Adds CreateSelfSignedCertEC to x509_util.h in preparation of persistent DTLS identity store for Web…

net/cert/x509_util.h

Index: net/cert/x509_util.h
diff --git a/net/cert/x509_util.h b/net/cert/x509_util.h
index 50ffc7f55fc9538cd6ca724e292cd224722ebc64..b402b00721712b1bb9dbeae0ebe6d8d01d8c9ef7 100644
--- a/net/cert/x509_util.h
+++ b/net/cert/x509_util.h
@@ -44,6 +44,19 @@ NET_EXPORT_PRIVATE bool CreateDomainBoundCertEC(
     base::Time not_valid_after,
     std::string* der_cert);
 
+// Creates a self-signed certificate containing the public key in |key|.
+// Subject, serial number and validity period are given as parameters.
+// The certificate is signed by |private_key|.
+// The hashing algorithm for the signature is SHA-1.
+// |subject| is a distinguished name defined in RFC4514.

[Ryan Sleevi, 2013/06/06 23:26:15]

API DESIGN: Introducing a dependency on RFC4514 is not good.

Further, it's not even what NSS supports - NSS is based on RFC 1485/1779/2253

If you're just passing common name, let's just call it common name and treat it
as that.

[jiayl, 2013/06/06 23:45:37]

Done.

+NET_EXPORT_PRIVATE bool CreateSelfSignedCertEC(
+    crypto::ECPrivateKey* key,
+    const std::string& subject,
+    uint32 serial_number,
+    base::Time not_valid_before,
+    base::Time not_valid_after,
+    std::string* der_cert);
+
 // Comparator for use in STL algorithms that will sort client certificates by
 // order of preference.
 // Returns true if |a| is more preferable than |b|, allowing it to be used