From 9537462d030d6d1c4b7ff45da0cb6a2fc96c78fd Mon Sep 17 00:00:00 2001
From: Mikhail Atuchin <matuchin@brave.com>
Date: Thu, 10 Mar 2022 02:03:07 +0700
Subject: [PATCH 1/2] Enforce using a publisher proof for CRX3

---
 .../component_updater_service.cc              | 23 ++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/chromium_src/components/component_updater/component_updater_service.cc b/chromium_src/components/component_updater/component_updater_service.cc
index b535e9f6fda8..fa6e1c6e45c1 100644
--- a/chromium_src/components/component_updater/component_updater_service.cc
+++ b/chromium_src/components/component_updater/component_updater_service.cc
@@ -3,7 +3,24 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * you can obtain one at http://mozilla.org/MPL/2.0/. */
 
-#include "components/crx_file/crx_verifier.h"
-#define CRX3_WITH_PUBLISHER_PROOF CRX3
+#include "base/feature_list.h"
+#include "components/update_client/update_client.h"
+
+namespace {
+const base::Feature kEnforceCRX3PublisherProof{
+    "EnforceCRX3PublisherProof", base::FEATURE_ENABLED_BY_DEFAULT};
+
+crx_file::VerifierFormat GetVerifierFormat() {
+  if (base::FeatureList::IsEnabled(kEnforceCRX3PublisherProof))
+    return crx_file::VerifierFormat::CRX3_WITH_PUBLISHER_PROOF;
+
+  return crx_file::VerifierFormat::CRX3;
+}
+}  // namespace
+#define crx_format_requirement                  \
+  crx_format_requirement = GetVerifierFormat(); \
+  crx_file::VerifierFormat _temp_var;           \
+  ALLOW_UNUSED_LOCAL(_temp_var);                \
+  _temp_var
 #include "src/components/component_updater/component_updater_service.cc"
-#undef CRX3_WITH_PUBLISHER_PROOF
+#undef crx_format_requirement

From a9b2db3b4a2d9e3f327a750039c32e62deac5e2c Mon Sep 17 00:00:00 2001
From: Mikhail Atuchin <matuchin@brave.com>
Date: Mon, 14 Mar 2022 19:03:26 +0700
Subject: [PATCH 2/2] add new line

---
 .../components/component_updater/component_updater_service.cc    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/chromium_src/components/component_updater/component_updater_service.cc b/chromium_src/components/component_updater/component_updater_service.cc
index fa6e1c6e45c1..b701a36feabd 100644
--- a/chromium_src/components/component_updater/component_updater_service.cc
+++ b/chromium_src/components/component_updater/component_updater_service.cc
@@ -17,6 +17,7 @@ crx_file::VerifierFormat GetVerifierFormat() {
   return crx_file::VerifierFormat::CRX3;
 }
 }  // namespace
+
 #define crx_format_requirement                  \
   crx_format_requirement = GetVerifierFormat(); \
   crx_file::VerifierFormat _temp_var;           \