Convert SignedCertificateClass to be ref_counted, and add an SCTStore in which to store them. Add S…

net/cert/single_log_ct_verifier.cc

Index: net/cert/single_log_ct_verifier.cc
diff --git a/net/cert/single_log_ct_verifier.cc b/net/cert/single_log_ct_verifier.cc
index c6e7e6f9924cb673abf0d3aa26eb1176f0b6afcb..15913d9cee7c1ac345e73558d930579062ea630c 100644
--- a/net/cert/single_log_ct_verifier.cc
+++ b/net/cert/single_log_ct_verifier.cc
@@ -70,7 +70,7 @@ bool SingleLogCTVerifier::VerifySCTs(const std::string& encoded_sct_list,
   for (std::vector<base::StringPiece>::const_iterator it = sct_list.begin();
        it != sct_list.end(); ++it) {
     base::StringPiece temp_sct(*it);
-    ct::SignedCertificateTimestamp decoded_sct;
+    scoped_refptr<ct::SignedCertificateTimestamp> decoded_sct;
     if (!DecodeSignedCertificateTimestamp(&temp_sct, &decoded_sct)) {
       // XXX(rsleevi): Should we really just skip over bad SCTs?
       continue;
@@ -78,12 +78,12 @@ bool SingleLogCTVerifier::VerifySCTs(const std::string& encoded_sct_list,
     // Assume this SCT is untrusted until proven otherwise.
     result->unverified_scts.push_back(decoded_sct);
 
-    if (!log_->Verify(expected_entry, decoded_sct)) {
+    if (!log_->Verify(expected_entry, *decoded_sct.get())) {
       DVLOG(1) << "Unable to verify SCT signature.";
       continue;
     }
 
-    if (decoded_sct.timestamp + base::TimeDelta::FromSeconds(1) >
+    if (decoded_sct->timestamp + base::TimeDelta::FromSeconds(1) >
         base::Time::Now()) {
       DVLOG(1) << "SCT is from the future!";
       continue;