Refactor TransportSecurityState.

net/base/x509_certificate.h

Index: net/base/x509_certificate.h
===================================================================
--- net/base/x509_certificate.h	(revision 128526)
+++ net/base/x509_certificate.h	(working copy)
@@ -47,6 +47,13 @@
 class CRLSet;
 class CertVerifyResult;
 
+// In the future there will be a generic Fingerprint type, with at least two
+// implementations: SHA1 and SHA256. See http://crbug.com/117914. Until that
+// work is done (in a separate patch) this typedef bridges the gap.
+typedef SHA1Fingerprint Fingerprint;
+
+typedef std::vector<Fingerprint> FingerprintVector;
+
 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
 
 // X509Certificate represents a X.509 certificate, which is comprised a
@@ -220,6 +227,12 @@
                                            uint32 serial_number,
                                            base::TimeDelta valid_duration);
 
+  // Parses |cert|'s Subject Public Key Info structure, hashes it,
+  // populates |fingerprint|, and returns true. Returns false if there are
+  // any parse errors.
+  static bool GetPublicKeyHash(const OSCertHandle& cert,
+                               SHA1Fingerprint* fingerprint);
+
   // Appends a representation of this object to the given pickle.
   void Persist(Pickle* pickle);