diff --git a/src/net/BUILD.gn b/src/net/BUILD.gn index 39bf26e24a..4fe5fc2527 100644 --- a/src/net/BUILD.gn +++ b/src/net/BUILD.gn @@ -1138,7 +1138,6 @@ component("net") { "android/radio_activity_tracker.h", "android/traffic_stats.h", "cert/cert_verify_proc_android.h", - "cert/test_root_certs_android.cc", "proxy_resolution/proxy_config_service_android.h", ] } @@ -1178,6 +1177,7 @@ component("net") { "base/network_interfaces_linux.cc", "base/network_interfaces_linux.h", "base/platform_mime_util_linux.cc", + "cert/test_root_certs_builtin.cc", ] } diff --git a/src/net/cert/cert_verifier.cc b/src/net/cert/cert_verifier.cc index fed64dcccc..c8473ec1ac 100644 --- a/src/net/cert/cert_verifier.cc +++ b/src/net/cert/cert_verifier.cc @@ -78,7 +78,8 @@ bool CertVerifier::RequestParams::operator<( std::unique_ptr CertVerifier::CreateDefaultWithoutCaching( scoped_refptr cert_net_fetcher) { scoped_refptr verify_proc; -#if BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) +#if BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || \ + BUILDFLAG(IS_ANDROID) verify_proc = CertVerifyProc::CreateBuiltinVerifyProc(std::move(cert_net_fetcher)); #elif BUILDFLAG(BUILTIN_CERT_VERIFIER_FEATURE_SUPPORTED) diff --git a/src/net/cert/cert_verify_proc.cc b/src/net/cert/cert_verify_proc.cc index cb40c44e7f..de89c42ae6 100644 --- a/src/net/cert/cert_verify_proc.cc +++ b/src/net/cert/cert_verify_proc.cc @@ -52,7 +52,8 @@ #include "third_party/boringssl/src/include/openssl/pool.h" #include "url/url_canon.h" -#if BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_MAC) +#if BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_MAC) || \ + BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX) #include "net/cert/cert_verify_proc_builtin.h" #endif @@ -527,7 +528,8 @@ base::Value CertVerifyParams(X509Certificate* cert, } // namespace -#if !(BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)) +#if !(BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(IS_LINUX) || \ + BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_ANDROID)) // static scoped_refptr CertVerifyProc::CreateSystemVerifyProc( scoped_refptr cert_net_fetcher) { @@ -545,7 +547,8 @@ scoped_refptr CertVerifyProc::CreateSystemVerifyProc( } #endif -#if BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_MAC) +#if BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_MAC) || \ + BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX) // static scoped_refptr CertVerifyProc::CreateBuiltinVerifyProc( scoped_refptr cert_net_fetcher) { diff --git a/src/net/cert/cert_verify_proc.h b/src/net/cert/cert_verify_proc.h index 32e9fb1f8b..06ad3a7f16 100644 --- a/src/net/cert/cert_verify_proc.h +++ b/src/net/cert/cert_verify_proc.h @@ -80,14 +80,16 @@ class NET_EXPORT CertVerifyProc kMaxValue = kOther }; -#if !(BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)) +#if !(BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || \ + BUILDFLAG(IS_ANDROID)) // Creates and returns a CertVerifyProc that uses the system verifier. // |cert_net_fetcher| may not be used, depending on the implementation. static scoped_refptr CreateSystemVerifyProc( scoped_refptr cert_net_fetcher); #endif -#if BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_MAC) +#if BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_MAC) || \ + BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX) // Creates and returns a CertVerifyProcBuiltin using the SSL SystemTrustStore. static scoped_refptr CreateBuiltinVerifyProc( scoped_refptr cert_net_fetcher); diff --git a/src/net/cert/ev_root_ca_metadata.h b/src/net/cert/ev_root_ca_metadata.h index 9ce78dcb32..775ecea724 100644 --- a/src/net/cert/ev_root_ca_metadata.h +++ b/src/net/cert/ev_root_ca_metadata.h @@ -17,7 +17,7 @@ #include "net/cert/x509_certificate.h" #if BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_WIN) || BUILDFLAG(IS_APPLE) || \ - BUILDFLAG(IS_FUCHSIA) + BUILDFLAG(IS_FUCHSIA) || BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX) // When not defined, the EVRootCAMetadata singleton is a dumb placeholder // implementation that will fail all EV lookup operations. #define PLATFORM_USES_CHROMIUM_EV_METADATA