[refactor] Extract the CertVerifyResult assignment of has_md2, has_md4,

net/cert/cert_verify_proc.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/cert_verify_proc.h"
 
 #include <stdint.h>
 
 #include <algorithm>
 
@@ skipping 756 matching lines @@
   if (start >= time_2015_04_01 && month_diff > 39)
     return true;
 
   return false;
 }
 
 // static
 const base::Feature CertVerifyProc::kSHA1LegacyMode{
     "SHA1LegacyMode", base::FEATURE_DISABLED_BY_DEFAULT};
 
+bool FillCertVerifyResultWeakSignature(X509Certificate::OSCertHandle cert,
+                                       bool is_leaf,
+                                       CertVerifyResult* verify_result) {
+  bool uses_weak_hash = true;
+
+  auto hash = X509Certificate::GetSignatureHashAlgorithm(cert);

[Ryan Sleevi, 2017/01/05 22:48:24]

Seems like this is skirting very close to the "Con" (banned) examples in
https://google.github.io/styleguide/cppguide.html#auto

I suspect you're relying on "When the type doesn't matter because it isn't being
used for anything other than equality comparison." but that's... subtle.

[eroman, 2017/01/05 23:36:30]

Done.

+  switch (hash) {
+    case X509Certificate::kSignatureHashAlgorithmMd2:
+      verify_result->has_md2 = true;
+      break;
+    case X509Certificate::kSignatureHashAlgorithmMd4:
+      verify_result->has_md4 = true;
+      break;
+    case X509Certificate::kSignatureHashAlgorithmMd5:
+      verify_result->has_md5 = true;
+      break;
+    case X509Certificate::kSignatureHashAlgorithmSha1:
+      verify_result->has_sha1 = true;
+      if (is_leaf)
+        verify_result->has_sha1_leaf = true;
+      break;
+    case X509Certificate::kSignatureHashAlgorithmOther:
+      uses_weak_hash = false;
+      break;
+  }
+
+  return uses_weak_hash;
+}
+
 }  // namespace net