Index: net/http/transport_security_state.h |
diff --git a/net/http/transport_security_state.h b/net/http/transport_security_state.h |
index 2988f3ad8a49e9fe072795af4c4b2b9654cb20e0..0762f6339d5cb751d2d9d04c2840803ab86e5dfa 100644 |
--- a/net/http/transport_security_state.h |
+++ b/net/http/transport_security_state.h |
@@ -27,6 +27,7 @@ class GURL; |
namespace net { |
+class ExpectStapleReport; |
class HostPortPair; |
class SSLInfo; |
@@ -385,8 +386,17 @@ class NET_EXPORT TransportSecurityState |
const HostPortPair& host_port_pair, |
const SSLInfo& ssl_info); |
+ void CheckExpectStaple(const HostPortPair& host_port_pair, |
svaldez
2016/06/16 11:14:38
Add comment about what this does.
dadrian
2016/06/16 19:20:18
Done.
|
+ const X509Certificate& verified_certificate, |
+ const X509Certificate& unverified_certificate, |
+ bool is_issued_by_known_root, |
+ const base::Time& verify_time, |
+ const base::TimeDelta& max_age, |
+ const std::string& ocsp_response); |
+ |
private: |
friend class TransportSecurityStateTest; |
+ friend class ExpectStapleTest; |
FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly); |
FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0); |
FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins); |
@@ -410,6 +420,14 @@ class NET_EXPORT TransportSecurityState |
// information) is timely. |
static bool IsBuildTimely(); |
+ // Helper method for serializing an ExpectStaple report. |
+ static bool SerializeExpectStapleReport( |
+ const HostPortPair& host_port_pair, |
+ const X509Certificate& unverified_certificate, |
+ bool is_issued_by_known_root, |
+ const ExpectStapleReport& report, |
+ std::string* serialized_report); |
+ |
// Helper method for actually checking pins. |
bool CheckPublicKeyPinsImpl( |
const HostPortPair& host_port_pair, |