Index: net/cert/internal/verify_certificate_chain.cc |
diff --git a/net/cert/internal/verify_certificate_chain.cc b/net/cert/internal/verify_certificate_chain.cc |
index ee379fd75b1473f7e0bb4a143519fdd67727a6d2..5b20d4b410fd22fa81a03e16149d2ddef1c0f14b 100644 |
--- a/net/cert/internal/verify_certificate_chain.cc |
+++ b/net/cert/internal/verify_certificate_chain.cc |
@@ -343,19 +343,12 @@ WARN_UNUSED_RESULT bool WrapUp(const ParsedCertificate& cert) { |
// signature nor issuer name are verified. (It needn't be self-signed). |
bool VerifyCertificateChainAssumingTrustedRoot( |
const ParsedCertificateList& certs, |
- // The trust store is only used for assertions. |
- const TrustStore& trust_store, |
const SignaturePolicy* signature_policy, |
const der::GeneralizedTime& time) { |
// An empty chain is necessarily invalid. |
if (certs.empty()) |
return false; |
- // IMPORTANT: the assumption being made is that the root certificate in |
- // the given path is the trust anchor (and has already been verified as |
- // such). |
- DCHECK(trust_store.IsTrustedCertificate(certs.back().get())); |
- |
// Will contain a NameConstraints for each previous cert in the chain which |
// had nameConstraints. This corresponds to the permitted_subtrees and |
// excluded_subtrees state variables from RFC 5280. |