github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-04-10 03:01:51 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
27b3a323074fcee55ea2baa361c66a65d2245a9e
electron/patches/chromium/fix_os_crypt_async_cookie_encryption.patch
Charles Kerr 27b3a32307 chore: update patches (#49399)
2026-01-14 22:33:23 -08:00

791 lines
35 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Keeley Hammond <khammond@slack-corp.com>
Date: Tue, 13 Jan 2026 13:26:29 -0800
Subject: fix: revert OS_Crypt Async in Cookie Encryption
Electron 40/M144 uses os_crypt async by default for cookie store
providers when using cookie encryption. We need time to properly
implement this in Electron and make sure the async logic is
working properly.
This patch reverts the port of os_crypt async and falls back to
the old sync logic to unlock Electron 40. This patch can be removed
when os_crypt async is added to Electron.
Revert "Reland "Port net::CookieCryptoDelegate to os_crypt async""
This reverts commit f01b115c7e21a09cc762f65bf7fd9c6ea9d9d0f8.
diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn
index 64406ad9f27a98ce24ac6ece0add705a0eb1fe4e..d70277ec08aefab230a332beff2fc85c6b514a8a 100644
--- a/chrome/browser/BUILD.gn
+++ b/chrome/browser/BUILD.gn
@@ -732,6 +732,8 @@ static_library("browser") {
"net/chrome_report_sender.h",
"net/convert_explicitly_allowed_network_ports_pref.cc",
"net/convert_explicitly_allowed_network_ports_pref.h",
+ "net/cookie_encryption_provider_impl.cc",
+ "net/cookie_encryption_provider_impl.h",
"net/default_dns_over_https_config_source.cc",
"net/default_dns_over_https_config_source.h",
"net/dns_over_https_config_source.h",
diff --git a/chrome/browser/extensions/chrome_extension_cookies.cc b/chrome/browser/extensions/chrome_extension_cookies.cc
index fc13abe302557d38cfce798d46551989337abb2c..22eac75cf685039796ecf40e7d86c9f54084a08b 100644
--- a/chrome/browser/extensions/chrome_extension_cookies.cc
+++ b/chrome/browser/extensions/chrome_extension_cookies.cc
@@ -6,7 +6,6 @@
#include <optional>
-#include "chrome/browser/browser_process.h"
#include "chrome/browser/content_settings/cookie_settings_factory.h"
#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
#include "chrome/browser/extensions/chrome_extension_cookies_factory.h"
@@ -49,9 +48,7 @@ ChromeExtensionCookies::ChromeExtensionCookies(Profile* profile)
profile_->GetPath().Append(chrome::kExtensionsCookieFilename),
profile_->ShouldRestoreOldSessionCookies(),
profile_->ShouldPersistSessionCookies()));
- creation_config->crypto_delegate = cookie_config::GetCookieCryptoDelegate(
- g_browser_process->os_crypt_async(),
- content::GetUIThreadTaskRunner({}));
+ creation_config->crypto_delegate = cookie_config::GetCookieCryptoDelegate();
}
creation_config->cookieable_schemes.push_back(extensions::kExtensionScheme);
diff --git a/chrome/browser/net/chrome_network_service_browsertest.cc b/chrome/browser/net/chrome_network_service_browsertest.cc
index fa37d56b3a3b1e324ca121992fd7b54a945d75f7..05d4d5eaecf119a956210539f601b8f437aaa788 100644
--- a/chrome/browser/net/chrome_network_service_browsertest.cc
+++ b/chrome/browser/net/chrome_network_service_browsertest.cc
@@ -5,7 +5,6 @@
#include "base/feature_list.h"
#include "base/files/file_path.h"
#include "base/files/file_util.h"
-#include "base/task/sequenced_task_runner.h"
#include "base/test/bind.h"
#include "base/test/scoped_feature_list.h"
#include "base/threading/thread_restrictions.h"
@@ -20,7 +19,6 @@
#include "chrome/test/base/in_process_browser_test.h"
#include "chrome/test/base/ui_test_utils.h"
#include "components/cookie_config/cookie_store_util.h"
-#include "components/os_crypt/async/browser/test_utils.h"
#include "content/public/browser/browser_context.h"
#include "content/public/browser/network_service_instance.h"
#include "content/public/browser/network_service_util.h"
@@ -139,16 +137,10 @@ class ChromeNetworkServiceBrowserTest
IN_PROC_BROWSER_TEST_P(ChromeNetworkServiceBrowserTest,
PRE_PRE_EncryptedCookies) {
// These test is only valid if crypto is enabled on the platform.
