Add new ParsedCertificate class, move TrustStore to own file.

net/cert/internal/verify_certificate_chain_unittest.cc

Index: net/cert/internal/verify_certificate_chain_unittest.cc
diff --git a/net/cert/internal/verify_certificate_chain_unittest.cc b/net/cert/internal/verify_certificate_chain_unittest.cc
index a4443ca2d1c61d60b6c5d43b0d8a67d8aff5ff6d..a3af94baae4b53a9af1c9addb7f52d990c2abb30 100644
--- a/net/cert/internal/verify_certificate_chain_unittest.cc
+++ b/net/cert/internal/verify_certificate_chain_unittest.cc
@@ -10,9 +10,10 @@
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
-#include "net/cert/internal/parse_certificate.h"
+#include "net/cert/internal/parsed_certificate.h"
 #include "net/cert/internal/signature_policy.h"
 #include "net/cert/internal/test_helpers.h"
+#include "net/cert/internal/trust_store.h"
 #include "net/cert/pem_tokenizer.h"
 #include "net/der/input.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ -75,7 +76,10 @@ void ReadTestFromFile(const std::string& file_name,
     if (block_type == kCertificateHeader) {
       chain->push_back(block_data);
     } else if (block_type == kTrustedCertificateHeader) {
-      ASSERT_TRUE(trust_store->AddTrustedCertificate(block_data));
+      scoped_refptr<ParsedCertificate> cert(
+          ParsedCertificate::CreateFromCertificateCopy(block_data));
+      ASSERT_TRUE(cert);
+      trust_store->AddTrustedCertificate(std::move(cert));
     } else if (block_type == kTimeHeader) {
       ASSERT_FALSE(has_time) << "Duplicate " << kTimeHeader;
       has_time = true;
@@ -101,9 +105,15 @@ void RunTest(const char* file_name) {
 
   ReadTestFromFile(file_name, &chain, &trust_store, &time, &expected_result);
 
-  std::vector<der::Input> input_chain;
-  for (const auto& cert_str : chain)
-    input_chain.push_back(der::Input(&cert_str));
+  std::vector<scoped_refptr<net::ParsedCertificate>> input_chain;
+  for (const std::string& cert_der : chain) {
+    scoped_refptr<net::ParsedCertificate> cert(
+        net::ParsedCertificate::CreateFromCertificateData(
+            reinterpret_cast<const uint8_t*>(cert_der.data()), cert_der.size(),
+            net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE));

[eroman, 2016/05/12 18:12:30]

I think this is the third place using this pattern. Might be appropriate to
extract to a helper

[mattm, 2016/05/13 02:17:37]

Done.

+    ASSERT_TRUE(cert);
+    input_chain.push_back(std::move(cert));
+  }
 
   SimpleSignaturePolicy signature_policy(1024);
 
@@ -225,7 +235,7 @@ TEST(VerifyCertificateChainTest, NonSelfSignedRoot) {
 TEST(VerifyCertificateChainTest, EmptyChainIsInvalid) {
   TrustStore trust_store;
   der::GeneralizedTime time;
-  std::vector<der::Input> chain;
+  std::vector<scoped_refptr<ParsedCertificate>> chain;
   SimpleSignaturePolicy signature_policy(2048);
 
   ASSERT_FALSE(