Add QUIC 31 in which the server's proof covers both the static server config as well as a hash of t…

net/quic/crypto/proof_source_chromium_openssl.cc

Index: net/quic/crypto/proof_source_chromium_openssl.cc
diff --git a/net/quic/crypto/proof_source_chromium_openssl.cc b/net/quic/crypto/proof_source_chromium_openssl.cc
index 92e621e41466f3e0158a8243a4796b2fe997dfdb..b03c05d5c495367eb34ab72ef6069b1e2381b4fd 100644
--- a/net/quic/crypto/proof_source_chromium_openssl.cc
+++ b/net/quic/crypto/proof_source_chromium_openssl.cc
@@ -82,6 +82,8 @@ bool ProofSourceChromium::Initialize(const base::FilePath& cert_path,
 bool ProofSourceChromium::GetProof(const IPAddress& server_ip,
                                    const string& hostname,
                                    const string& server_config,
+                                   QuicVersion quic_version,
+                                   base::StringPiece chlo_hash,
                                    bool ecdsa_ok,
                                    scoped_refptr<ProofSource::Chain>* out_chain,
                                    string* out_signature,
@@ -91,18 +93,41 @@ bool ProofSourceChromium::GetProof(const IPAddress& server_ip,
   crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
   crypto::ScopedEVP_MD_CTX sign_context(EVP_MD_CTX_create());
   EVP_PKEY_CTX* pkey_ctx;
-  if (!EVP_DigestSignInit(sign_context.get(), &pkey_ctx, EVP_sha256(), nullptr,
-                          private_key_->key()) ||
-      !EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) ||
-      !EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, -1) ||
-      !EVP_DigestSignUpdate(
-          sign_context.get(),
-          reinterpret_cast<const uint8_t*>(kProofSignatureLabel),
-          sizeof(kProofSignatureLabel)) ||
-      !EVP_DigestSignUpdate(
-          sign_context.get(),
-          reinterpret_cast<const uint8_t*>(server_config.data()),
-          server_config.size())) {
+
+  if (quic_version > QUIC_VERSION_30) {
+    uint32_t len = chlo_hash.length();
+    if (!EVP_DigestSignInit(sign_context.get(), &pkey_ctx, EVP_sha256(),
+                            nullptr, private_key_->key()) ||
+        !EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) ||
+        !EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, -1) ||
+        !EVP_DigestSignUpdate(
+            sign_context.get(),
+            reinterpret_cast<const uint8_t*>(kProofSignatureLabel),
+            sizeof(kProofSignatureLabel)) ||
+        !EVP_DigestSignUpdate(sign_context.get(),
+                              reinterpret_cast<const uint8_t*>(&len),
+                              sizeof(len)) ||
+        !EVP_DigestSignUpdate(
+            sign_context.get(),
+            reinterpret_cast<const uint8_t*>(chlo_hash.data()), len) ||
+        !EVP_DigestSignUpdate(
+            sign_context.get(),
+            reinterpret_cast<const uint8_t*>(server_config.data()),
+            server_config.size())) {
+      return false;
+    }
+  } else if (!EVP_DigestSignInit(sign_context.get(), &pkey_ctx, EVP_sha256(),
+                                 nullptr, private_key_->key()) ||
+             !EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) ||
+             !EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, -1) ||
+             !EVP_DigestSignUpdate(
+                 sign_context.get(),
+                 reinterpret_cast<const uint8_t*>(kProofSignatureLabelOld),
+                 sizeof(kProofSignatureLabelOld)) ||
+             !EVP_DigestSignUpdate(
+                 sign_context.get(),
+                 reinterpret_cast<const uint8_t*>(server_config.data()),
+                 server_config.size())) {
     return false;
   }