Refactor X509Certificate caching to cache the OS handle, rather than the X509Certificate

net/base/x509_certificate_win.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/x509_certificate.h"
 
-#include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "base/pickle.h"
 #include "base/sha1.h"
 #include "base/string_tokenizer.h"
 #include "base/string_util.h"
 #include "base/utf_string_conversions.h"
 #include "crypto/rsa_private_key.h"
 #include "crypto/scoped_capi_types.h"
 #include "net/base/asn1_util.h"
 #include "net/base/cert_status_flags.h"
@@ skipping 580 matching lines @@
 
   PCCERT_CONTEXT cert_handle =
       CertCreateSelfSignCertificate(key->provider(), &subject_name,
                                     CERT_CREATE_SELFSIGN_NO_KEY_INFO, NULL,
                                     &sign_algo, &start_time, &end_time, NULL);
   DCHECK(cert_handle) << "Failed to create self-signed certificate: "
                       << GetLastError();
   if (!cert_handle)
     return NULL;
 
-  X509Certificate* cert = CreateFromHandle(cert_handle,
-                                           SOURCE_LONE_CERT_IMPORT,
-                                           OSCertHandles());
+  X509Certificate* cert = CreateFromHandle(cert_handle, OSCertHandles());
   FreeOSCertHandle(cert_handle);
   return cert;
 }
 
 void X509Certificate::GetDNSNames(std::vector<std::string>* dns_names) const {
   dns_names->clear();
   if (cert_handle_) {
     scoped_ptr_malloc<CERT_ALT_NAME_INFO> alt_name_info;
     GetCertSubjectAltName(cert_handle_, &alt_name_info);
     CERT_ALT_NAME_INFO* alt_name = alt_name_info.get();
     if (alt_name) {
       int num_entries = alt_name->cAltEntry;
       for (int i = 0; i < num_entries; i++) {
         // dNSName is an ASN.1 IA5String representing a string of ASCII
         // characters, so we can use WideToASCII here.
         if (alt_name->rgAltEntry[i].dwAltNameChoice == CERT_ALT_NAME_DNS_NAME)
           dns_names->push_back(
               WideToASCII(alt_name->rgAltEntry[i].pwszDNSName));
       }
     }
   }
   if (dns_names->empty())
     dns_names->push_back(subject_.common_name);
 }
 
-class GlobalCertStore {
- public:
-  HCERTSTORE cert_store() {
-    return cert_store_;
-  }
-
- private:
-  friend struct base::DefaultLazyInstanceTraits<GlobalCertStore>;
-
-  GlobalCertStore()
-      : cert_store_(CertOpenStore(CERT_STORE_PROV_MEMORY, 0, NULL, 0, NULL)) {
-  }
-
-  ~GlobalCertStore() {
-    CertCloseStore(cert_store_, 0 /* flags */);
-  }
-
-  const HCERTSTORE cert_store_;
-
-  DISALLOW_COPY_AND_ASSIGN(GlobalCertStore);
-};
-
-static base::LazyInstance<GlobalCertStore> g_cert_store(
-    base::LINKER_INITIALIZED);
-
-// static
-HCERTSTORE X509Certificate::cert_store() {
-  return g_cert_store.Get().cert_store();
-}
-
 int X509Certificate::VerifyInternal(const std::string& hostname,
                                     int flags,
                                     CertVerifyResult* verify_result) const {
   if (!cert_handle_)
     return ERR_UNEXPECTED;
 
   // Build and validate certificate chain.
   CERT_CHAIN_PARA chain_para;
   memset(&chain_para, 0, sizeof(chain_para));
   chain_para.cbSize = sizeof(chain_para);
@@ skipping 348 matching lines @@
   if (!CertSerializeCertificateStoreElement(cert_handle, 0, &buffer[0],
                                             &length)) {
     return false;
   }
 
   return pickle->WriteData(reinterpret_cast<const char*>(&buffer[0]),
                            length);
 }
 
 }  // namespace net