Set Token-Binding HTTP header

net/http/http_stream_parser.cc

Index: net/http/http_stream_parser.cc
diff --git a/net/http/http_stream_parser.cc b/net/http/http_stream_parser.cc
index 9ddae4853dacb370c5072a34ddcdea90f8a52404..9a654d126390860ea98545091f69139ba7912e7a 100644
--- a/net/http/http_stream_parser.cc
+++ b/net/http/http_stream_parser.cc
@@ -22,6 +22,7 @@
 #include "net/http/http_util.h"
 #include "net/socket/client_socket_handle.h"
 #include "net/socket/ssl_client_socket.h"
+#include "net/ssl/token_binding.h"
 
 namespace net {
 
@@ -1098,6 +1099,23 @@ void HttpStreamParser::GetSSLCertRequestInfo(
   }
 }
 
+int HttpStreamParser::GetProvidedTokenBindingWithKey(
+    const scoped_ptr<crypto::ECPrivateKey>& key,
+    std::string* header_out) {
+  if (!request_->url.SchemeIsCryptographic() || !connection_->socket()) {
+    NOTREACHED();
+    return ERR_FAILED;
+  }
+  SSLClientSocket* ssl_socket =
+      static_cast<SSLClientSocket*>(connection_->socket());
+  std::vector<uint8_t> signed_ekm;
+  if (ssl_socket->GetSignedEKMForTokenBinding(key.get(), &signed_ekm) != OK ||
+      BuildProvidedTokenBinding(key.get(), signed_ekm, header_out) != OK) {
+    return ERR_FAILED;
+  }
+  return OK;
+}
+
 int HttpStreamParser::EncodeChunk(const base::StringPiece& payload,
                                   char* output,
                                   size_t output_size) {