Provide RSA2048 as per RFC

webrtc/base/sslidentity.cc

 /*
  *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
 // Handling of certificates and keypairs for SSLStreamAdapter's peer mode.
 #if HAVE_CONFIG_H
 #include "config.h"
 #endif  // HAVE_CONFIG_H
 
 #include "webrtc/base/sslidentity.h"
 
 #include <string>
 
 #include "webrtc/base/base64.h"
+#include "webrtc/base/checks.h"
 #include "webrtc/base/logging.h"
 #include "webrtc/base/sslconfig.h"
 
 #if SSL_USE_OPENSSL
 
 #include "webrtc/base/opensslidentity.h"
 
 #endif  // SSL_USE_OPENSSL
 
 namespace rtc {
 
 const char kPemTypeCertificate[] = "CERTIFICATE";
 const char kPemTypeRsaPrivateKey[] = "RSA PRIVATE KEY";
 const char kPemTypeEcPrivateKey[] = "EC PRIVATE KEY";
 
+KeyParams::KeyParams(KeyType key_type) {
+  if (key_type == KT_ECDSA) {
+    type_ = KT_ECDSA;
+    params_.curve = EC_NIST_P256;
+  } else if (key_type == KT_RSA) {
+    type_ = KT_RSA;
+    params_.rsa.mod_size = kRsaDefaultModSize;
+    params_.rsa.pub_exp = kRsaDefaultExponent;
+  } else {
+    RTC_NOTREACHED();
+  }
+}
+
+KeyParams KeyParams::RSA(int mod_size, int pub_exp) {

[Henrik Grunell WebRTC, 2015/10/08 13:45:32]

Nit: Add
// static
above the static functions.

[torbjorng (webrtc), 2015/10/08 14:01:46]

Done.

+  KeyParams kt(KT_RSA);
+  kt.params_.rsa.mod_size = mod_size;
+  kt.params_.rsa.pub_exp = pub_exp;
+  return kt;
+}
+
+KeyParams KeyParams::ECDSA(ECCurve curve) {
+  KeyParams kt(KT_ECDSA);
+  kt.params_.curve = curve;
+  return kt;
+}
+
+bool KeyParams::IsValid() const {
+  if (type_ == KT_RSA) {
+    return (params_.rsa.mod_size >= kRsaMinModSize &&
+            params_.rsa.mod_size <= kRsaMaxModSize &&
+            params_.rsa.pub_exp > params_.rsa.mod_size);
+  } else if (type_ == KT_ECDSA) {
+    return (params_.curve == EC_NIST_P256);
+  }
+  return false;
+}
+
+RSAParams KeyParams::rsa_params() const {
+  RTC_DCHECK(type_ == KT_RSA);
+  return params_.rsa;
+}
+
+ECCurve KeyParams::ec_curve() const {
+  RTC_DCHECK(type_ == KT_ECDSA);
+  return params_.curve;
+}
+
 KeyType IntKeyTypeFamilyToKeyType(int key_type_family) {
   return static_cast<KeyType>(key_type_family);
 }
 
 bool SSLIdentity::PemToDer(const std::string& pem_type,
                            const std::string& pem_string,
                            std::string* der) {
   // Find the inner body. We need this to fulfill the contract of
   // returning pem_length.
   size_t header = pem_string.find("-----BEGIN " + pem_type + "-----");
@@ skipping 55 matching lines @@
   std::for_each(certs_.begin(), certs_.end(), DeleteCert);
 }
 
 #if SSL_USE_OPENSSL
 
 SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
   return OpenSSLCertificate::FromPEMString(pem_string);
 }
 
 SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
-                                   KeyType key_type) {
-  return OpenSSLIdentity::Generate(common_name, key_type);
+                                   const KeyParams& key_params) {
+  return OpenSSLIdentity::Generate(common_name, key_params);
 }
 
 SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
   return OpenSSLIdentity::GenerateForTest(params);
 }
 
 SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
                                          const std::string& certificate) {
   return OpenSSLIdentity::FromPEMStrings(private_key, certificate);
 }
 
 #else  // !SSL_USE_OPENSSL
 
 #error "No SSL implementation"
 
 #endif  // SSL_USE_OPENSSL
 
 }  // namespace rtc