- auto os_crypt_async = os_crypt_async::GetTestOSCryptAsyncForTesting(
- /*is_sync_for_unittests=*/true);
- auto crypto_delegate = cookie_config::GetCookieCryptoDelegate(
- os_crypt_async.get(), base::SequencedTaskRunner::GetCurrentDefault());
+ auto crypto_delegate = cookie_config::GetCookieCryptoDelegate();
if (!crypto_delegate) {
GTEST_SKIP() << "No crypto on this platform.";
}
- base::RunLoop run_loop;
- crypto_delegate->Init(run_loop.QuitClosure());
- run_loop.Run();
std::string ciphertext;
crypto_delegate->EncryptString(kCookieValue, &ciphertext);
ASSERT_NE(ciphertext, kCookieValue) << "Crypto should really encrypt.";
diff --git a/services/network/public/cpp/cookie_encryption_provider_impl.cc b/chrome/browser/net/cookie_encryption_provider_impl.cc
similarity index 71%
rename from services/network/public/cpp/cookie_encryption_provider_impl.cc
rename to chrome/browser/net/cookie_encryption_provider_impl.cc
index 52fedf2057b963951be560a362fec28208c2a4b5..3f770666618f2df56b8cd6855766418d319481f0 100644
--- a/services/network/public/cpp/cookie_encryption_provider_impl.cc
+++ b/chrome/browser/net/cookie_encryption_provider_impl.cc
@@ -1,19 +1,18 @@
-// Copyright 2025 The Chromium Authors
+// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#include "services/network/public/cpp/cookie_encryption_provider_impl.h"
+#include "chrome/browser/net/cookie_encryption_provider_impl.h"
+#include "chrome/browser/browser_process.h"
#include "components/os_crypt/async/browser/os_crypt_async.h"
-CookieEncryptionProviderImpl::CookieEncryptionProviderImpl(
- os_crypt_async::OSCryptAsync* os_crypt_async)
- : os_crypt_async_(os_crypt_async) {}
+CookieEncryptionProviderImpl::CookieEncryptionProviderImpl() = default;
CookieEncryptionProviderImpl::~CookieEncryptionProviderImpl() = default;
void CookieEncryptionProviderImpl::GetEncryptor(GetEncryptorCallback callback) {
- os_crypt_async_->GetInstance(base::BindOnce(
+ g_browser_process->os_crypt_async()->GetInstance(base::BindOnce(
[](GetEncryptorCallback callback, os_crypt_async::Encryptor encryptor) {
std::move(callback).Run(std::move(encryptor));
},
diff --git a/services/network/public/cpp/cookie_encryption_provider_impl.h b/chrome/browser/net/cookie_encryption_provider_impl.h
similarity index 65%
rename from services/network/public/cpp/cookie_encryption_provider_impl.h
rename to chrome/browser/net/cookie_encryption_provider_impl.h
index 8f80cabd7c919c682e603ff6af0c12ae4431e366..68df8a7a04e9a8455b7143432173d9e48dc1ea5e 100644
--- a/services/network/public/cpp/cookie_encryption_provider_impl.h
+++ b/chrome/browser/net/cookie_encryption_provider_impl.h
@@ -1,27 +1,20 @@
-// Copyright 2025 The Chromium Authors
+// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#ifndef SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
-#define SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
+#ifndef CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
+#define CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
-#include "base/component_export.h"
-#include "base/memory/raw_ptr.h"
#include "components/os_crypt/async/common/encryptor.h"
#include "mojo/public/cpp/bindings/receiver_set.h"
#include "services/network/public/mojom/cookie_encryption_provider.mojom.h"
-namespace os_crypt_async {
-class OSCryptAsync;
-}
-
// Implementation of CookieEncryptionProvider interface. This is Windows only
// for now, but will be expanded to other platforms in future.
