From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Keeley Hammond Date: Tue, 13 Jan 2026 13:26:29 -0800 Subject: fix: revert OS_Crypt Async in Cookie Encryption Electron 40/M144 uses os_crypt async by default for cookie store providers when using cookie encryption. We need time to properly implement this in Electron and make sure the async logic is working properly. This patch reverts the port of os_crypt async and falls back to the old sync logic to unlock Electron 40. This patch can be removed when os_crypt async is added to Electron. Revert "Reland "Port net::CookieCryptoDelegate to os_crypt async"" This reverts commit f01b115c7e21a09cc762f65bf7fd9c6ea9d9d0f8. diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn index 464b75de67b41f3a947af2cb885e1aada0f5869d..0272712c00c1e59d79d83e4b610482c79addd52e 100644 --- a/chrome/browser/BUILD.gn +++ b/chrome/browser/BUILD.gn @@ -740,6 +740,8 @@ static_library("browser") { "net/chrome_report_sender.h", "net/convert_explicitly_allowed_network_ports_pref.cc", "net/convert_explicitly_allowed_network_ports_pref.h", + "net/cookie_encryption_provider_impl.cc", + "net/cookie_encryption_provider_impl.h", "net/default_dns_over_https_config_source.cc", "net/default_dns_over_https_config_source.h", "net/dns_over_https_config_source.h", diff --git a/chrome/browser/extensions/chrome_extension_cookies.cc b/chrome/browser/extensions/chrome_extension_cookies.cc index fc13abe302557d38cfce798d46551989337abb2c..22eac75cf685039796ecf40e7d86c9f54084a08b 100644 --- a/chrome/browser/extensions/chrome_extension_cookies.cc +++ b/chrome/browser/extensions/chrome_extension_cookies.cc @@ -6,7 +6,6 @@ #include -#include "chrome/browser/browser_process.h" #include "chrome/browser/content_settings/cookie_settings_factory.h" #include "chrome/browser/content_settings/host_content_settings_map_factory.h" #include "chrome/browser/extensions/chrome_extension_cookies_factory.h" @@ -49,9 +48,7 @@ ChromeExtensionCookies::ChromeExtensionCookies(Profile* profile) profile_->GetPath().Append(chrome::kExtensionsCookieFilename), profile_->ShouldRestoreOldSessionCookies(), profile_->ShouldPersistSessionCookies())); - creation_config->crypto_delegate = cookie_config::GetCookieCryptoDelegate( - g_browser_process->os_crypt_async(), - content::GetUIThreadTaskRunner({})); + creation_config->crypto_delegate = cookie_config::GetCookieCryptoDelegate(); } creation_config->cookieable_schemes.push_back(extensions::kExtensionScheme); diff --git a/chrome/browser/net/chrome_network_service_browsertest.cc b/chrome/browser/net/chrome_network_service_browsertest.cc index fa37d56b3a3b1e324ca121992fd7b54a945d75f7..05d4d5eaecf119a956210539f601b8f437aaa788 100644 --- a/chrome/browser/net/chrome_network_service_browsertest.cc +++ b/chrome/browser/net/chrome_network_service_browsertest.cc @@ -5,7 +5,6 @@ #include "base/feature_list.h" #include "base/files/file_path.h" #include "base/files/file_util.h" -#include "base/task/sequenced_task_runner.h" #include "base/test/bind.h" #include "base/test/scoped_feature_list.h" #include "base/threading/thread_restrictions.h" @@ -20,7 +19,6 @@ #include "chrome/test/base/in_process_browser_test.h" #include "chrome/test/base/ui_test_utils.h" #include "components/cookie_config/cookie_store_util.h" -#include "components/os_crypt/async/browser/test_utils.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/network_service_instance.h" #include "content/public/browser/network_service_util.h" @@ -139,16 +137,10 @@ class ChromeNetworkServiceBrowserTest IN_PROC_BROWSER_TEST_P(ChromeNetworkServiceBrowserTest, PRE_PRE_EncryptedCookies) { // These test is only valid if crypto is enabled on the platform. - auto os_crypt_async = os_crypt_async::GetTestOSCryptAsyncForTesting( - /*is_sync_for_unittests=*/true); - auto crypto_delegate = cookie_config::GetCookieCryptoDelegate( - os_crypt_async.get(), base::SequencedTaskRunner::GetCurrentDefault()); + auto crypto_delegate = cookie_config::GetCookieCryptoDelegate(); if (!crypto_delegate) { GTEST_SKIP() << "No crypto on this platform."; } - base::RunLoop run_loop; - crypto_delegate->Init(run_loop.QuitClosure()); - run_loop.Run(); std::string ciphertext; crypto_delegate->EncryptString(kCookieValue, &ciphertext); ASSERT_NE(ciphertext, kCookieValue) << "Crypto should really encrypt."; diff --git a/services/network/public/cpp/cookie_encryption_provider_impl.cc b/chrome/browser/net/cookie_encryption_provider_impl.cc similarity index 71% rename from services/network/public/cpp/cookie_encryption_provider_impl.cc rename to chrome/browser/net/cookie_encryption_provider_impl.cc index 52fedf2057b963951be560a362fec28208c2a4b5..3f770666618f2df56b8cd6855766418d319481f0 100644 --- a/services/network/public/cpp/cookie_encryption_provider_impl.cc +++ b/chrome/browser/net/cookie_encryption_provider_impl.cc @@ -1,19 +1,18 @@ -// Copyright 2025 The Chromium Authors +// Copyright 2024 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "services/network/public/cpp/cookie_encryption_provider_impl.h" +#include "chrome/browser/net/cookie_encryption_provider_impl.h" +#include "chrome/browser/browser_process.h" #include "components/os_crypt/async/browser/os_crypt_async.h" -CookieEncryptionProviderImpl::CookieEncryptionProviderImpl( - os_crypt_async::OSCryptAsync* os_crypt_async) - : os_crypt_async_(os_crypt_async) {} +CookieEncryptionProviderImpl::CookieEncryptionProviderImpl() = default; CookieEncryptionProviderImpl::~CookieEncryptionProviderImpl() = default; void CookieEncryptionProviderImpl::GetEncryptor(GetEncryptorCallback callback) { - os_crypt_async_->GetInstance(base::BindOnce( + g_browser_process->os_crypt_async()->GetInstance(base::BindOnce( [](GetEncryptorCallback callback, os_crypt_async::Encryptor encryptor) { std::move(callback).Run(std::move(encryptor)); }, diff --git a/services/network/public/cpp/cookie_encryption_provider_impl.h b/chrome/browser/net/cookie_encryption_provider_impl.h similarity index 65% rename from services/network/public/cpp/cookie_encryption_provider_impl.h rename to chrome/browser/net/cookie_encryption_provider_impl.h index 8f80cabd7c919c682e603ff6af0c12ae4431e366..68df8a7a04e9a8455b7143432173d9e48dc1ea5e 100644 --- a/services/network/public/cpp/cookie_encryption_provider_impl.h +++ b/chrome/browser/net/cookie_encryption_provider_impl.h @@ -1,27 +1,20 @@ -// Copyright 2025 The Chromium Authors +// Copyright 2024 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_ -#define SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_ +#ifndef CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_ +#define CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_ -#include "base/component_export.h" -#include "base/memory/raw_ptr.h" #include "components/os_crypt/async/common/encryptor.h" #include "mojo/public/cpp/bindings/receiver_set.h" #include "services/network/public/mojom/cookie_encryption_provider.mojom.h" -namespace os_crypt_async { -class OSCryptAsync; -} - // Implementation of CookieEncryptionProvider interface. This is Windows only // for now, but will be expanded to other platforms in future. -class COMPONENT_EXPORT(NETWORK_CPP) CookieEncryptionProviderImpl +class CookieEncryptionProviderImpl : public network::mojom::CookieEncryptionProvider { public: - explicit CookieEncryptionProviderImpl( - os_crypt_async::OSCryptAsync* os_crypt_async); + CookieEncryptionProviderImpl(); ~CookieEncryptionProviderImpl() override; CookieEncryptionProviderImpl(const CookieEncryptionProviderImpl&) = delete; @@ -37,7 +30,6 @@ class COMPONENT_EXPORT(NETWORK_CPP) CookieEncryptionProviderImpl private: mojo::ReceiverSet receivers_; - raw_ptr os_crypt_async_; }; -#endif // SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_ +#endif // CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_ diff --git a/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc b/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc index b862afe7663111a6cbd342d33723942770bb0490..9dc46cedb109cea63bf71aa43fc7a2b64730ed12 