Adds a function for encoding a Merkle tree leaf in TLS wire format.

net/cert/ct_serialization.h

Index: net/cert/ct_serialization.h
diff --git a/net/cert/ct_serialization.h b/net/cert/ct_serialization.h
index f183247469f9e217e017894b425c8af095127817..6219b8a95b6493863c691a49297fb2b4cd05861f 100644
--- a/net/cert/ct_serialization.h
+++ b/net/cert/ct_serialization.h
@@ -19,6 +19,8 @@ namespace net {
 // Transparency to/from the TLS wire format encoding.
 namespace ct {
 
+struct MerkleTreeLeaf;
+
 // If |input.signature_data| is less than kMaxSignatureLength, encodes the
 // |input| to |output| and returns true. Otherwise, returns false.
 NET_EXPORT_PRIVATE bool EncodeDigitallySigned(const DigitallySigned& input,
@@ -35,6 +37,11 @@ NET_EXPORT_PRIVATE bool DecodeDigitallySigned(base::StringPiece* input,
 NET_EXPORT_PRIVATE bool EncodeLogEntry(const LogEntry& input,
                                        std::string* output);
 
+// Encodes the Merkle tree |leaf| into |output|.
+// These bytes can be hashed for use with inclusion proof fetching.
+// Note that the log ID is not serialized.

[eroman, 2016/05/07 00:20:52]

Not quite sure what this line means.

Does this mean the log ID is not included in |output|?

[Rob Percival, 2016/05/08 04:08:18]

Yes - I've clarified this.

+NET_EXPORT bool EncodeTreeLeaf(const MerkleTreeLeaf& leaf, std::string* output);

[eroman, 2016/05/07 00:20:52]

Please clarify in the comments that this *appends* to |output|.

Otherwise clear |output| at the start of the implementation.

[Rob Percival, 2016/05/08 04:08:17]

Clarified. The same ought to be done for the other function documentation in
this file, albeit not as part of this change.

+
 // Encodes the data signed by a Signed Certificate Timestamp (SCT) into
 // |output|. The signature included in the SCT is then verified over these
 // bytes.