Index: net/ssl/ssl_config.h |
diff --git a/net/ssl/ssl_config.h b/net/ssl/ssl_config.h |
index 6b3919bbe6389e384b71890b53310fafae829b2d..25df8c690f0ca87f1c4a9c83b75c9c36a45032db 100644 |
--- a/net/ssl/ssl_config.h |
+++ b/net/ssl/ssl_config.h |
@@ -26,6 +26,12 @@ enum { |
SSL_PROTOCOL_VERSION_TLS1_2 = 0x0303, |
}; |
+enum TokenBindingParam { |
+ TB_PARAM_RSA2048_PKCS15_SHA256 = 0, |
+ TB_PARAM_RSA2048_PSS_SHA256 = 1, |
+ TB_PARAM_ECDSAP256_SHA256 = 2, |
+}; |
+ |
// Default minimum protocol version. |
NET_EXPORT extern const uint16 kDefaultSSLVersionMin; |
@@ -112,6 +118,11 @@ struct NET_EXPORT SSLConfig { |
bool enable_deprecated_cipher_suites; |
bool channel_id_enabled; // True if TLS channel ID extension is enabled. |
+ |
+ // List of Token Binding key parameters supported by the client. If empty, |
+ // Token Binding will be disabled. |
+ std::vector<TokenBindingParam> token_binding_params; |
+ |
bool false_start_enabled; // True if we'll use TLS False Start. |
// True if the Certificate Transparency signed_certificate_timestamp |
// TLS extension is enabled. |