100644 --- a/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc +++ b/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc @@ -13,6 +13,7 @@ #include "base/test/test_future.h" #include "build/config/linux/dbus/buildflags.h" #include "chrome/browser/browser_features.h" +#include "chrome/browser/net/cookie_encryption_provider_impl.h" #include "chrome/browser/policy/chrome_browser_policy_connector.h" #include "chrome/browser/profiles/profile.h" #include "chrome/browser/ui/browser.h" @@ -25,7 +26,6 @@ #include "content/public/test/browser_test.h" #include "content/public/test/test_launcher.h" #include "net/cookies/canonical_cookie.h" -#include "services/network/public/cpp/cookie_encryption_provider_impl.h" #include "services/network/public/mojom/cookie_manager.mojom.h" #include "services/network/public/mojom/network_context.mojom.h" #include "testing/gtest/include/gtest/gtest.h" diff --git a/chrome/browser/net/system_network_context_manager.cc b/chrome/browser/net/system_network_context_manager.cc index 0f49109d35e6af1416f402baaa1aed64311f0ace..cd669a8deae1687877a75a05fa9c4c7b52720246 100644 --- a/chrome/browser/net/system_network_context_manager.cc +++ b/chrome/browser/net/system_network_context_manager.cc @@ -919,13 +919,8 @@ void SystemNetworkContextManager::DisableQuic() { void SystemNetworkContextManager:: AddCookieEncryptionManagerToNetworkContextParams( network::mojom::NetworkContextParams* network_context_params) { - if (!cookie_encryption_provider_) { - cookie_encryption_provider_ = - std::make_unique( - g_browser_process->os_crypt_async()); - } network_context_params->cookie_encryption_provider = - cookie_encryption_provider_->BindNewRemote(); + cookie_encryption_provider_.BindNewRemote(); } void SystemNetworkContextManager::AddSSLConfigToNetworkContextParams( diff --git a/chrome/browser/net/system_network_context_manager.h b/chrome/browser/net/system_network_context_manager.h index 611833bce86135d792670a2cbfbfc661bcedf8dd..6d39b73f77d294ec21aa2d9c328e7f1fa9aad47d 100644 --- a/chrome/browser/net/system_network_context_manager.h +++ b/chrome/browser/net/system_network_context_manager.h @@ -14,6 +14,7 @@ #include "base/memory/raw_ptr.h" #include "base/memory/scoped_refptr.h" #include "chrome/browser/net/cert_verifier_service_time_updater.h" +#include "chrome/browser/net/cookie_encryption_provider_impl.h" #include "chrome/browser/net/proxy_config_monitor.h" #include "chrome/browser/net/stub_resolver_config_reader.h" #include "chrome/browser/ssl/ssl_config_service_manager.h" @@ -23,7 +24,6 @@ #include "mojo/public/cpp/bindings/pending_receiver.h" #include "mojo/public/cpp/bindings/remote.h" #include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom-forward.h" -#include "services/network/public/cpp/cookie_encryption_provider_impl.h" #include "services/network/public/mojom/host_resolver.mojom-forward.h" #include "services/network/public/mojom/network_context.mojom.h" #include "services/network/public/mojom/network_service.mojom.h" @@ -303,7 +303,7 @@ class SystemNetworkContextManager { GssapiLibraryLoadObserver gssapi_library_loader_observer_{this}; #endif // BUILDFLAG(IS_LINUX) - std::unique_ptr cookie_encryption_provider_; + CookieEncryptionProviderImpl cookie_encryption_provider_; std::unique_ptr cert_verifier_time_updater_; }; diff --git a/components/cookie_config/BUILD.gn b/components/cookie_config/BUILD.gn index e348b0d1a59470c5cf153ae02e420b9dd6bd1892..a7a51003386fe7b62aaf5b7008c63acefd428942 100644 --- a/components/cookie_config/BUILD.gn +++ b/components/cookie_config/BUILD.gn @@ -13,7 +13,7 @@ component("cookie_config") { public_deps = [ "//base" ] deps = [ - "//components/os_crypt/async/browser", + "//components/os_crypt/sync", "//net:extras", ] } diff --git a/components/cookie_config/DEPS b/components/cookie_config/DEPS index 2c847bf159af83cd12bb343deff0cae9957a4183..a428c0b502bee622fbc7eff7d83a2e8500c058df 100644 --- a/components/cookie_config/DEPS +++ b/components/cookie_config/DEPS @@ -1,4 +1,4 @@ include_rules = [ - "+components/os_crypt/async", + "+components/os_crypt/sync", "+net/extras/sqlite", ] diff --git a/components/cookie_config/cookie_store_util.cc b/components/cookie_config/cookie_store_util.cc index 55742de998756cbcd686d13a77b2a695eda06884..e7efdfe3a5ecae3b5461bba469f0377b3c920b21 100644 --- a/components/cookie_config/cookie_store_util.cc +++ b/components/cookie_config/cookie_store_util.cc @@ -5,12 +5,8 @@ #include "components/cookie_config/cookie_store_util.h" #include "base/functional/callback.h" -#include "base/memory/scoped_refptr.h" -#include "base/memory/weak_ptr.h" -#include "base/task/sequenced_task_runner.h" #include "build/build_config.h" -#include "components/os_crypt/async/browser/os_crypt_async.h" -#include "components/os_crypt/async/common/encryptor.h" +#include "components/os_crypt/sync/os_crypt.h" #include "net/extras/sqlite/cookie_crypto_delegate.h" namespace cookie_config { @@ -19,123 +15,40 @@ namespace cookie_config { BUILDFLAG(IS_CHROMEOS) namespace { -void OnOsCryptReadyOnUi( - base::OnceCallback callback, - scoped_refptr task_runner, - os_crypt_async::Encryptor encryptor) { - task_runner->PostTask( - FROM_HERE, base::BindOnce(std::move(callback), std::move(encryptor))); -} - -void InitOnUi(base::OnceCallback callback, - os_crypt_async::OSCryptAsync* os_crypt_async, - scoped_refptr task_runner) { - os_crypt_async->GetInstance( - base::BindOnce(&OnOsCryptReadyOnUi, std::move(callback), - std::move(task_runner)), - os_crypt_async::Encryptor::Option::kEncryptSyncCompat); -} - // Use the operating system's mechanisms to encrypt cookies before writing // them to persistent store. Currently this only is done with desktop OS's // because ChromeOS and Android already protect the entire profile contents. class CookieOSCryptoDelegate : public net::CookieCryptoDelegate { public: - CookieOSCryptoDelegate( - os_crypt_async::OSCryptAsync* os_crypt_async, - scoped_refptr ui_task_runner); - - CookieOSCryptoDelegate(const CookieOSCryptoDelegate&) = delete; - CookieOSCryptoDelegate& operator=(const CookieOSCryptoDelegate&) = delete; - - ~CookieOSCryptoDelegate() override; - - // net::CookieCryptoDelegate implementation: void Init(base::OnceClosure callback) override; bool EncryptString(const std::string& plaintext, std::string* ciphertext) override; bool DecryptString(const std::string& ciphertext, std::string* plaintext) override; - - private: - void OnOsCryptReady(os_crypt_async::Encryptor encryptor); - - raw_ptr os_crypt_async_; - scoped_refptr ui_task_runner_; - std::optional encryptor_; - - bool initializing_ = false; - std::vector init_callbacks_; - - base::WeakPtrFactory weak_ptr_factory_{this}; }; -CookieOSCryptoDelegate::CookieOSCryptoDelegate( - os_crypt_async::OSCryptAsync* os_crypt_async, - scoped_refptr ui_task_runner) - : os_crypt_async_(os_crypt_async), ui_task_runner_(ui_task_runner) {} - -CookieOSCryptoDelegate::~CookieOSCryptoDelegate() = default; - void CookieOSCryptoDelegate::Init(base::OnceClosure callback) { - if (encryptor_.has_value()) { - std::move(callback).Run(); - return; - } - - init_callbacks_.emplace_back(std::move(callback)); - if (initializing_) { - return; - } - initializing_ = true; - - // PostTaskAndReplyWithResult can't be used here because - // OSCryptAsync::GetInstance() is async. - ui_task_runner_->PostTask( - FROM_HERE, - base::BindOnce(&InitOnUi, - base::BindOnce(&CookieOSCryptoDelegate::OnOsCryptReady, - weak_ptr_factory_.GetWeakPtr()), - os_crypt_async_, - base::SequencedTaskRunner::GetCurrentDefault())); - os_crypt_async_ = nullptr; + std::move(callback).Run(); } bool CookieOSCryptoDelegate::EncryptString(const std::string& plaintext, std::string* ciphertext) { - CHECK(encryptor_) << "EncryptString called before Init completed"; - return encryptor_->EncryptString(plaintext, ciphertext); + return OSCrypt::EncryptString(plaintext, ciphertext); } bool CookieOSCryptoDelegate::DecryptString(const std::string& ciphertext, std::string* plaintext) { - CHECK(encryptor_) << "DecryptString