resolver->promise();
+
+    WebRTCCertificateObserver* certificateObserver = WebRTCCertificateObserver::Create(resolver);
+
+    // Generate certificate. The |certificateObserver| will resolve the promise asynchronously upon generate completion.
+    // The observer will manage its own and the resolver's destruction as well.
+    OwnPtr<WebRTCCertificateGenerator> certificateGenerator = adoptPtr(
+        Platform::current()->createRTCCertificateGenerator());
+    certificateGenerator->generateCertificate(
+        keyType,
+        toDocument(scriptState->executionContext())->url(),
+        toDocument(scriptState->executionContext())->firstPartyForCookies(),
+        certificateObserver);
+
+    return promise;
+}
+
 void RTCPeerConnection::addIceCandidate(RTCIceCandidate* iceCandidate, ExceptionState& exceptionState)
 {
     if (throwExceptionIfSignalingStateClosed(m_signalingState, exceptionState))