Index: net/cert/asn1_util.h |
diff --git a/net/cert/asn1_util.h b/net/cert/asn1_util.h |
index ed379b3f1223cf9f2cf2aa92fd71082f22c80edc..339b2945c6fe06a803b6ed774ec6187afb154efc 100644 |
--- a/net/cert/asn1_util.h |
+++ b/net/cert/asn1_util.h |
@@ -20,6 +20,8 @@ static const unsigned kINTEGER = 0x02; |
static const unsigned kBITSTRING = 0x03; |
static const unsigned kOCTETSTRING = 0x04; |
static const unsigned kOID = 0x06; |
+static const unsigned kENUMERATED = 0x0a; |
+static const unsigned kGENERALIZEDTIME = 0x18; |
static const unsigned kSEQUENCE = 0x30; |
// These are flags that can be ORed with the above tag numbers. |
@@ -86,6 +88,16 @@ NET_EXPORT_PRIVATE bool ExtractCRLURLsFromDERCert( |
base::StringPiece cert, |
std::vector<base::StringPiece>* urls_out); |
+// ExtractSCTExtensionFromOCSPResponse parses the DER encoded OCSP response in |
+// |ocsp_response| and extracts the SignedCertificateTimestampList matching the |
+// serial number given in |cert_serial_number|. On successful return, the |
+// |sct_list_out| is either empty (no response found), or points into |
+// |ocsp_response|. |
+NET_EXPORT_PRIVATE bool ExtractSCTExtensionFromOCSPResponse( |
Ryan Sleevi
2013/12/03 21:03:18
Not LGTM here. We should not be doing this using a
|
+ base::StringPiece ocsp_response, |
+ base::StringPiece cert_serial_number, |
+ base::StringPiece* sct_list_out); |
+ |
} // namespace asn1 |
} // namespace net |