Index: net/ssl/ssl_config.h |
diff --git a/net/ssl/ssl_config.h b/net/ssl/ssl_config.h |
index f1c70bb0dc495f04d071bc13ba1968fcd60036f2..755ed9090461e8044757199e1b25ccf2930cc519 100644 |
--- a/net/ssl/ssl_config.h |
+++ b/net/ssl/ssl_config.h |
@@ -27,6 +27,12 @@ enum { |
SSL_PROTOCOL_VERSION_TLS1_2 = 0x0303, |
}; |
+enum TokenBindingParam { |
+ TB_PARAM_RSA2048_PKCS15_SHA256 = 0, |
+ TB_PARAM_RSA2048_PSS_SHA256 = 1, |
+ TB_PARAM_ECDSAP256_SHA256 = 2, |
+}; |
+ |
// Default minimum protocol version. |
NET_EXPORT extern const uint16_t kDefaultSSLVersionMin; |
@@ -113,6 +119,11 @@ struct NET_EXPORT SSLConfig { |
bool enable_deprecated_cipher_suites; |
bool channel_id_enabled; // True if TLS channel ID extension is enabled. |
+ |
+ // List of Token Binding key parameters supported by the client. If empty, |
+ // Token Binding will be disabled. |
+ std::vector<TokenBindingParam> token_binding_params; |
+ |
bool false_start_enabled; // True if we'll use TLS False Start. |
// True if the Certificate Transparency signed_certificate_timestamp |
// TLS extension is enabled. |