called before Init completed"; - return encryptor_->DecryptString(ciphertext, plaintext); -} - -void CookieOSCryptoDelegate::OnOsCryptReady( - os_crypt_async::Encryptor encryptor) { - encryptor_ = std::move(encryptor); - initializing_ = false; - for (auto& callback : init_callbacks_) { - std::move(callback).Run(); - } - init_callbacks_.clear(); + return OSCrypt::DecryptString(ciphertext, plaintext); } } // namespace -std::unique_ptr GetCookieCryptoDelegate( - os_crypt_async::OSCryptAsync* os_crypt_async, - scoped_refptr ui_task_runner) { - return std::make_unique(os_crypt_async, - ui_task_runner); +std::unique_ptr GetCookieCryptoDelegate() { + return std::make_unique(); } #else // BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC) || BUILDFLAG(IS_LINUX) || // BUILDFLAG(IS_CHROMEOS) -std::unique_ptr GetCookieCryptoDelegate( - os_crypt_async::OSCryptAsync* os_crypt_async, - scoped_refptr ui_task_runner) { +std::unique_ptr GetCookieCryptoDelegate() { return nullptr; } #endif // BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC) || BUILDFLAG(IS_LINUX) || diff --git a/components/cookie_config/cookie_store_util.h b/components/cookie_config/cookie_store_util.h index 9d142e9f13fb0d30d5795c2a82f2cbc5274d381c..1e1b7ebc234d7e3f981e023fe49cd0b13ed62c6e 100644 --- a/components/cookie_config/cookie_store_util.h +++ b/components/cookie_config/cookie_store_util.h @@ -8,28 +8,17 @@ #include #include "base/component_export.h" -#include "base/memory/scoped_refptr.h" - -namespace base { -class SequencedTaskRunner; -} namespace net { class CookieCryptoDelegate; } // namespace net -namespace os_crypt_async { -class OSCryptAsync; -} // namespace os_crypt_async - namespace cookie_config { // Factory method for returning a CookieCryptoDelegate if one is appropriate for // this platform. COMPONENT_EXPORT(COMPONENTS_COOKIE_CONFIG) -std::unique_ptr GetCookieCryptoDelegate( - os_crypt_async::OSCryptAsync* os_crypt_async, - scoped_refptr ui_task_runner); +std::unique_ptr GetCookieCryptoDelegate(); } // namespace cookie_config diff --git a/components/os_crypt/sync/BUILD.gn b/components/os_crypt/sync/BUILD.gn index bb308187837371ecfa2482affaf35ac7ed98c1f3..1e554fe95b0521a883ced83fc67f5d52a3d45759 100644 --- a/components/os_crypt/sync/BUILD.gn +++ b/components/os_crypt/sync/BUILD.gn @@ -12,7 +12,13 @@ component("sync") { visibility = [ "//electron:*", "//chrome/browser", + "//chrome/browser/prefs:impl", + "//chrome/browser/ui", + "//chrome/browser/web_applications", "//chrome/test:test_support", + "//components/autofill/content/browser", + "//components/cookie_config", + "//components/gcm_driver", "//components/os_crypt/async/browser:dpapi_key_provider", "//components/os_crypt/async/browser:freedesktop_secret_key_provider", "//components/os_crypt/async/browser:keychain_key_provider", @@ -22,18 +28,24 @@ component("sync") { "//components/os_crypt/async/common:unit_tests", "//components/os_crypt/sync:test_support", "//components/os_crypt/sync:unit_tests", + "//components/password_manager/core/browser", + "//components/password_manager/core/browser:hash_password_manager", + "//components/password_manager/core/browser:unit_tests", + "//components/password_manager/core/browser/password_store:password_store_impl", + "//components/password_manager/core/browser/password_store:unit_tests", "//components/signin/core/browser", "//components/sync:unit_tests", "//components/sync/nigori", "//components/sync/service", + "//components/trusted_vault", + "//components/trusted_vault:unit_tests", + "//content/browser", "//headless:headless_non_renderer", + "//headless:headless_shell_lib", "//ios/chrome/browser/web/model:web_internal", "//services/network:network_service", "//services/test/echo:lib", ] - if (is_mac) { - visibility += [ "//headless:headless_shell_lib" ] - } sources = [ "os_crypt.h", diff --git a/headless/BUILD.gn b/headless/BUILD.gn index 3b7ac1e77fb8f1696e6fea46e5e76fd05151b6c0..fa9731f028cf2e2ba7c821e67d3fca95f3e16f36 