Implement Expect-Staple

net/http/transport_security_state.h

Index: net/http/transport_security_state.h
diff --git a/net/http/transport_security_state.h b/net/http/transport_security_state.h
index 2988f3ad8a49e9fe072795af4c4b2b9654cb20e0..63dcf174ac68a64d43d1861286e6034e0dd0a06c 100644
--- a/net/http/transport_security_state.h
+++ b/net/http/transport_security_state.h
@@ -19,6 +19,7 @@
 #include "base/time/time.h"
 #include "net/base/expiring_cache.h"
 #include "net/base/net_export.h"
+#include "net/cert/expect_staple_report.h"
 #include "net/cert/x509_cert_types.h"
 #include "net/cert/x509_certificate.h"
 #include "url/gurl.h"
@@ -385,8 +386,16 @@ class NET_EXPORT TransportSecurityState
                              const HostPortPair& host_port_pair,
                              const SSLInfo& ssl_info);
 
+  void CheckExpectStaple(const HostPortPair& host_port_pair,
+                         const X509Certificate& verified_certificate,
+                         const X509Certificate& unverified_certificate,
+                         const base::Time& verify_time,
+                         const base::TimeDelta& max_age,
+                         const std::string& ocsp_response);
+
  private:
   friend class TransportSecurityStateTest;
+  friend class ExpectStapleTest;
   FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly);
   FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0);
   FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins);
@@ -410,6 +419,13 @@ class NET_EXPORT TransportSecurityState
   // information) is timely.
   static bool IsBuildTimely();
 
+  // Helper method for serializing an ExpectStaple report.
+  static bool SerializeExpectStapleReport(
+      const HostPortPair& host_port_pair,
+      const X509Certificate& unverified_certificate,
+      const ExpectStapleReport& report,
+      std::string* serialized_report);
+
   // Helper method for actually checking pins.
   bool CheckPublicKeyPinsImpl(
       const HostPortPair& host_port_pair,