Set Token-Binding HTTP header

net/http/http_stream_parser.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_stream_parser.h"
 
+#include "base/base64.h"
 #include "base/bind.h"
 #include "base/compiler_specific.h"
 #include "base/logging.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/profiler/scoped_tracker.h"
 #include "base/strings/string_util.h"
 #include "base/values.h"
 #include "net/base/io_buffer.h"
 #include "net/base/ip_endpoint.h"
 #include "net/base/upload_data_stream.h"
 #include "net/http/http_chunked_decoder.h"
 #include "net/http/http_request_headers.h"
 #include "net/http/http_request_info.h"
 #include "net/http/http_response_headers.h"
 #include "net/http/http_status_line_validator.h"
 #include "net/http/http_util.h"
 #include "net/socket/client_socket_handle.h"
 #include "net/socket/ssl_client_socket.h"
+#include "net/ssl/token_binding.h"
 
 namespace net {
 
 namespace {
 
 enum HttpHeaderParserEvent {
   HEADER_PARSER_INVOKED = 0,
   // Obsolete: HEADER_HTTP_09_RESPONSE = 1,
   HEADER_ALLOWED_TRUNCATED_HEADERS = 2,
   HEADER_SKIPPED_WS_PREFIX = 3,
@@ skipping 1056 matching lines @@
 
 void HttpStreamParser::GetSSLCertRequestInfo(
     SSLCertRequestInfo* cert_request_info) {
   if (request_->url.SchemeIsCryptographic() && connection_->socket()) {
     SSLClientSocket* ssl_socket =
         static_cast<SSLClientSocket*>(connection_->socket());
     ssl_socket->GetSSLCertRequestInfo(cert_request_info);
   }
 }
 
+int HttpStreamParser::GetTokenBindingMessageHeader(std::string* out) {
+  if (!request_->url.SchemeIsCryptographic() || !connection_->socket()) {
+    *out = "";
+    return OK;
+  }
+  SSLClientSocket* ssl_socket =
+      static_cast<SSLClientSocket*>(connection_->socket());
+  SSLInfo ssl_info;
+  if (!ssl_socket->GetSSLInfo(&ssl_info) ||
+      !ssl_info.token_binding_negotiated) {
+    *out = "";
+    return OK;
+  }
+  std::string provided_token_binding = ssl_socket->GetProvidedTokenBinding();
+  if (provided_token_binding == "") {
+    *out = "";
+    return OK;
+  }
+  std::string token_binding_message;
+  std::vector<std::string> token_bindings;
+  token_bindings.push_back(provided_token_binding);
+  int rv;
+  if ((rv = BuildTokenBindingMessageFromTokenBindings(
+           token_bindings, &token_binding_message)) != OK) {
+    return rv;
+  }
+  base::Base64Encode(token_binding_message, out);
+  base::ReplaceChars(*out, "+", "-", out);
+  base::ReplaceChars(*out, "/", "_", out);
+  return OK;
+}
+
 int HttpStreamParser::EncodeChunk(const base::StringPiece& payload,
                                   char* output,
                                   size_t output_size) {
   if (output_size < payload.size() + kChunkHeaderFooterSize)
     return ERR_INVALID_ARGUMENT;
 
   char* cursor = output;
   // Add the header.
   const int num_chars = base::snprintf(output, output_size,
                                        "%X\r\n",
@@ skipping 27 matching lines @@
 }
 
 void HttpStreamParser::ValidateStatusLine(const std::string& status_line) {
   HttpStatusLineValidator::StatusLineStatus status =
       HttpStatusLineValidator::ValidateStatusLine(status_line);
   UMA_HISTOGRAM_ENUMERATION("Net.HttpStatusLineStatus", status,
                             HttpStatusLineValidator::STATUS_LINE_MAX);
 }
 
 }  // namespace net