Add a utility method to convert SPKI from DER to JWK, so far implemented only for EC P256v1 (which …

net/cert/x509_util.h

Index: net/cert/x509_util.h
diff --git a/net/cert/x509_util.h b/net/cert/x509_util.h
index 8a6bae2c95fb7d40719535fabc7d674d15c6e87c..99694679a002e10f60fd36f10c3cc3850c150824 100644
--- a/net/cert/x509_util.h
+++ b/net/cert/x509_util.h
@@ -8,9 +8,14 @@
 #include <string>
 
 #include "base/memory/ref_counted.h"
+#include "base/strings/string_piece.h"
 #include "base/time/time.h"
 #include "net/base/net_export.h"
 
+namespace base {
+class DictionaryValue;
+}
+
 namespace crypto {
 class ECPrivateKey;
 class RSAPrivateKey;
@@ -45,6 +50,13 @@ NET_EXPORT_PRIVATE bool CreateDomainBoundCertEC(
     base::Time not_valid_after,
     std::string* der_cert);
 
+// Converts a subject public key info from DER to JWK.
+// See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-13 for
+// the output format.
+NET_EXPORT_PRIVATE bool ConvertSPKIFromDERToJWK(
+    base::StringPiece spki,

[Ryan Sleevi, 2013/08/02 23:08:43]

"const base::StringPiece&" [Yes, I realize there is frequent debate internally
on this point - particularly for 64-bit - but this is at least what the Chromium
team uses as the vastly dominant pattern]

+    base::DictionaryValue* public_key_jwk);
+
 // Create a self-signed certificate containing the public key in |key|.
 // Subject, serial number and validity period are given as parameters.
 // The certificate is signed by the private key in |key|. The hashing