Move chain building/verification out of X509Certificate

net/base/x509_certificate_unittest.cc

Index: net/base/x509_certificate_unittest.cc
diff --git a/net/base/x509_certificate_unittest.cc b/net/base/x509_certificate_unittest.cc
index 6663a9fa445e51a50068eff3ea6cbd7c916dc658..a9426c4c42a5cde7263ee27b307993911339ad2b 100644
--- a/net/base/x509_certificate_unittest.cc
+++ b/net/base/x509_certificate_unittest.cc
@@ -12,6 +12,7 @@
 #include "net/base/net_errors.h"
 #include "net/base/test_certificate_data.h"
 #include "net/base/x509_certificate.h"
+#include "net/base/x509_chain.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 // Unit tests aren't allowed to access external resources. Unfortunately, to
@@ -244,9 +245,10 @@ void CheckGoogleCert(const scoped_refptr<X509Certificate>& google_cert,
 #if TEST_EV
   // TODO(avi): turn this on for the Mac once EV checking is implemented.
   CertVerifyResult verify_result;
-  int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED |
-                X509Certificate::VERIFY_EV_CERT;
-  EXPECT_EQ(OK, google_cert->Verify("www.google.com", flags, &verify_result));
+  int flags = x509_chain::VERIFY_REV_CHECKING_ENABLED |
+                x509_chain::VERIFY_EV_CERT;
+  EXPECT_EQ(OK, x509_chain::VerifySSLServer(google_cert, "www.google.com",
+                                            flags, &verify_result));
   EXPECT_EQ(0, verify_result.cert_status & CERT_STATUS_IS_EV);
 #endif
 }
@@ -364,8 +366,8 @@ TEST(X509CertificateTest, ThawteCertParsing) {
   EXPECT_EQ("www.thawte.com", dns_names[0]);
 
 #if TEST_EV
-  int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED |
-                X509Certificate::VERIFY_EV_CERT;
+  int flags = x509_chain::VERIFY_REV_CHECKING_ENABLED |
+                x509_chain::VERIFY_EV_CERT;
   CertVerifyResult verify_result;
   // EV cert verification requires revocation checking.
   EXPECT_EQ(OK, thawte_cert->Verify("www.thawte.com", flags, &verify_result));
@@ -393,8 +395,8 @@ TEST(X509CertificateTest, PaypalNullCertParsing) {
 
   int flags = 0;
   CertVerifyResult verify_result;
-  int error = paypal_null_cert->Verify("www.paypal.com", flags,
-                                       &verify_result);
+  int error = x509_chain::VerifySSLServer(paypal_null_cert, "www.paypal.com",
+                                          flags, &verify_result);
   EXPECT_NE(OK, error);
   // Either the system crypto library should correctly report a certificate
   // name mismatch, or our certificate blacklist should cause us to report an
@@ -421,8 +423,8 @@ TEST(X509CertificateTest, UnoSoftCertParsing) {
 
   int flags = 0;
   CertVerifyResult verify_result;
-  int error = unosoft_hu_cert->Verify("www.unosoft.hu", flags,
-                                      &verify_result);
+  int error = x509_chain::VerifySSLServer(unosoft_hu_cert, "www.unosoft.hu",
+                                          flags, &verify_result);
   EXPECT_NE(OK, error);
   EXPECT_NE(0, verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID);
 }
@@ -460,7 +462,8 @@ TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) {
 
   int flags = 0;
   CertVerifyResult verify_result;
-  int error = cert_chain->Verify("www.us.army.mil", flags, &verify_result);
+  int error = x509_chain::VerifySSLServer(server_cert, "www.us.army.mil",
+                                          flags, &verify_result);
   EXPECT_EQ(OK, error);
   EXPECT_EQ(0, verify_result.cert_status);
 }