[refactor] Extract the CertVerifyResult assignment of has_md2, has_md4,

net/cert/x509_certificate_ios.cc

Index: net/cert/x509_certificate_ios.cc
diff --git a/net/cert/x509_certificate_ios.cc b/net/cert/x509_certificate_ios.cc
index 737970768fbbeb59c9ec546c500ad3c7766b031c..18ce828df728c2f8447ebbbb91c5e22222da5a68 100644
--- a/net/cert/x509_certificate_ios.cc
+++ b/net/cert/x509_certificate_ios.cc
@@ -358,6 +358,29 @@ void X509Certificate::GetPublicKeyInfo(OSCertHandle os_cert,
   *size_bits = EVP_PKEY_bits(key);
 }
 
+// static
+X509Certificate::SignatureHashAlgorithm
+X509Certificate::GetSignatureHashAlgorithm(OSCertHandle cert_handle) {
+  bssl::UniquePtr<X509> cert = OSCertHandleToOpenSSL(cert_handle);
+  if (!cert)
+    return kSignatureHashAlgorithmOther;
+
+  // TODO(eroman): This duplicates code with x509_certificate_openssl.cc

[Ryan Sleevi, 2017/01/05 22:48:24]

x509_util_openssl is where we move the dupe code between these two (like the
name & date parsing)

[eroman, 2017/01/05 23:21:53]

Want me to extract as part of this CL or a follow-up?
(The code is duplicated today, I preserved that duplication in this refactor).

[eroman, 2017/01/05 23:36:31]

Thanks for the heads up, I will leave that to a follow-up.

+  int sig_alg = OBJ_obj2nid(cert->sig_alg->algorithm);
+  if (sig_alg == NID_md2WithRSAEncryption)
+    return kSignatureHashAlgorithmMd2;
+  if (sig_alg == NID_md4WithRSAEncryption)
+    return kSignatureHashAlgorithmMd4;
+  if (sig_alg == NID_md5WithRSAEncryption || sig_alg == NID_md5WithRSA)
+    return kSignatureHashAlgorithmMd5;
+  if (sig_alg == NID_sha1WithRSAEncryption || sig_alg == NID_dsaWithSHA ||
+      sig_alg == NID_dsaWithSHA1 || sig_alg == NID_dsaWithSHA1_2 ||
+      sig_alg == NID_sha1WithRSA || sig_alg == NID_ecdsa_with_SHA1) {
+    return kSignatureHashAlgorithmSha1;
+  }
+  return kSignatureHashAlgorithmOther;
+}
+
 bool X509Certificate::SupportsSSLClientAuth() const {
   return false;
 }