Makes ECDSA the default certificate to use (generated if no other certificates

are specified when constructing a peer connection, at: https://code.google.com/p/chromium/codesearch#chromium/src/third_party/webrtc/api/webrtcsessiondescriptionfactory.cc&q=webrtcsessiondescriptionfactory&sq=package:chromium&type=cs&l=191). This does not affect WEBRTC_BUILD_CHROMIUM builds whose ECDSA launch is handled separately: https://crbug.com/601850 (req. @chromium acc). BUG=chromium:611698, webrtc:5795 Review-Url: https://codereview.webrtc.org/1972383002 Cr-Commit-Position: refs/heads/master@{#12756}
2016-05-16 02:45:40 -07:00 · 2016-05-16 02:45:40 -07:00 · 8ae8ab4e23
commit 8ae8ab4e23
parent 4b2ffe2a23
1 changed files with 15 additions and 2 deletions
--- a/webrtc/base/sslidentity.h
+++ b/webrtc/base/sslidentity.h
@ -114,10 +114,23 @@ class SSLCertChain {
  RTC_DISALLOW_COPY_AND_ASSIGN(SSLCertChain);
 };

-// KT_DEFAULT is currently an alias for KT_RSA.  This is likely to change.
 // KT_LAST is intended for vector declarations and loops over all key types;
 // it does not represent any key type in itself.
-enum KeyType { KT_RSA, KT_ECDSA, KT_LAST, KT_DEFAULT = KT_RSA };
+// KT_DEFAULT is used as the default KeyType for KeyParams.
+enum KeyType {
+  KT_RSA, KT_ECDSA, KT_LAST,
+#if defined(WEBRTC_BUILD_CHROMIUM)
+  // TODO(hbos): Because of an experiment running in Chromium which relies on
+  // RSA being the default (for performance reasons) we have this #if. ECDSA
+  // launches in Chromium by flipping a flag which overrides the default. As
+  // soon as the experiment has ended and there is no risk of RSA being the
+  // default we should make KT_DEFAULT = KT_ECDSA unconditionally.
+  // crbug.com/611698
+  KT_DEFAULT = KT_RSA
+#else
+  KT_DEFAULT = KT_ECDSA
+#endif
+};

 static const int kRsaDefaultModSize = 1024;
 static const int kRsaDefaultExponent = 0x10001;  // = 2^16+1 = 65537