100644 --- a/headless/BUILD.gn +++ b/headless/BUILD.gn @@ -373,7 +373,6 @@ component("headless_non_renderer") { "//components/keyed_service/content", "//components/origin_trials:browser", "//components/origin_trials:common", - "//components/os_crypt/async/browser", "//components/os_crypt/sync", "//components/policy:generated", "//components/policy/content", diff --git a/headless/lib/browser/DEPS b/headless/lib/browser/DEPS index 75d0960a5964fabf518d0b8b2f67e29e9b3d6fe6..8261f1ab27597459726063cc6faa2a5ed0bfce17 100644 --- a/headless/lib/browser/DEPS +++ b/headless/lib/browser/DEPS @@ -44,7 +44,6 @@ specific_include_rules = { "headless_browser_impl.*": [ "+services/device/public/cpp/geolocation/system_geolocation_source_apple.h", "+services/device/public/cpp/geolocation/geolocation_system_permission_manager.h", - "+components/os_crypt/async", "+components/password_manager/core/browser/password_manager_switches.h", "+components/policy", "+components/prefs", @@ -53,9 +52,6 @@ specific_include_rules = { "+components/metrics", "+components/variations", ], - "headless_request_context_manager.cc": [ - "+components/os_crypt/async/browser", - ], "headless_browser_impl_unittest.cc": [ "+third_party/blink/public/common/features.h", ], diff --git a/headless/lib/browser/headless_browser_context_impl.cc b/headless/lib/browser/headless_browser_context_impl.cc index f664e9994a3c38ef2aa30773f6ca4668451dd76c..ad83a721a8bf17225af7d2c5954ecdd82cf8e1dc 100644 --- a/headless/lib/browser/headless_browser_context_impl.cc +++ b/headless/lib/browser/headless_browser_context_impl.cc @@ -77,7 +77,7 @@ HeadlessBrowserContextImpl::HeadlessBrowserContextImpl( ? base::FilePath() : path_; request_context_manager_ = std::make_unique( - context_options_.get(), user_data_path, browser->os_crypt_async()); + context_options_.get(), user_data_path); profile_metrics::SetBrowserProfileType( this, IsOffTheRecord() ? profile_metrics::BrowserProfileType::kIncognito : profile_metrics::BrowserProfileType::kRegular); diff --git a/headless/lib/browser/headless_browser_impl.cc b/headless/lib/browser/headless_browser_impl.cc index f0c79ccd63e102c4ef51535f476ceddc6c5156a9..c1e9430b3f5b67338f204ca5563a02c2da87cd49 100644 --- a/headless/lib/browser/headless_browser_impl.cc +++ b/headless/lib/browser/headless_browser_impl.cc @@ -16,8 +16,6 @@ #include "base/task/single_thread_task_runner.h" #include "build/config/linux/dbus/buildflags.h" #include "components/embedder_support/user_agent_utils.h" -#include "components/os_crypt/async/browser/os_crypt_async.h" -#include "components/os_crypt/async/common/encryptor.h" #include "components/version_info/version_info.h" #include "content/public/browser/browser_task_traits.h" #include "content/public/browser/browser_thread.h" @@ -212,8 +210,7 @@ void HeadlessBrowserImpl::SetDefaultBrowserContext( if (default_browser_context_ && !system_request_context_manager_) { system_request_context_manager_ = HeadlessRequestContextManager::CreateSystemContext( - HeadlessBrowserContextImpl::From(browser_context)->options(), - os_crypt_async()); + HeadlessBrowserContextImpl::From(browser_context)->options()); } } @@ -269,8 +266,6 @@ bool HeadlessBrowserImpl::ShouldStartDevToolsServer() { } void HeadlessBrowserImpl::PreMainMessageLoopRun() { - CreateOSCryptAsync(); - platform_delegate_->Initialize(options_.value()); // We don't support the tethering domain on this agent host. @@ -287,7 +282,6 @@ void HeadlessBrowserImpl::WillRunMainMessageLoop(base::RunLoop& run_loop) { } void HeadlessBrowserImpl::PostMainMessageLoopRun() { - os_crypt_async_.reset(); #if defined(HEADLESS_USE_PREFS) if (local_state_) { local_state_->CommitPendingWrite(); diff --git a/headless/lib/browser/headless_browser_impl.h b/headless/lib/browser/headless_browser_impl.h index 1d9ba1861de0065cb059710fab7b619c0df55216..69056c94a348566e2d080307c794e5dd28322dff 100644 --- a/headless/lib/browser/headless_browser_impl.h +++ b/headless/lib/browser/headless_browser_impl.h @@ -31,9 +31,11 @@ class PolicyService; class PrefService; #endif -namespace os_crypt_async { -class OSCryptAsync; -} +#if BUILDFLAG(IS_MAC) +namespace device { +class GeolocationSystemPermissionManager; +} // namespace device +#endif namespace ui { class Compositor; @@ -99,10 +101,6 @@ class HEADLESS_EXPORT HeadlessBrowserImpl : public HeadlessBrowser { int exit_code() const { return exit_code_; } - os_crypt_async::OSCryptAsync* os_crypt_async() { - return os_crypt_async_.get(); - } - #if defined(HEADLESS_USE_PREFS) void CreatePrefService(); PrefService* GetPrefs(); @@ -121,8 +119,6 @@ class HEADLESS_EXPORT HeadlessBrowserImpl : public HeadlessBrowser { int exit_code_ = 0; - std::unique_ptr os_crypt_async_; - base::flat_map> browser_contexts_; raw_ptr diff --git a/headless/lib/browser/headless_request_context_manager.cc b/headless/lib/browser/headless_request_context_manager.cc index 6c4ce0a6fa6624cace08bfdb2c62b12836a744fa..fe1a11f94a709400434fb41a5bdcdb8f4d47a959 100644 --- a/headless/lib/browser/headless_request_context_manager.cc +++ b/headless/lib/browser/headless_request_context_manager.cc @@ -11,7 +11,6 @@ #include "base/task/single_thread_task_runner.h" #include "build/build_config.h" #include "components/embedder_support/switches.h" -#include "components/os_crypt/async/browser/os_crypt_async.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/network_service_instance.h" #include "headless/lib/browser/headless_browser_context_options.h" @@ -138,10 +137,9 @@ class HeadlessProxyConfigMonitor // static std::unique_ptr HeadlessRequestContextManager::CreateSystemContext( - const HeadlessBrowserContextOptions* options, - os_crypt_async::OSCryptAsync* os_crypt_async) { + const HeadlessBrowserContextOptions* options) { auto manager = std::make_unique( - options, base::FilePath(), os_crypt_async); + options, base::FilePath()); base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); auto auth_params = ::network::mojom::HttpAuthDynamicParams::New(); @@ -172,8 +170,7 @@ HeadlessRequestContextManager::CreateSystemContext( HeadlessRequestContextManager::HeadlessRequestContextManager( const HeadlessBrowserContextOptions* options, - base::FilePath user_data_path, - os_crypt_async::OSCryptAsync* os_crypt_async) + base::FilePath user_data_path) : // On Windows, Cookie encryption requires access to local_state prefs. #if BUILDFLAG(IS_WIN) && !defined(HEADLESS_USE_PREFS) @@ -183,7 +180,6 @@ HeadlessRequestContextManager::HeadlessRequestContextManager( !base::CommandLine::ForCurrentProcess()->HasSwitch( switches::kDisableCookieEncryption)), #endif - os_crypt_async_(os_crypt_async), user_data_path_(std::move(user_data_path)), disk_cache_dir_(options->disk_cache_dir()), accept_language_(options->accept_language()), @@ -192,10 +188,6 @@ HeadlessRequestContextManager::HeadlessRequestContextManager( options->proxy_config() ? std::make_unique(*options->proxy_config()) : nullptr) { - if (cookie_encryption_enabled_) { - cookie_encryption_provider_ = - std::make_unique(os_crypt_async_.get()); - } if (!proxy_config_) { base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); if (command_line->HasSwitch(switches::kNoSystemProxyConfigService)) { @@ -240,10 +232,6 @@ void HeadlessRequestContextManager::ConfigureNetworkContextParamsInternal( if (!user_data_path_.empty()) { context_params->enable_encrypted_cookies = cookie_encryption_enabled_; - if (cookie_encryption_enabled_) { - context_params->cookie_encryption_provider = - cookie_encryption_provider_->BindNewRemote(); - } context_params->file_paths = ::network::mojom::NetworkContextFilePaths::New(); context_params->file_paths->data_directory = diff --git a/headless/lib/browser/headless_request_context_manager.h b/headless/lib/browser/headless_request_context_manager.h index 91d74eaadd9f4d451e809b38a2f999b298068820..e45427ce90f909e609688ab59f4581b185b6757e 100644 --- a/headless/lib/browser/headless_request_context_manager.h +++ b/headless/lib/browser/headless_request_context_manager.h @@ -13,13 +13,8 @@ #include "content/public/browser/browser_context.h" #include "mojo/public/cpp/bindings/pending_remote.h" #include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom-forward.h" -#include "services/network/public/cpp/cookie_encryption_provider_impl.h" #include "services/network/public/mojom/network_context.mojom.h" -namespace os_crypt_async { -class OSCryptAsync; -} - namespace headless { class HeadlessBrowserContextOptions; @@ -28,12 +23,10 @@ class HeadlessProxyConfigMonitor; class HeadlessRequestContextManager { public: static std::unique_ptr CreateSystemContext( - const HeadlessBrowserContextOptions* options, - os_crypt_async::OSCryptAsync* os_crypt_async); + const HeadlessBrowserContextOptions* options); HeadlessRequestContextManager(const HeadlessBrowserContextOptions* options, - base::FilePath user_data_path, - os_crypt_async::OSCryptAsync* os_crypt_async); + base::FilePath user_data_path); HeadlessRequestContextManager(const HeadlessRequestContextManager&) = delete; HeadlessRequestContextManager& operator=( @@ -56,15 +49,12 @@ class HeadlessRequestContextManager { const bool cookie_encryption_enabled_; - const raw_ptr os_crypt_async_; - base::FilePath user_data_path_; base::FilePath disk_cache_dir_; std::string accept_language_; std::string user_agent_; std::unique_ptr proxy_config_; std::unique_ptr proxy_config_monitor_; - std::unique_ptr cookie_encryption_provider_; mojo::PendingRemote<::network::mojom::NetworkContext> system_context_; }; diff --git a/services/network/network_context.cc b/services/network/network_context.cc index 53cee001783f11a6364e66e4845c95eb27113285..24263b12793249fe823d62e62e7751ce9cdb6aa2 100644 --- a/services/network/network_context.cc +++ b/services/network/network_context.cc @@ -3252,12 +3252,7 @@ NetworkContext::MakeSessionCleanupCookieStore() const { crypto_delegate = std::make_unique( std::move(params_->cookie_encryption_provider)); } else { -#if !BUILDFLAG(IS_ANDROID) - // A cookie crypto delegate should not be created on Android to - // match the behavior of cookie_config::GetCookieCryptoDelegate(). - // See https://crbug.com/449652881 - NOTREACHED(); -#endif + crypto_delegate = cookie_config::GetCookieCryptoDelegate(); } } diff --git a/services/network/public/cpp/BUILD.gn b/services/network/public/cpp/BUILD.gn index b48bdf27cd97142ceebc1f0b769b502bf037ce36..3b1424b6df37aa4a3cd341e8b89524e34480d4ac 100644 --- a/services/network/public/cpp/BUILD.gn +++ b/services/network/public/cpp/BUILD.gn @@ -69,8 +69,6 @@ component("cpp") { "content_decoding_interceptor.h", "content_language_parser.cc", "content_language_parser.h", - "cookie_encryption_provider_impl.cc", - "cookie_encryption_provider_impl.h", "cors/cors.cc", "cors/cors.h", "cors/origin_access_list.cc", @@ -187,8 +185,6 @@ component("cpp") { deps = [ "//base", "//components/link_header_util", - "//components/os_crypt/async/browser", - "//components/os_crypt/async/common", "//components/prefs", "//ipc", "//net", diff --git a/services/network/public/mojom/network_context.mojom b/services/network/public/mojom/network_context.mojom index b78bde54c454a986ae8b2ed68bf0cf5a3d10568f..23c76697cc74f342b8c6786ec62b257ad1c2efd8 100644 --- a/services/network/public/mojom/network_context.mojom +++ b/services/network/public/mojom/network_context.mojom @@ -573,9 +573,10 @@ struct NetworkContextParams { bool acam_preflight_spec_conformant = true; // Sets the cookie encryption provider to be used by this network context if - // `enable_encrypted_cookies` is enabled. - // The `GetEncryptor` method on the supplied `cookie_encryption_provider` is - // called to obtain a valid set of keys for cookie encryption. + // `enable_encrypted_cookies` is also enabled. + // If both are set then the `GetEncryptor` method on the supplied + // `cookie_encryption_provider` is called to obtain a valid set of keys for + // cookie encryption. pending_remote? cookie_encryption_provider; // Enables Device Bound Session Credential for this network context.