Refactor the assignment of CertVerifyResult::has_md2, etc.

net/cert/cert_verify_proc.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_CERT_CERT_VERIFY_PROC_H_
 #define NET_CERT_CERT_VERIFY_PROC_H_
 
 #include <string>
 #include <vector>
 
 #include "base/feature_list.h"
 #include "base/gtest_prod_util.h"
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "net/base/net_export.h"
 #include "net/cert/x509_cert_types.h"
-#include "net/cert/x509_certificate.h"
 
 namespace net {
 
 class CertVerifyResult;
 class CRLSet;
 class X509Certificate;
 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
 
 // Class to perform certificate path building and verification for various
 // certificate uses. All methods of this class must be thread-safe, as they
@@ skipping 58 matching lines @@
   FRIEND_TEST_ALL_PREFIXES(CertVerifyProcTest, DigiNotarCerts);
   FRIEND_TEST_ALL_PREFIXES(CertVerifyProcTest, TestHasTooLongValidity);
   FRIEND_TEST_ALL_PREFIXES(CertVerifyProcTest,
                            VerifyRejectsSHA1AfterDeprecationLegacyMode);
 
   // Performs the actual verification using the desired underlying
   //
   // On entry, |verify_result| will be default-initialized as a successful
   // validation, with |verify_result->verified_cert| set to |cert|.
   //
-  // Implementations are expected to fill in all applicable fields, excluding
-  // |ocsp_result|, which will be filled in by |Verify()|. If an error code is
-  // returned, |verify_result->cert_status| should be non-zero, indicating an
+  // Implementations are expected to fill in all applicable fields, excluding:
+  //
+  // * ocsp_result
+  // * has_md2
+  // * has_md4
+  // * has_md5
+  // * has_sha1
+  // * has_sha1_leaf
+  //
+  // which will be filled in by |Verify()|. If an error code is returned,
+  // |verify_result->cert_status| should be non-zero, indicating an
   // error occurred.
   //
   // On success, net::OK should be returned, with |verify_result| updated to
   // reflect the successfully verified chain.
   virtual int VerifyInternal(X509Certificate* cert,
                              const std::string& hostname,
                              const std::string& ocsp_response,
                              int flags,
                              CRLSet* crl_set,
                              const CertificateList& additional_trust_anchors,
@@ skipping 27 matching lines @@
   // (i.e. by 1 July 2019).
   static bool HasTooLongValidity(const X509Certificate& cert);
 
   // Emergency kill-switch for SHA-1 deprecation. Disabled by default.
   static const base::Feature kSHA1LegacyMode;
   const bool sha1_legacy_mode_enabled;
 
   DISALLOW_COPY_AND_ASSIGN(CertVerifyProc);
 };
 
-// Sets the weak signature hash fields of |verify_result| to true if
-// applicable for |cert|, otherwise does not modify them.
-//
-// The fields in question are: |has_md2|, |has_md4|, |has_md5|,|has_sha1| and
-// |has_sha1_leaf|.
-//
-// Returns the hash algorithm that was determined for |cert|.
-//
-// This function is intended to be used as a helper by platform-specific
-// CertVerifyProc implementations.
-X509Certificate::SignatureHashAlgorithm FillCertVerifyResultWeakSignature(
-    X509Certificate::OSCertHandle cert,
-    bool is_leaf,
-    CertVerifyResult* verify_result);
-
 }  // namespace net
 
 #endif  // NET_CERT_CERT_VERIFY_PROC_H_