Add QUIC 31 in which the server's proof covers both the static server config as well as a hash of t…

net/quic/crypto/quic_crypto_client_config.h

Index: net/quic/crypto/quic_crypto_client_config.h
diff --git a/net/quic/crypto/quic_crypto_client_config.h b/net/quic/crypto/quic_crypto_client_config.h
index 9782f10379c70a58d7cd8d1edb98df9de6300a3e..6ecd678502ca9f438ad43bd4d1b22a421641f3ab 100644
--- a/net/quic/crypto/quic_crypto_client_config.h
+++ b/net/quic/crypto/quic_crypto_client_config.h
@@ -86,6 +86,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
     // SetProof stores a certificate chain and signature.
     void SetProof(const std::vector<std::string>& certs,
                   base::StringPiece cert_sct,
+                  base::StringPiece chlo_hash,
                   base::StringPiece signature);
 
     // Clears all the data.
@@ -108,6 +109,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
     const std::string& source_address_token() const;
     const std::vector<std::string>& certs() const;
     const std::string& cert_sct() const;
+    const std::string& chlo_hash() const;
     const std::string& signature() const;
     bool proof_valid() const;
     uint64_t generation_counter() const;
@@ -158,6 +160,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
                     base::StringPiece source_address_token,
                     const std::vector<std::string>& certs,
                     const std::string& cert_sct,
+                    base::StringPiece chlo_hash,
                     base::StringPiece signature,
                     QuicWallTime now);
 
@@ -167,6 +170,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
     std::vector<std::string> certs_;    // A list of certificates in leaf-first
                                         // order.
     std::string cert_sct_;              // Signed timestamp of the leaf cert.
+    std::string chlo_hash_;             // Hash of the CHLO message.
     std::string server_config_sig_;     // A signature of |server_config_|.
     bool server_config_valid_;          // True if |server_config_| is correctly
                                         // signed and |certs_| has been
@@ -248,6 +252,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
   QuicErrorCode ProcessRejection(const CryptoHandshakeMessage& rej,
                                  QuicWallTime now,
                                  QuicVersion version,
+                                 base::StringPiece chlo_hash,
                                  CachedState* cached,
                                  QuicCryptoNegotiatedParameters* out_params,
                                  std::string* error_details);
@@ -278,6 +283,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
       const CryptoHandshakeMessage& server_update,
       QuicWallTime now,
       const QuicVersion version,
+      base::StringPiece chlo_hash,
       CachedState* cached,
       QuicCryptoNegotiatedParameters* out_params,
       std::string* error_details);
@@ -334,6 +340,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
       const CryptoHandshakeMessage& message,
       QuicWallTime now,
       const QuicVersion version,
+      base::StringPiece chlo_hash,
       const std::vector<std::string>& cached_certs,
       CachedState* cached,
       std::string* error_details);