-class COMPONENT_EXPORT(NETWORK_CPP) CookieEncryptionProviderImpl
+class CookieEncryptionProviderImpl
: public network::mojom::CookieEncryptionProvider {
public:
- explicit CookieEncryptionProviderImpl(
- os_crypt_async::OSCryptAsync* os_crypt_async);
+ CookieEncryptionProviderImpl();
~CookieEncryptionProviderImpl() override;
CookieEncryptionProviderImpl(const CookieEncryptionProviderImpl&) = delete;
@@ -37,7 +30,6 @@ class COMPONENT_EXPORT(NETWORK_CPP) CookieEncryptionProviderImpl
private:
mojo::ReceiverSet<network::mojom::CookieEncryptionProvider> receivers_;
- raw_ptr<os_crypt_async::OSCryptAsync> os_crypt_async_;
};
-#endif // SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
+#endif // CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
diff --git a/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc b/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc
index b862afe7663111a6cbd342d33723942770bb0490..9dc46cedb109cea63bf71aa43fc7a2b64730ed12 100644
--- a/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc
+++ b/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc
@@ -13,6 +13,7 @@
#include "base/test/test_future.h"
#include "build/config/linux/dbus/buildflags.h"
#include "chrome/browser/browser_features.h"
+#include "chrome/browser/net/cookie_encryption_provider_impl.h"
#include "chrome/browser/policy/chrome_browser_policy_connector.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/browser.h"
@@ -25,7 +26,6 @@
#include "content/public/test/browser_test.h"
#include "content/public/test/test_launcher.h"
#include "net/cookies/canonical_cookie.h"
-#include "services/network/public/cpp/cookie_encryption_provider_impl.h"
#include "services/network/public/mojom/cookie_manager.mojom.h"
#include "services/network/public/mojom/network_context.mojom.h"
#include "testing/gtest/include/gtest/gtest.h"
diff --git a/chrome/browser/net/system_network_context_manager.cc b/chrome/browser/net/system_network_context_manager.cc
index 96bd9009a1d49af1d5b12b3e10058ac4c48c46c6..94f096f461d92d6db56c25f36fdc642cd4ab5049 100644
--- a/chrome/browser/net/system_network_context_manager.cc
+++ b/chrome/browser/net/system_network_context_manager.cc
@@ -917,13 +917,8 @@ void SystemNetworkContextManager::DisableQuic() {
void SystemNetworkContextManager::
AddCookieEncryptionManagerToNetworkContextParams(
network::mojom::NetworkContextParams* network_context_params) {
- if (!cookie_encryption_provider_) {
- cookie_encryption_provider_ =
- std::make_unique<CookieEncryptionProviderImpl>(
- g_browser_process->os_crypt_async());
- }
network_context_params->cookie_encryption_provider =
- cookie_encryption_provider_->BindNewRemote();
+ cookie_encryption_provider_.BindNewRemote();
}
void SystemNetworkContextManager::
diff --git a/chrome/browser/net/system_network_context_manager.h b/chrome/browser/net/system_network_context_manager.h
index 9bd7bd9d4512c31b2f1b9219ed07ffa232336c3e..c1e4aae2e778fd2028f67f58d4904dbdaeb27603 100644
--- a/chrome/browser/net/system_network_context_manager.h
+++ b/chrome/browser/net/system_network_context_manager.h
@@ -15,6 +15,7 @@
#include "base/memory/scoped_refptr.h"
#include "chrome/browser/enterprise/encryption/cache_encryption_provider_impl.h"
#include "chrome/browser/net/cert_verifier_service_time_updater.h"
+#include "chrome/browser/net/cookie_encryption_provider_impl.h"
#include "chrome/browser/net/proxy_config_monitor.h"
#include "chrome/browser/net/stub_resolver_config_reader.h"
