diff options
| author | Robert Sloan <varomodt@google.com> | 2018-01-22 12:53:01 -0800 |
|---|---|---|
| committer | Rob Sloan <varomodt@google.com> | 2018-01-23 17:32:16 +0000 |
| commit | 978112cdf099dece01f92874cc8a8025b2405a59 (patch) | |
| tree | 18f725077b4089ab4c60f4fc19c2b265f9f79bda /src/ssl/internal.h | |
| parent | 0db7f543e9eb4209a3124ef956229ed0e942193d (diff) | |
| download | boringssl-978112cdf099dece01f92874cc8a8025b2405a59.tar.gz | |
NO PARTIAL RERUN external/boringssl: Sync to cb15cfda29c0c60d8d74145b17c93b43a7667837.android-wear-8.0.0_r1
This includes the following changes:
https://boringssl.googlesource.com/boringssl/+log/37c6eb4284bea36be9fa41d35b582008f2023dcf..cb15cfda29c0c60d8d74145b17c93b43a7667837
Test: BoringSSL CTS Presubmits
Change-Id: I8a20a38a338c40600b7b1034cd1d750d8ce2cbe6
Diffstat (limited to 'src/ssl/internal.h')
| -rw-r--r-- | src/ssl/internal.h | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/ssl/internal.h b/src/ssl/internal.h index 91ca1f7e..fb991016 100644 --- a/src/ssl/internal.h +++ b/src/ssl/internal.h @@ -1376,6 +1376,12 @@ struct SSL_HANDSHAKE { // peer_key is the peer's ECDH key for a TLS 1.2 client. Array<uint8_t> peer_key; + // negotiated_token_binding_version is used by a server to store the + // on-the-wire encoding of the Token Binding protocol version to advertise in + // the ServerHello/EncryptedExtensions if the Token Binding extension is to be + // sent. + uint16_t negotiated_token_binding_version; + // server_params, in a TLS 1.2 server, stores the ServerKeyExchange // parameters. It has client and server randoms prepended for signing // convenience. @@ -2606,6 +2612,14 @@ struct SSLConnection { uint8_t *alpn_client_proto_list; unsigned alpn_client_proto_list_len; + // Contains a list of supported Token Binding key parameters. + uint8_t *token_binding_params; + size_t token_binding_params_len; + + // The negotiated Token Binding key parameter. Only valid if + // |token_binding_negotiated| is set. + uint8_t negotiated_token_binding_param; + // renegotiate_mode controls how peer renegotiation attempts are handled. enum ssl_renegotiate_mode_t renegotiate_mode; @@ -2633,6 +2647,9 @@ struct SSLConnection { // we'll advertise support. bool tlsext_channel_id_enabled:1; + // token_binding_negotiated is set if Token Binding was negotiated. + bool token_binding_negotiated:1; + // retain_only_sha256_of_client_certs is true if we should compute the SHA256 // hash of the peer's certificate and then discard it to save memory and // session space. Only effective on the server side. |