Set Token-Binding HTTP header

net/spdy/spdy_session.cc

Index: net/spdy/spdy_session.cc
diff --git a/net/spdy/spdy_session.cc b/net/spdy/spdy_session.cc
index 80e24c6dd79ebf42ec56f304563a9581be9efe6a..b71f7daa9e9b17830601fdbe1a8c13eebb822885 100644
--- a/net/spdy/spdy_session.cc
+++ b/net/spdy/spdy_session.cc
@@ -47,6 +47,7 @@
 #include "net/ssl/channel_id_service.h"
 #include "net/ssl/ssl_cipher_suite_names.h"
 #include "net/ssl/ssl_connection_status_flags.h"
+#include "net/ssl/token_binding.h"
 
 namespace net {
 
@@ -2001,6 +2002,23 @@ bool SpdySession::GetSSLInfo(SSLInfo* ssl_info,
   return connection_->socket()->GetSSLInfo(ssl_info);
 }
 
+int SpdySession::GetProvidedTokenBindingWithKey(
+    const scoped_ptr<crypto::ECPrivateKey>& key,
+    std::string* out) {
+  if (!is_secure_) {
+    NOTREACHED();
+    return ERR_FAILED;
+  }
+  SSLClientSocket* ssl_socket =
+      static_cast<SSLClientSocket*>(connection_->socket());
+  std::vector<uint8_t> signed_ekm;
+  if (ssl_socket->GetSignedEKMForTokenBinding(key.get(), &signed_ekm) != OK ||
+      BuildProvidedTokenBinding(key.get(), signed_ekm, out) != OK) {
+    return ERR_FAILED;
+  }
+  return OK;
+}
+
 void SpdySession::OnError(SpdyFramer::SpdyError error_code) {
   CHECK(in_io_loop_);