QUIC - Code to verify SCT tag with certificate transparency verifier
(CTVerifier). SCT tag is verified only if it exists.
Added unittests that verifies a known SCT (a string returned
by ct::GetTestSignedCertificateTimestamp()) that are
similar to MultiLogCTVerifierTest. Used the same certs
as SCT unittests.
TODO: Enable code that requests SCT tag from server.
[email protected], [email protected]
Review URL: https://codereview.chromium.org/1454993002
Cr-Commit-Position: refs/heads/master@{#361439}
diff --git a/net/quic/quic_chromium_client_session.h b/net/quic/quic_chromium_client_session.h
index 9cae22c..72424c2 100644
--- a/net/quic/quic_chromium_client_session.h
+++ b/net/quic/quic_chromium_client_session.h
@@ -18,6 +18,7 @@
#include "base/time/time.h"
#include "net/base/completion_callback.h"
#include "net/base/socket_performance_watcher.h"
+#include "net/cert/ct_verify_result.h"
#include "net/proxy/proxy_server.h"
#include "net/quic/quic_client_session_base.h"
#include "net/quic/quic_connection_logger.h"
@@ -274,6 +275,7 @@
TransportSecurityState* transport_security_state_;
scoped_ptr<QuicServerInfo> server_info_;
scoped_ptr<CertVerifyResult> cert_verify_result_;
+ scoped_ptr<ct::CTVerifyResult> ct_verify_result_;
std::string pinning_failure_log_;
ObserverSet observers_;
StreamRequestQueue stream_requests_;
