Remove residual support for SHA-1 public key pins.

net/http/transport_security_state.cc

Index: net/http/transport_security_state.cc
diff --git a/net/http/transport_security_state.cc b/net/http/transport_security_state.cc
index e5202c054e3265cb8f1d0e68b24d465fa4b6c773..d4d6f495199460c4af336f05ba4f5c5b3649a278 100644
--- a/net/http/transport_security_state.cc
+++ b/net/http/transport_security_state.cc
@@ -15,7 +15,6 @@
 #include "base/memory/ptr_util.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/metrics/sparse_histogram.h"
-#include "base/sha1.h"
 #include "base/stl_util.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_util.h"
@@ -152,12 +151,13 @@ bool GetHPKPReport(const HostPortPair& host_port_pair,
     std::string known_pin;
 
     switch (hash_value.tag) {
-      case HASH_VALUE_SHA1:
-        known_pin += "pin-sha1=";
-        break;
       case HASH_VALUE_SHA256:
         known_pin += "pin-sha256=";
         break;
+      default:
+        // Don't bother reporting about hash types we don't support. SHA-256 is
+        // the only standardized hash function for HPKP anyway.
+        continue;

[davidben, 2017/06/26 20:15:56]

Might be better to leave it case HASH_VALUE_SHA1 (at least until that enum value
is taken out altogether) with a NOTREACHED() + continue. That we can keep the
compiler warning us if we forget a case in the future.

[palmer, 2017/06/26 21:32:59]

I managed to get rid of all HASH_VALUE_SHA1, so I think we're good here now.

     }
 
     std::string base64_value;