Certificate path builder for new certificate verification library

net/cert/internal/parse_certificate.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/internal/parse_certificate.h"
 
 #include <utility>
 
 #include "net/der/input.h"
 #include "net/der/parse_values.h"
@@ skipping 136 matching lines @@
   }
   return true;
 }
 
 }  // namespace
 
 ParsedCertificate::ParsedCertificate() {}
 
 ParsedCertificate::~ParsedCertificate() {}
 
+// XXX these "copy without reparsing" constructors are kind ugly. think about
+// other options?
+ParsedCertificate::ParsedCertificate(const ParsedCertificate& other,
+                                     const der::Input& old_data,
+                                     const der::Input& new_data)
+    : tbs_certificate_tlv(other.tbs_certificate_tlv, old_data, new_data),
+      signature_algorithm_tlv(other.signature_algorithm_tlv,
+                              old_data,
+                              new_data),
+      signature_value(
+          der::Input(other.signature_value.bytes(), old_data, new_data),
+          other.signature_value.unused_bits()) {}
+
 ParsedTbsCertificate::ParsedTbsCertificate() {}
 
 ParsedTbsCertificate::~ParsedTbsCertificate() {}
 
+ParsedTbsCertificate::ParsedTbsCertificate(const ParsedTbsCertificate& other,
+                                           const der::Input& old_data,
+                                           const der::Input& new_data)
+    : version(other.version),
+      serial_number(other.serial_number, old_data, new_data),
+      signature_algorithm_tlv(other.signature_algorithm_tlv,
+                              old_data,
+                              new_data),
+      issuer_tlv(other.issuer_tlv, old_data, new_data),
+      validity_not_before(other.validity_not_before),
+      validity_not_after(other.validity_not_after),
+      subject_tlv(other.subject_tlv, old_data, new_data),
+      spki_tlv(other.spki_tlv, old_data, new_data),
+      has_issuer_unique_id(other.has_issuer_unique_id),
+      issuer_unique_id(
+          der::Input(other.issuer_unique_id.bytes(), old_data, new_data),
+          other.issuer_unique_id.unused_bits()),
+      has_subject_unique_id(other.has_subject_unique_id),
+      subject_unique_id(
+          der::Input(other.subject_unique_id.bytes(), old_data, new_data),
+          other.subject_unique_id.unused_bits()),
+      has_extensions(other.has_extensions),
+      extensions_tlv(other.extensions_tlv, old_data, new_data) {}
+
 bool VerifySerialNumber(const der::Input& value) {
   bool unused_negative;
   if (!der::IsValidInteger(value, &unused_negative))
     return false;
 
   // Check if the serial number is too long per RFC 5280.
   if (value.Length() > 20)
     return false;
 
   return true;
@@ skipping 402 matching lines @@
   //
   //     When the keyUsage extension appears in a certificate, at least
   //     one of the bits MUST be set to 1.
   if (BitStringIsAllZeros(*key_usage))
     return false;
 
   return true;
 }
 
 }  // namespace net