#include "chrome/browser/ssl/ssl_config_service_manager.h"
@@ -24,7 +25,6 @@
#include "mojo/public/cpp/bindings/pending_receiver.h"
#include "mojo/public/cpp/bindings/remote.h"
#include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom-forward.h"
-#include "services/network/public/cpp/cookie_encryption_provider_impl.h"
#include "services/network/public/mojom/host_resolver.mojom-forward.h"
#include "services/network/public/mojom/network_context.mojom.h"
#include "services/network/public/mojom/network_service.mojom.h"
@@ -308,7 +308,7 @@ class SystemNetworkContextManager {
GssapiLibraryLoadObserver gssapi_library_loader_observer_{this};
#endif // BUILDFLAG(IS_LINUX)
- std::unique_ptr<CookieEncryptionProviderImpl> cookie_encryption_provider_;
+ CookieEncryptionProviderImpl cookie_encryption_provider_;
std::unique_ptr<enterprise_encryption::CacheEncryptionProviderImpl>
cache_encryption_provider_;
diff --git a/components/cookie_config/BUILD.gn b/components/cookie_config/BUILD.gn
index e348b0d1a59470c5cf153ae02e420b9dd6bd1892..a7a51003386fe7b62aaf5b7008c63acefd428942 100644
--- a/components/cookie_config/BUILD.gn
+++ b/components/cookie_config/BUILD.gn
@@ -13,7 +13,7 @@ component("cookie_config") {
public_deps = [ "//base" ]
deps = [
- "//components/os_crypt/async/browser",
+ "//components/os_crypt/sync",
"//net:extras",
]
}
diff --git a/components/cookie_config/DEPS b/components/cookie_config/DEPS
index 2c847bf159af83cd12bb343deff0cae9957a4183..a428c0b502bee622fbc7eff7d83a2e8500c058df 100644
--- a/components/cookie_config/DEPS
+++ b/components/cookie_config/DEPS
@@ -1,4 +1,4 @@
include_rules = [
- "+components/os_crypt/async",
+ "+components/os_crypt/sync",
"+net/extras/sqlite",
]
diff --git a/components/cookie_config/cookie_store_util.cc b/components/cookie_config/cookie_store_util.cc
index 55742de998756cbcd686d13a77b2a695eda06884..e7efdfe3a5ecae3b5461bba469f0377b3c920b21 100644
--- a/components/cookie_config/cookie_store_util.cc
+++ b/components/cookie_config/cookie_store_util.cc
@@ -5,12 +5,8 @@
#include "components/cookie_config/cookie_store_util.h"
#include "base/functional/callback.h"
-#include "base/memory/scoped_refptr.h"
-#include "base/memory/weak_ptr.h"
-#include "base/task/sequenced_task_runner.h"
#include "build/build_config.h"
-#include "components/os_crypt/async/browser/os_crypt_async.h"
-#include "components/os_crypt/async/common/encryptor.h"
+#include "components/os_crypt/sync/os_crypt.h"
#include "net/extras/sqlite/cookie_crypto_delegate.h"
namespace cookie_config {
@@ -19,123 +15,40 @@ namespace cookie_config {
BUILDFLAG(IS_CHROMEOS)
namespace {
-void OnOsCryptReadyOnUi(
- base::OnceCallback<void(os_crypt_async::Encryptor)> callback,
- scoped_refptr<base::SequencedTaskRunner> task_runner,
- os_crypt_async::Encryptor encryptor) {
- task_runner->PostTask(
- FROM_HERE, base::BindOnce(std::move(callback), std::move(encryptor)));
-}
-
-void InitOnUi(base::OnceCallback<void(os_crypt_async::Encryptor)> callback,
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> task_runner) {
- os_crypt_async->GetInstance(
- base::BindOnce(&OnOsCryptReadyOnUi, std::move(callback),
- std::move(task_runner)),
- os_crypt_async::Encryptor::Option::kEncryptSyncCompat);
-}
-
// Use the operating system's mechanisms to encrypt cookies before writing
// them to persistent store. Currently this only is done with desktop OS's
// because ChromeOS and Android already protect the entire profile contents.
