Adds a VerifyAuditProof method to CTLogVerifier

net/cert/ct_log_verifier.h

Index: net/cert/ct_log_verifier.h
diff --git a/net/cert/ct_log_verifier.h b/net/cert/ct_log_verifier.h
index e9ba307c3e99d33d7a22b984b823ccb4e7022073..6e3b938eb0bff7884d1105465afa7bf99515b5a1 100644
--- a/net/cert/ct_log_verifier.h
+++ b/net/cert/ct_log_verifier.h
@@ -19,14 +19,13 @@
 typedef struct evp_pkey_st EVP_PKEY;
 
 namespace net {
 
 namespace ct {
-
-struct SignedTreeHead;
+struct MerkleAuditProof;
 struct MerkleConsistencyProof;
-
+struct SignedTreeHead;
 }  // namespace ct
 
 // Class for verifying signatures of a single Certificate Transparency
 // log, whose identity is provided during construction.
 // Currently can verify Signed Certificate Timestamp (SCT) and Signed
@@ -74,10 +73,18 @@ class NET_EXPORT CTLogVerifier
   // |new_tree_hash|.
   bool VerifyConsistencyProof(const ct::MerkleConsistencyProof& proof,
                               const std::string& old_tree_hash,
                               const std::string& new_tree_hash) const;
 
+  // Verifies that |proof| is a valid audit proof (RFC 6962, Section 2.1.1) for
+  // this log, and which proves that the certificate represented by |leaf_hash|
+  // has been incorporated into the Merkle tree represented by |root_hash|.
+  // Returns true if verification succeeds, false otherwise.
+  bool VerifyAuditProof(const ct::MerkleAuditProof& proof,
+                        const std::string& root_hash,
+                        const std::string& leaf_hash) const;
+
  private:
   FRIEND_TEST_ALL_PREFIXES(CTLogVerifierTest, VerifySignature);
   friend class base::RefCountedThreadSafe<CTLogVerifier>;
 
   CTLogVerifier(const base::StringPiece& description,