Remove the fingerprint and ca_fingerprint from X509Certificate

content/browser/cert_store_impl.cc

Index: content/browser/cert_store_impl.cc
diff --git a/content/browser/cert_store_impl.cc b/content/browser/cert_store_impl.cc
index cc0d880ecfcb4014b174b66b92e028f708cc257d..6b183ace9afa172d3ba0da6bc475d7856d7d9128 100644
--- a/content/browser/cert_store_impl.cc
+++ b/content/browser/cert_store_impl.cc
@@ -16,17 +16,37 @@ CertStoreImpl* CertStoreImpl::GetInstance() {
   return base::Singleton<CertStoreImpl>::get();
 }
 
-CertStoreImpl::CertStoreImpl() {}
-
-CertStoreImpl::~CertStoreImpl() {}
-
 int CertStoreImpl::StoreCert(net::X509Certificate* cert, int process_id) {
-  return store_.Store(cert, process_id);
+  scoped_refptr<HashAndCert> hash_and_cert(new HashAndCert);
+  hash_and_cert->chain_hash =
+      net::X509Certificate::CalculateChainFingerprint256(
+          cert->os_cert_handle(), cert->GetIntermediateCertificates());
+  hash_and_cert->cert = cert;
+  return store_.Store(hash_and_cert.get(), process_id);
 }
 
 bool CertStoreImpl::RetrieveCert(int cert_id,
                                  scoped_refptr<net::X509Certificate>* cert) {
-  return store_.Retrieve(cert_id, cert);
+  scoped_refptr<HashAndCert> hash_and_cert;
+  if (store_.Retrieve(cert_id, &hash_and_cert)) {
+    *cert = hash_and_cert->cert;
+    return true;
+  }
+  return false;
+}
+
+CertStoreImpl::CertStoreImpl() {}
+
+CertStoreImpl::~CertStoreImpl() {}
+
+CertStoreImpl::HashAndCert::HashAndCert() = default;
+
+bool CertStoreImpl::HashAndCert::LessThan::operator()(
+    const scoped_refptr<HashAndCert>& lhs,
+    const scoped_refptr<HashAndCert>& rhs) const {
+  return net::SHA256HashValueLessThan()(lhs->chain_hash, rhs->chain_hash);
 }
 
+CertStoreImpl::HashAndCert::~HashAndCert() = default;
+
 }  // namespace content