Index: net/socket/ssl_client_socket.cc |
diff --git a/net/socket/ssl_client_socket.cc b/net/socket/ssl_client_socket.cc |
index 3472fd023f2aae650c253a8212de8c533dbc5c55..10a7584b19da6ffa61b04fd6340fa87d645dce41 100644 |
--- a/net/socket/ssl_client_socket.cc |
+++ b/net/socket/ssl_client_socket.cc |
@@ -155,6 +155,35 @@ void SSLClientSocket::RecordChannelIDSupport( |
} |
// static |
+void SSLClientSocket::RecordTokenBindingSupport( |
+ const SSLConfig& ssl_config, |
+ ChannelIDService* channel_id_service, |
+ bool negotiated_token_binding) { |
+ // This enum is used for UMA histograms - do not remove or change any values. |
+ enum { |
+ DISABLED = 0, |
+ CLIENT_ONLY = 1, |
+ CLIENT_AND_SERVER = 2, |
+ CLIENT_NO_ECC = 3, |
+ CLIENT_NO_CHANNEL_ID_SERVICE = 4, |
+ TOKEN_BINDING_USAGE_MAX |
+ } supported = DISABLED; |
+ if (negotiated_token_binding) { |
+ supported = CLIENT_AND_SERVER; |
+ } else if (IsTokenBindingEnabled(ssl_config, channel_id_service)) { |
+ if (!channel_id_service) { |
+ supported = CLIENT_NO_CHANNEL_ID_SERVICE; |
+ } else if (!crypto::ECPrivateKey::IsSupported()) { |
+ supported = CLIENT_NO_ECC; |
+ } else { |
+ supported = CLIENT_ONLY; |
+ } |
+ } |
+ UMA_HISTOGRAM_ENUMERATION("TokenBinding.Support", supported, |
+ TOKEN_BINDING_USAGE_MAX); |
+} |
+ |
+// static |
bool SSLClientSocket::IsChannelIDEnabled( |
const SSLConfig& ssl_config, |
ChannelIDService* channel_id_service) { |
@@ -172,6 +201,17 @@ bool SSLClientSocket::IsChannelIDEnabled( |
} |
// static |
+bool SSLClientSocket::IsTokenBindingEnabled( |
+ const SSLConfig& ssl_config, |
+ ChannelIDService* channel_id_service) { |
+ if (ssl_config.token_binding_params.size() != 1 || |
+ ssl_config.token_binding_params[0] != TB_PARAM_ECDSAP256_SHA256) { |
+ return false; |
+ } |
+ return IsChannelIDEnabled(ssl_config, channel_id_service); |
+} |
+ |
+// static |
bool SSLClientSocket::HasCipherAdequateForHTTP2( |
const std::vector<uint16>& cipher_suites) { |
for (uint16 cipher : cipher_suites) { |