class CookieOSCryptoDelegate : public net::CookieCryptoDelegate {
public:
- CookieOSCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner);
-
- CookieOSCryptoDelegate(const CookieOSCryptoDelegate&) = delete;
- CookieOSCryptoDelegate& operator=(const CookieOSCryptoDelegate&) = delete;
-
- ~CookieOSCryptoDelegate() override;
-
- // net::CookieCryptoDelegate implementation:
void Init(base::OnceClosure callback) override;
bool EncryptString(const std::string& plaintext,
std::string* ciphertext) override;
bool DecryptString(const std::string& ciphertext,
std::string* plaintext) override;
-
- private:
- void OnOsCryptReady(os_crypt_async::Encryptor encryptor);
-
- raw_ptr<os_crypt_async::OSCryptAsync> os_crypt_async_;
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner_;
- std::optional<os_crypt_async::Encryptor> encryptor_;
-
- bool initializing_ = false;
- std::vector<base::OnceClosure> init_callbacks_;
-
- base::WeakPtrFactory<CookieOSCryptoDelegate> weak_ptr_factory_{this};
};
-CookieOSCryptoDelegate::CookieOSCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner)
- : os_crypt_async_(os_crypt_async), ui_task_runner_(ui_task_runner) {}
-
-CookieOSCryptoDelegate::~CookieOSCryptoDelegate() = default;
-
void CookieOSCryptoDelegate::Init(base::OnceClosure callback) {
- if (encryptor_.has_value()) {
- std::move(callback).Run();
- return;
- }
-
- init_callbacks_.emplace_back(std::move(callback));
- if (initializing_) {
- return;
- }
- initializing_ = true;
-
- // PostTaskAndReplyWithResult can't be used here because
- // OSCryptAsync::GetInstance() is async.
- ui_task_runner_->PostTask(
- FROM_HERE,
- base::BindOnce(&InitOnUi,
- base::BindOnce(&CookieOSCryptoDelegate::OnOsCryptReady,
- weak_ptr_factory_.GetWeakPtr()),
- os_crypt_async_,
- base::SequencedTaskRunner::GetCurrentDefault()));
- os_crypt_async_ = nullptr;
+ std::move(callback).Run();
}
bool CookieOSCryptoDelegate::EncryptString(const std::string& plaintext,
std::string* ciphertext) {
- CHECK(encryptor_) << "EncryptString called before Init completed";
- return encryptor_->EncryptString(plaintext, ciphertext);
+ return OSCrypt::EncryptString(plaintext, ciphertext);
}
bool CookieOSCryptoDelegate::DecryptString(const std::string& ciphertext,
std::string* plaintext) {
- CHECK(encryptor_) << "DecryptString called before Init completed";
- return encryptor_->DecryptString(ciphertext, plaintext);
-}
-
-void CookieOSCryptoDelegate::OnOsCryptReady(
- os_crypt_async::Encryptor encryptor) {
- encryptor_ = std::move(encryptor);
- initializing_ = false;
- for (auto& callback : init_callbacks_) {
- std::move(callback).Run();
- }
- init_callbacks_.clear();
+ return OSCrypt::DecryptString(ciphertext, plaintext);
}
} // namespace
-std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner) {
- return std::make_unique<CookieOSCryptoDelegate>(os_crypt_async,
- ui_task_runner);
+std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate() {
+ return std::make_unique<CookieOSCryptoDelegate>();
}
#else // BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC) || BUILDFLAG(IS_LINUX) ||
// BUILDFLAG(IS_CHROMEOS)
-std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner) {
+std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate() {
return nullptr;
}
#endif // BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC) || BUILDFLAG(IS_LINUX) ||
diff --git a/components/cookie_config/cookie_store_util.h b/components/cookie_config/cookie_store_util.h
index 9d142e9f13fb0d30d5795c2a82f2cbc5274d381c..1e1b7ebc234d7e3f981e023fe49cd0b13ed62c6e 100644
--- a/components/cookie_config/cookie_store_util.h
+++ b/components/cookie_config/cookie_store_util.h
@@ -8,28 +8,17 @@
#include <memory>
#include "base/component_export.h"
-#include "base/memory/scoped_refptr.h"
-
-namespace base {
-class SequencedTaskRunner;
-}
namespace net {
class CookieCryptoDelegate;
} // namespace net
-namespace os_crypt_async {
-class OSCryptAsync;
-} // namespace os_crypt_async
-
namespace cookie_config {
// Factory method for returning a CookieCryptoDelegate if one is appropriate for
// this platform.
