| Index: webrtc/base/sslidentity.h
|
| diff --git a/webrtc/base/sslidentity.h b/webrtc/base/sslidentity.h
|
| index 99cbac8c3d86871cefa66950b6d82d77db25ed8a..3a1bbd08563bf5d58faaaf184633220fecb45709 100644
|
| --- a/webrtc/base/sslidentity.h
|
| +++ b/webrtc/base/sslidentity.h
|
| @@ -18,7 +18,6 @@
|
| #include <vector>
|
|
|
| #include "webrtc/base/buffer.h"
|
| -#include "webrtc/base/checks.h"
|
| #include "webrtc/base/messagedigest.h"
|
|
|
| namespace rtc {
|
| @@ -108,105 +107,25 @@
|
| RTC_DISALLOW_COPY_AND_ASSIGN(SSLCertChain);
|
| };
|
|
|
| -// KT_DEFAULT is currently an alias for KT_RSA. This is likely to change.
|
| -// KT_LAST is intended for vector declarations and loops over all key types;
|
| -// it does not represent any key type in itself.
|
| // TODO(hbos,torbjorng): Don't change KT_DEFAULT without first updating
|
| // PeerConnectionFactory_nativeCreatePeerConnection's certificate generation
|
| // code.
|
| enum KeyType { KT_RSA, KT_ECDSA, KT_LAST, KT_DEFAULT = KT_RSA };
|
| -
|
| -static const int kRsaDefaultModSize = 1024;
|
| -static const int kRsaDefaultExponent = 0x10001; // = 2^16+1 = 65537
|
| -static const int kRsaMinModSize = 1024;
|
| -static const int kRsaMaxModSize = 8192;
|
| -
|
| -struct RSAParams {
|
| - unsigned int mod_size;
|
| - unsigned int pub_exp;
|
| -};
|
| -
|
| -enum ECCurve { EC_NIST_P256, /* EC_FANCY, */ EC_LAST };
|
| -
|
| -class KeyParams {
|
| - public:
|
| - // Generate a KeyParams object from a simple KeyType, using default params.
|
| - explicit KeyParams(KeyType key_type = KT_DEFAULT) {
|
| - if (key_type == KT_ECDSA) {
|
| - type_ = KT_ECDSA;
|
| - params_.curve = EC_NIST_P256;
|
| - } else if (key_type == KT_RSA) {
|
| - type_ = KT_RSA;
|
| - params_.rsa.mod_size = kRsaDefaultModSize;
|
| - params_.rsa.pub_exp = kRsaDefaultExponent;
|
| - } else {
|
| - RTC_NOTREACHED();
|
| - }
|
| - }
|
| -
|
| - // Generate a a KeyParams for RSA with explicit parameters.
|
| - static KeyParams RSA(int mod_size = kRsaDefaultModSize,
|
| - int pub_exp = kRsaDefaultExponent) {
|
| - KeyParams kt(KT_RSA);
|
| - kt.params_.rsa.mod_size = mod_size;
|
| - kt.params_.rsa.pub_exp = pub_exp;
|
| - return kt;
|
| - }
|
| -
|
| - // Generate a a KeyParams for ECDSA specifying the curve.
|
| - static KeyParams ECDSA(ECCurve curve = EC_NIST_P256) {
|
| - KeyParams kt(KT_ECDSA);
|
| - kt.params_.curve = curve;
|
| - return kt;
|
| - }
|
| -
|
| - // Check validity of a KeyParams object. Since the factory functions have
|
| - // no way of returning errors, this function can be called after creation
|
| - // to make sure the parameters are OK.
|
| - bool IsValid() {
|
| - if (type_ == KT_RSA) {
|
| - return (params_.rsa.mod_size >= kRsaMinModSize &&
|
| - params_.rsa.mod_size <= kRsaMaxModSize &&
|
| - params_.rsa.pub_exp > params_.rsa.mod_size);
|
| - } else if (type_ == KT_ECDSA) {
|
| - return (params_.curve == EC_NIST_P256);
|
| - }
|
| - return false;
|
| - }
|
| -
|
| - RSAParams rsa_params() const {
|
| - RTC_DCHECK(type_ == KT_RSA);
|
| - return params_.rsa;
|
| - }
|
| -
|
| - ECCurve ec_curve() const {
|
| - RTC_DCHECK(type_ == KT_ECDSA);
|
| - return params_.curve;
|
| - }
|
| -
|
| - KeyType type() const { return type_; }
|
| -
|
| - private:
|
| - KeyType type_;
|
| - union {
|
| - RSAParams rsa;
|
| - ECCurve curve;
|
| - } params_;
|
| -};
|
|
|
| // TODO(hbos): Remove once rtc::KeyType (to be modified) and
|
| // blink::WebRTCKeyType (to be landed) match. By using this function in Chromium
|
| // appropriately we can change KeyType enum -> class without breaking Chromium.
|
| KeyType IntKeyTypeFamilyToKeyType(int key_type_family);
|
|
|
| -// Parameters for generating a certificate. If |common_name| is non-empty, it
|
| -// will be used for the certificate's subject and issuer name, otherwise a
|
| -// random string will be used.
|
| +// Parameters for generating an identity for testing. If common_name is
|
| +// non-empty, it will be used for the certificate's subject and issuer name,
|
| +// otherwise a random string will be used. |not_before| and |not_after| are
|
| +// offsets to the current time in number of seconds.
|
| struct SSLIdentityParams {
|
| std::string common_name;
|
| - int not_before; // offset from current time in seconds.
|
| - int not_after; // offset from current time in seconds.
|
| - KeyParams key_params;
|
| + int not_before; // in seconds.
|
| + int not_after; // in seconds.
|
| + KeyType key_type;
|
| };
|
|
|
| // Our identity in an SSL negotiation: a keypair and certificate (both
|
| @@ -220,11 +139,7 @@
|
| // Returns NULL on failure.
|
| // Caller is responsible for freeing the returned object.
|
| static SSLIdentity* Generate(const std::string& common_name,
|
| - const KeyParams& key_param);
|
| - static SSLIdentity* Generate(const std::string& common_name,
|
| - KeyType key_type) {
|
| - return Generate(common_name, KeyParams(key_type));
|
| - }
|
| + KeyType key_type);
|
|
|
| // Generates an identity with the specified validity period.
|
| static SSLIdentity* GenerateForTest(const SSLIdentityParams& params);
|
|
|
Chromium Code Reviews
Issue 1397703002:
Revert of Provide RSA2048 as per RFC (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master