Support generation of EC keys using P256 curve and support ECDSA certs.

webrtc/base/sslidentity.cc

 /*
  *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 90 matching lines @@
 SSLCertChain::~SSLCertChain() {
   std::for_each(certs_.begin(), certs_.end(), DeleteCert);
 }
 
 #if SSL_USE_SCHANNEL
 
 SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
   return NULL;
 }
 
-SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
+SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
+                                   KeyType key_type) {
   return NULL;
 }
 
 SSLIdentity* GenerateForTest(const SSLIdentityParams& params) {
   return NULL;
 }
 
 SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
                                          const std::string& certificate) {
   return NULL;
 }
 
 #elif SSL_USE_OPENSSL  // !SSL_USE_SCHANNEL
 
 SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
   return OpenSSLCertificate::FromPEMString(pem_string);
 }
 
-SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
-  return OpenSSLIdentity::Generate(common_name);
+SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
+                                   KeyType key_type) {
+  return OpenSSLIdentity::Generate(common_name, key_type);
 }
 
-SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
-  return OpenSSLIdentity::GenerateForTest(params);
+SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params,
+                                          KeyType key_type) {
+  return OpenSSLIdentity::GenerateForTest(params, key_type);
 }
 
 SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
                                          const std::string& certificate) {
   return OpenSSLIdentity::FromPEMStrings(private_key, certificate);
 }
 
 #elif SSL_USE_NSS  // !SSL_USE_OPENSSL && !SSL_USE_SCHANNEL
 
 SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
   return NSSCertificate::FromPEMString(pem_string);
 }
 
-SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
-  return NSSIdentity::Generate(common_name);
+SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
+                                   KeyType key_type) {
+  return NSSIdentity::Generate(common_name, key_type);
 }
 
-SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
-  return NSSIdentity::GenerateForTest(params);
+SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params,
+                                          KeyType key_type) {

[juberti1, 2015/06/26 19:16:01]

I think it probably makes sense to put KeyType into SSLIdentityParams rather
than having it as a separate field.

[torbjorng (webrtc), 2015/07/02 12:35:07]

Done.

+  return NSSIdentity::GenerateForTest(params, key_type);
 }
 
 SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
                                          const std::string& certificate) {
   return NSSIdentity::FromPEMStrings(private_key, certificate);
 }
 
 #else  // !SSL_USE_OPENSSL && !SSL_USE_SCHANNEL && !SSL_USE_NSS
 
 #error "No SSL implementation"
 
 #endif  // SSL_USE_SCHANNEL
 
 }  // namespace rtc