COMPONENT_EXPORT(COMPONENTS_COOKIE_CONFIG)
-std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner);
+std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate();
} // namespace cookie_config
diff --git a/components/os_crypt/sync/BUILD.gn b/components/os_crypt/sync/BUILD.gn
index bb308187837371ecfa2482affaf35ac7ed98c1f3..1e554fe95b0521a883ced83fc67f5d52a3d45759 100644
--- a/components/os_crypt/sync/BUILD.gn
+++ b/components/os_crypt/sync/BUILD.gn
@@ -12,7 +12,13 @@ component("sync") {
visibility = [
"//electron:*",
"//chrome/browser",
+ "//chrome/browser/prefs:impl",
+ "//chrome/browser/ui",
+ "//chrome/browser/web_applications",
"//chrome/test:test_support",
+ "//components/autofill/content/browser",
+ "//components/cookie_config",
+ "//components/gcm_driver",
"//components/os_crypt/async/browser:dpapi_key_provider",
"//components/os_crypt/async/browser:freedesktop_secret_key_provider",
"//components/os_crypt/async/browser:keychain_key_provider",
@@ -22,18 +28,24 @@ component("sync") {
"//components/os_crypt/async/common:unit_tests",
"//components/os_crypt/sync:test_support",
"//components/os_crypt/sync:unit_tests",
+ "//components/password_manager/core/browser",
+ "//components/password_manager/core/browser:hash_password_manager",
+ "//components/password_manager/core/browser:unit_tests",
+ "//components/password_manager/core/browser/password_store:password_store_impl",
+ "//components/password_manager/core/browser/password_store:unit_tests",
"//components/signin/core/browser",
"//components/sync:unit_tests",
"//components/sync/nigori",
"//components/sync/service",
+ "//components/trusted_vault",
+ "//components/trusted_vault:unit_tests",
+ "//content/browser",
"//headless:headless_non_renderer",
+ "//headless:headless_shell_lib",
"//ios/chrome/browser/web/model:web_internal",
"//services/network:network_service",
"//services/test/echo:lib",
]
- if (is_mac) {
- visibility += [ "//headless:headless_shell_lib" ]
- }
sources = [
"os_crypt.h",
diff --git a/headless/BUILD.gn b/headless/BUILD.gn
index 3b7ac1e77fb8f1696e6fea46e5e76fd05151b6c0..fa9731f028cf2e2ba7c821e67d3fca95f3e16f36 100644
--- a/headless/BUILD.gn
+++ b/headless/BUILD.gn
@@ -373,7 +373,6 @@ component("headless_non_renderer") {
"//components/keyed_service/content",
"//components/origin_trials:browser",
"//components/origin_trials:common",
- "//components/os_crypt/async/browser",
"//components/os_crypt/sync",
"//components/policy:generated",
"//components/policy/content",
diff --git a/headless/lib/browser/DEPS b/headless/lib/browser/DEPS
index 75d0960a5964fabf518d0b8b2f67e29e9b3d6fe6..8261f1ab27597459726063cc6faa2a5ed0bfce17 100644
--- a/headless/lib/browser/DEPS
+++ b/headless/lib/browser/DEPS
@@ -44,7 +44,6 @@ specific_include_rules = {
"headless_browser_impl.*": [
"+services/device/public/cpp/geolocation/system_geolocation_source_apple.h",
"+services/device/public/cpp/geolocation/geolocation_system_permission_manager.h",
- "+components/os_crypt/async",
"+components/password_manager/core/browser/password_manager_switches.h",
"+components/policy",
"+components/prefs",
@@ -53,9 +52,6 @@ specific_include_rules = {
"+components/metrics",
"+components/variations",
],
- "headless_request_context_manager.cc": [
- "+components/os_crypt/async/browser",
- ],
"headless_browser_impl_unittest.cc": [
"+third_party/blink/public/common/features.h",
],
diff --git a/headless/lib/browser/headless_browser_context_impl.cc b/headless/lib/browser/headless_browser_context_impl.cc
index f664e9994a3c38ef2aa30773f6ca4668451dd76c..ad83a721a8bf17225af7d2c5954ecdd82cf8e1dc 100644
--- a/headless/lib/browser/headless_browser_context_impl.cc
+++ b/headless/lib/browser/headless_browser_context_impl.cc
