Provide RSA2048 as per RFC

webrtc/base/sslidentity.h

Index: webrtc/base/sslidentity.h
diff --git a/webrtc/base/sslidentity.h b/webrtc/base/sslidentity.h
index 1112def0986e417e2296b3f2c397dade0833ac53..9fe6018fdaaee6ec08cef34c1c9f7bf6a4c21f4d 100644
--- a/webrtc/base/sslidentity.h
+++ b/webrtc/base/sslidentity.h
@@ -107,7 +107,22 @@ class SSLCertChain {
   DISALLOW_COPY_AND_ASSIGN(SSLCertChain);
 };
 
-enum KeyType { KT_RSA, KT_ECDSA, KT_LAST, KT_DEFAULT = KT_RSA };
+// KT_ECDSA is the NIST P256 curve.
+// KT_RSA1024 is RSA with 1024-bit modulus (512-bit primes).
+// KT_RSA2048 is RSA with 2048-bit modulus (1024-bit primes).
+// KT_RSA is currently an alias for KT_RSA1024.  This may change.
+// KT_DEFAULT is currently an alias for KT_RSA.  This is likely to change.
+// KT_LAST is intended for vector declarations and loops over all key types;
+// it does not represent any key type in itself.
+// The WebRTC RFC draft mandates KT_ECDSA and KT_RSA2048.

[hbos, 2015/09/01 15:35:32]

nit: How about having one comment per key type down in the list below instead of
one comment for all key types over the enum?

enum KeyType {
  // RSA with 1024-bit modulus (512-bit primes).
  KT_RSA1024,
  ...

+enum KeyType {
+  KT_RSA1024,

[juberti, 2015/09/01 19:36:52]

Squashing both key type and key length into a single enum feels wrong to me; it
makes it hard to do an if test for "if key is RSA".

I would prefer this to be a separate arg in SSLIdentityParams.

+  KT_ECDSA,
+  KT_RSA2048,
+  KT_RSA = KT_RSA1024,
+  KT_DEFAULT = KT_RSA,
+  KT_LAST

[hbos, 2015/09/01 15:35:32]

KT_LAST should be before any alias/default key types.
(Now KT_LAST will be KT_DEFAULT+1)

+};

[hbos, 2015/09/01 15:35:32]

Should KT_RSA be a permanent alias for KT_RSA1024 or will this be removed? If
temporary, add a // TODO(torborng).

 
 // Parameters for generating an identity for testing. If common_name is
 // non-empty, it will be used for the certificate's subject and issuer name,