In order to audit CT logs, we must request audit proofs for SCTs that Chrome receives. To do this, we need the leaf hash corresponding to each SCT (see https://tools.ietf.org/html/rfc6962#section-4.5). This could be generated by building a net::ct::MerkleTreeLeaf from a certificate and its SCT, serializing it to TLS wire format and then hashing it.
Serialization functions should be added to net/cert/ct_serialization.{h,cc}.
A hash function could be added to net/cert/merkle_tree_leaf.{h,cc}. It should use `crypto::SecureHash::Create(crypto::SecureHash::SHA256)` to hash the serialized MerkleTreeLeaf.
Comment 1 by robpercival@chromium.org
, May 4 2016