@@ -77,7 +77,7 @@ HeadlessBrowserContextImpl::HeadlessBrowserContextImpl(
? base::FilePath()
: path_;
request_context_manager_ = std::make_unique<HeadlessRequestContextManager>(
- context_options_.get(), user_data_path, browser->os_crypt_async());
+ context_options_.get(), user_data_path);
profile_metrics::SetBrowserProfileType(
this, IsOffTheRecord() ? profile_metrics::BrowserProfileType::kIncognito
: profile_metrics::BrowserProfileType::kRegular);
diff --git a/headless/lib/browser/headless_browser_impl.cc b/headless/lib/browser/headless_browser_impl.cc
index f0c79ccd63e102c4ef51535f476ceddc6c5156a9..c1e9430b3f5b67338f204ca5563a02c2da87cd49 100644
--- a/headless/lib/browser/headless_browser_impl.cc
+++ b/headless/lib/browser/headless_browser_impl.cc
@@ -16,8 +16,6 @@
#include "base/task/single_thread_task_runner.h"
#include "build/config/linux/dbus/buildflags.h"
#include "components/embedder_support/user_agent_utils.h"
-#include "components/os_crypt/async/browser/os_crypt_async.h"
-#include "components/os_crypt/async/common/encryptor.h"
#include "components/version_info/version_info.h"
#include "content/public/browser/browser_task_traits.h"
#include "content/public/browser/browser_thread.h"
@@ -212,8 +210,7 @@ void HeadlessBrowserImpl::SetDefaultBrowserContext(
if (default_browser_context_ && !system_request_context_manager_) {
system_request_context_manager_ =
HeadlessRequestContextManager::CreateSystemContext(
- HeadlessBrowserContextImpl::From(browser_context)->options(),
- os_crypt_async());
+ HeadlessBrowserContextImpl::From(browser_context)->options());
}
}
@@ -269,8 +266,6 @@ bool HeadlessBrowserImpl::ShouldStartDevToolsServer() {
}
void HeadlessBrowserImpl::PreMainMessageLoopRun() {
- CreateOSCryptAsync();
-
platform_delegate_->Initialize(options_.value());
// We don't support the tethering domain on this agent host.
@@ -287,7 +282,6 @@ void HeadlessBrowserImpl::WillRunMainMessageLoop(base::RunLoop& run_loop) {
}
void HeadlessBrowserImpl::PostMainMessageLoopRun() {
- os_crypt_async_.reset();
#if defined(HEADLESS_USE_PREFS)
if (local_state_) {
local_state_->CommitPendingWrite();
diff --git a/headless/lib/browser/headless_browser_impl.h b/headless/lib/browser/headless_browser_impl.h
index 1d9ba1861de0065cb059710fab7b619c0df55216..69056c94a348566e2d080307c794e5dd28322dff 100644
--- a/headless/lib/browser/headless_browser_impl.h
+++ b/headless/lib/browser/headless_browser_impl.h
@@ -31,9 +31,11 @@ class PolicyService;
class PrefService;
#endif
-namespace os_crypt_async {
-class OSCryptAsync;
-}
+#if BUILDFLAG(IS_MAC)
+namespace device {
+class GeolocationSystemPermissionManager;
+} // namespace device
+#endif
namespace ui {
class Compositor;
@@ -99,10 +101,6 @@ class HEADLESS_EXPORT HeadlessBrowserImpl : public HeadlessBrowser {
int exit_code() const { return exit_code_; }
- os_crypt_async::OSCryptAsync* os_crypt_async() {
- return os_crypt_async_.get();
- }
-
#if defined(HEADLESS_USE_PREFS)
void CreatePrefService();
PrefService* GetPrefs();
@@ -121,8 +119,6 @@ class HEADLESS_EXPORT HeadlessBrowserImpl : public HeadlessBrowser {
int exit_code_ = 0;
- std::unique_ptr<os_crypt_async::OSCryptAsync> os_crypt_async_;
-
base::flat_map<std::string, std::unique_ptr<HeadlessBrowserContextImpl>>
browser_contexts_;
raw_ptr<HeadlessBrowserContext, AcrossTasksDanglingUntriaged>
diff --git a/headless/lib/browser/headless_request_context_manager.cc b/headless/lib/browser/headless_request_context_manager.cc
index 6c4ce0a6fa6624cace08bfdb2c62b12836a744fa..fe1a11f94a709400434fb41a5bdcdb8f4d47a959 100644
--- a/headless/lib/browser/headless_request_context_manager.cc
+++ b/headless/lib/browser/headless_request_context_manager.cc
