Update Token Binding code to the latest drafts

net/http/http_stream.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // HttpStream provides an abstraction for a basic http streams, SPDY, and QUIC.
 // The HttpStream subtype is expected to manage the underlying transport
 // appropriately.  For example, a basic http stream will return the transport
 // socket to the pool for reuse.  SPDY streams on the other hand leave the
 // transport socket management to the SpdySession.
 
 #ifndef NET_HTTP_HTTP_STREAM_H_
 #define NET_HTTP_HTTP_STREAM_H_
 
 #include <stdint.h>
 
 #include <memory>
 #include <vector>
 
 #include "base/macros.h"
 #include "net/base/completion_callback.h"
 #include "net/base/net_error_details.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_export.h"
 #include "net/base/request_priority.h"
+#include "net/ssl/token_binding.h"
 
 namespace crypto {
 class ECPrivateKey;
 }
 
 namespace net {
 
 class BoundNetLog;
 class HttpNetworkSession;
 class HttpRequestHeaders;
@@ skipping 115 matching lines @@
   // Get the SSLCertRequestInfo associated with this stream's connection.
   // This should only be called for streams over SSL sockets, otherwise the
   // behavior is undefined.
   virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info) = 0;
 
   // Gets the remote endpoint of the socket that the HTTP stream is using, if
   // any. Returns true and fills in |endpoint| if it is available; returns false
   // and does not modify |endpoint| if it is unavailable.
   virtual bool GetRemoteEndpoint(IPEndPoint* endpoint) = 0;
 
-  // Signs the EKM value for Token Binding from the TLS layer using |*key| and
-  // puts the result in |*out|. Returns OK or ERR_FAILED.
-  virtual Error GetSignedEKMForTokenBinding(crypto::ECPrivateKey* key,
-                                            std::vector<uint8_t>* out) = 0;
+  // Generates the signature used in Token Binding using |*key| and for a Token
+  // Binding of type |tb_type|, putting the signature in |*out|. Returns OK or
+  // ERR_FAILED.
+  virtual Error GetTokenBindingSignature(crypto::ECPrivateKey* key,
+                                         TokenBindingType tb_type,
+                                         std::vector<uint8_t>* out) = 0;
 
   // In the case of an HTTP error or redirect, flush the response body (usually
   // a simple error or "this page has moved") so that we can re-use the
   // underlying connection. This stream is responsible for deleting itself when
   // draining is complete.
   virtual void Drain(HttpNetworkSession* session) = 0;
 
   // Get the network error details this stream is encountering.
   // Fills in |details| if it is available; leaves |details| unchanged if it
   // is unavailable.
   virtual void PopulateNetErrorDetails(NetErrorDetails* details) = 0;
 
   // Called when the priority of the parent transaction changes.
   virtual void SetPriority(RequestPriority priority) = 0;
 
   // Returns a new (not initialized) stream using the same underlying
   // connection and invalidates the old stream - no further methods should be
   // called on the old stream.  The caller should ensure that the response body
   // from the previous request is drained before calling this method.  If the
   // subclass does not support renewing the stream, NULL is returned.
   virtual HttpStream* RenewStreamForAuth() = 0;
 
  private:
   DISALLOW_COPY_AND_ASSIGN(HttpStream);
 };
 
 }  // namespace net
 
 #endif  // NET_HTTP_HTTP_STREAM_H_