Support EC certs in OriginBoundCertService and OriginBoundCertStore.

net/socket/ssl_client_socket_nss.h

Index: net/socket/ssl_client_socket_nss.h
diff --git a/net/socket/ssl_client_socket_nss.h b/net/socket/ssl_client_socket_nss.h
index f7def8c4a5a5aea7fd2063ab62cffe91fb919a76..d0bdfe9bb45dfcd9378a6ffd4c0709ceb77c6009 100644
--- a/net/socket/ssl_client_socket_nss.h
+++ b/net/socket/ssl_client_socket_nss.h
@@ -166,8 +166,10 @@ class SSLClientSocketNSS : public SSLClientSocket {
   static bool OriginBoundCertNegotiated(PRFileDesc* socket);
   // Origin bound cert client auth handler.
   // Returns the value the ClientAuthHandler function should return.
-  SECStatus OriginBoundClientAuthHandler(CERTCertificate** result_certificate,
-                                         SECKEYPrivateKey** result_private_key);
+  SECStatus OriginBoundClientAuthHandler(
+      const std::vector<OriginBoundCertType>& requested_types,

[wtc, 2011/11/30 23:23:40]

Nit: name this parameter cert_types or requested_cert_types.

[mattm, 2011/12/02 01:55:59]

Done.

+      CERTCertificate** result_certificate,
+      SECKEYPrivateKey** result_private_key);
 #if defined(NSS_PLATFORM_CLIENT_AUTH)
   // On platforms where we use the native certificate store, NSS calls this
   // instead when client authentication is requested.  At most one of
@@ -258,6 +260,7 @@ class SSLClientSocketNSS : public SSLClientSocket {
   // For origin bound certificates in client auth.
   bool ob_cert_xtn_negotiated_;
   OriginBoundCertService* origin_bound_cert_service_;
+  OriginBoundCertType ob_cert_type_;
   std::string ob_private_key_;
   std::string ob_cert_;
   OriginBoundCertService::RequestHandle ob_cert_request_handle_;