Index: net/cert/internal/verify_signed_data.cc |
diff --git a/net/cert/internal/verify_signed_data.cc b/net/cert/internal/verify_signed_data.cc |
index 8fd045b2a91dedc13878b7ab9071e2241664667e..28c8b7d273527555ae87aa3b6ed0842f06369cd7 100644 |
--- a/net/cert/internal/verify_signed_data.cc |
+++ b/net/cert/internal/verify_signed_data.cc |
@@ -40,6 +40,11 @@ WARN_UNUSED_RESULT bool GetDigest(DigestAlgorithm digest, const EVP_MD** out) { |
*out = nullptr; |
switch (digest) { |
+ case DigestAlgorithm::Md2: |
+ case DigestAlgorithm::Md4: |
+ case DigestAlgorithm::Md5: |
+ // Unsupported. |
+ break; |
case DigestAlgorithm::Sha1: |
*out = EVP_sha1(); |
break; |
@@ -292,6 +297,7 @@ bool VerifySignedData(const SignatureAlgorithm& signature_algorithm, |
const SignaturePolicy* policy, |
CertErrors* errors) { |
if (!policy->IsAcceptableSignatureAlgorithm(signature_algorithm, errors)) { |
+ // TODO(crbug.com/634443): Include the DER for the AlgorithmIdentifier |
errors->AddError(kUnacceptableSignatureAlgorithm); |
return false; |
} |