Fix certificate and keychain installation on Android.

net/base/cert_database_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/cert_database.h"
 
 #include <openssl/x509.h>
 
 #include "base/logging.h"
 #include "base/observer_list_threadsafe.h"
 #include "net/base/crypto_module.h"
 #include "net/base/net_errors.h"
 #include "net/base/openssl_private_key_store.h"
 #include "net/base/x509_certificate.h"
 
 namespace net {
 
 CertDatabase::CertDatabase()
     : observer_list_(new ObserverListThreadSafe<Observer>) {
 }
 
 CertDatabase::~CertDatabase() {}
 
+// NOTE: On Android, these two methods should _never_ be called.
+//
+// They are only used by the SSLAddCertHandler class on other platforms,
+// to handle veritication and installation of downloaded certificates.
+//
+// On Android, the certificate data is passed directly to the system's
+// CertInstaller activity, which handles verification, naming,
+// installation and UI (for success/failure).
+
 int CertDatabase::CheckUserCert(X509Certificate* cert) {
-  if (!cert)
-    return ERR_CERT_INVALID;
-  if (cert->HasExpired())
-    return ERR_CERT_DATE_INVALID;
-
-  if (!OpenSSLPrivateKeyStore::GetInstance()->FetchPrivateKey(
-      X509_PUBKEY_get(X509_get_X509_PUBKEY(cert->os_cert_handle()))))
-    return ERR_NO_PRIVATE_KEY_FOR_CERT;
-
-  return OK;
+  NOTIMPLEMENTED();

[digit1, 2012/11/26 21:41:35]

It turns out that this change will probably break the net unit tests on the
"linux_redux" build, so I've modified this to only return ERR_NOT_IMPLEMENTED on
OS_ANDROID.

+  return ERR_NOT_IMPLEMENTED;
 }
 
 int CertDatabase::AddUserCert(X509Certificate* cert) {
-  // TODO(bulach): implement me.
   NOTIMPLEMENTED();
   return ERR_NOT_IMPLEMENTED;
 }
 
 }  // namespace net