Set Token-Binding HTTP header

net/socket/ssl_client_socket_openssl.h

Index: net/socket/ssl_client_socket_openssl.h
diff --git a/net/socket/ssl_client_socket_openssl.h b/net/socket/ssl_client_socket_openssl.h
index 178daeb32730d9273511e5744403fd04e25419e3..6e464d75dc316de6f287c90ed488298f4337085d 100644
--- a/net/socket/ssl_client_socket_openssl.h
+++ b/net/socket/ssl_client_socket_openssl.h
@@ -13,6 +13,8 @@
 #include <string>
 #include <vector>
 
+#include "base/compiler_specific.h"
+#include "base/containers/mru_cache.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/memory/weak_ptr.h"
@@ -42,6 +44,8 @@ class CTVerifier;
 class SSLCertRequestInfo;
 class SSLInfo;
 
+using SignedEkmMap = base::MRUCache<std::string, std::vector<uint8_t>>;
+
 // An SSL client socket implemented with OpenSSL.
 class SSLClientSocketOpenSSL : public SSLClientSocket {
  public:
@@ -72,6 +76,8 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info) override;
   NextProtoStatus GetNextProto(std::string* proto) const override;
   ChannelIDService* GetChannelIDService() const override;
+  Error GetSignedEKMForTokenBinding(crypto::ECPrivateKey* key,
+                                    std::vector<uint8_t>* out) override;
   SSLFailureState GetSSLFailureState() const override;
 
   // SSLSocket implementation.
@@ -301,6 +307,7 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   ChannelIDService* channel_id_service_;
   bool tb_was_negotiated_;
   TokenBindingParam tb_negotiated_param_;
+  SignedEkmMap tb_signed_ekm_map_;
 
   // OpenSSL stuff
   SSL* ssl_;