Provide RSA2048 as per RFC

webrtc/base/sslidentity.h

 /*
  *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 89 matching lines @@
   }
 
   // Helper function for deleting a vector of certificates.
   static void DeleteCert(SSLCertificate* cert) { delete cert; }
 
   std::vector<SSLCertificate*> certs_;
 
   DISALLOW_COPY_AND_ASSIGN(SSLCertChain);
 };
 
-enum KeyType { KT_RSA, KT_ECDSA, KT_LAST, KT_DEFAULT = KT_RSA };
+// KT_ECDSA is the NIST P256 curve.
+// KT_RSA1024 is RSA with 1024-bit modulus (512-bit primes).
+// KT_RSA2048 is RSA with 2048-bit modulus (1024-bit primes).
+// KT_RSA is currently an alias for KT_RSA1024.  This may change.
+// KT_DEFAULT is currently an alias for KT_RSA.  This is likely to change.
+// KT_LAST is intended for vector declarations and loops over all key types;
+// it does not represent any key type in itself.
+// The WebRTC RFC draft mandates KT_ECDSA and KT_RSA2048.

[hbos, 2015/09/01 15:35:32]

nit: How about having one comment per key type down in the list below instead of
one comment for all key types over the enum?

enum KeyType {
  // RSA with 1024-bit modulus (512-bit primes).
  KT_RSA1024,
  ...

+enum KeyType {
+  KT_RSA1024,

[juberti, 2015/09/01 19:36:52]

Squashing both key type and key length into a single enum feels wrong to me; it
makes it hard to do an if test for "if key is RSA".

I would prefer this to be a separate arg in SSLIdentityParams.

+  KT_ECDSA,
+  KT_RSA2048,
+  KT_RSA = KT_RSA1024,
+  KT_DEFAULT = KT_RSA,
+  KT_LAST

[hbos, 2015/09/01 15:35:32]

KT_LAST should be before any alias/default key types.
(Now KT_LAST will be KT_DEFAULT+1)

+};

[hbos, 2015/09/01 15:35:32]

Should KT_RSA be a permanent alias for KT_RSA1024 or will this be removed? If
temporary, add a // TODO(torborng).

 
 // Parameters for generating an identity for testing. If common_name is
 // non-empty, it will be used for the certificate's subject and issuer name,
 // otherwise a random string will be used. |not_before| and |not_after| are
 // offsets to the current time in number of seconds.
 struct SSLIdentityParams {
   std::string common_name;
   int not_before;  // in seconds.
   int not_after;  // in seconds.
   KeyType key_type;
@@ skipping 39 matching lines @@
                               size_t length);
 };
 
 extern const char kPemTypeCertificate[];
 extern const char kPemTypeRsaPrivateKey[];
 extern const char kPemTypeEcPrivateKey[];
 
 }  // namespace rtc
 
 #endif  // WEBRTC_BASE_SSLIDENTITY_H_