@@ -11,7 +11,6 @@
#include "base/task/single_thread_task_runner.h"
#include "build/build_config.h"
#include "components/embedder_support/switches.h"
-#include "components/os_crypt/async/browser/os_crypt_async.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/network_service_instance.h"
#include "headless/lib/browser/headless_browser_context_options.h"
@@ -138,10 +137,9 @@ class HeadlessProxyConfigMonitor
// static
std::unique_ptr<HeadlessRequestContextManager>
HeadlessRequestContextManager::CreateSystemContext(
- const HeadlessBrowserContextOptions* options,
- os_crypt_async::OSCryptAsync* os_crypt_async) {
+ const HeadlessBrowserContextOptions* options) {
auto manager = std::make_unique<HeadlessRequestContextManager>(
- options, base::FilePath(), os_crypt_async);
+ options, base::FilePath());
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
auto auth_params = ::network::mojom::HttpAuthDynamicParams::New();
@@ -172,8 +170,7 @@ HeadlessRequestContextManager::CreateSystemContext(
HeadlessRequestContextManager::HeadlessRequestContextManager(
const HeadlessBrowserContextOptions* options,
- base::FilePath user_data_path,
- os_crypt_async::OSCryptAsync* os_crypt_async)
+ base::FilePath user_data_path)
:
// On Windows, Cookie encryption requires access to local_state prefs.
#if BUILDFLAG(IS_WIN) && !defined(HEADLESS_USE_PREFS)
@@ -183,7 +180,6 @@ HeadlessRequestContextManager::HeadlessRequestContextManager(
!base::CommandLine::ForCurrentProcess()->HasSwitch(
switches::kDisableCookieEncryption)),
#endif
- os_crypt_async_(os_crypt_async),
user_data_path_(std::move(user_data_path)),
disk_cache_dir_(options->disk_cache_dir()),
accept_language_(options->accept_language()),
@@ -192,10 +188,6 @@ HeadlessRequestContextManager::HeadlessRequestContextManager(
options->proxy_config()
? std::make_unique<net::ProxyConfig>(*options->proxy_config())
: nullptr) {
- if (cookie_encryption_enabled_) {
- cookie_encryption_provider_ =
- std::make_unique<CookieEncryptionProviderImpl>(os_crypt_async_.get());
- }
if (!proxy_config_) {
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
if (command_line->HasSwitch(switches::kNoSystemProxyConfigService)) {
@@ -240,10 +232,6 @@ void HeadlessRequestContextManager::ConfigureNetworkContextParamsInternal(
if (!user_data_path_.empty()) {
context_params->enable_encrypted_cookies = cookie_encryption_enabled_;
- if (cookie_encryption_enabled_) {
- context_params->cookie_encryption_provider =
- cookie_encryption_provider_->BindNewRemote();
- }
context_params->file_paths =
::network::mojom::NetworkContextFilePaths::New();
context_params->file_paths->data_directory =
diff --git a/headless/lib/browser/headless_request_context_manager.h b/headless/lib/browser/headless_request_context_manager.h
index 91d74eaadd9f4d451e809b38a2f999b298068820..e45427ce90f909e609688ab59f4581b185b6757e 100644
--- a/headless/lib/browser/headless_request_context_manager.h
+++ b/headless/lib/browser/headless_request_context_manager.h
@@ -13,13 +13,8 @@
#include "content/public/browser/browser_context.h"
#include "mojo/public/cpp/bindings/pending_remote.h"
#include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom-forward.h"
-#include "services/network/public/cpp/cookie_encryption_provider_impl.h"
#include "services/network/public/mojom/network_context.mojom.h"
-namespace os_crypt_async {
-class OSCryptAsync;
-}
-
namespace headless {
class HeadlessBrowserContextOptions;
@@ -28,12 +23,10 @@ class HeadlessProxyConfigMonitor;
class HeadlessRequestContextManager {
public:
static std::unique_ptr<HeadlessRequestContextManager> CreateSystemContext(
- const HeadlessBrowserContextOptions* options,
- os_crypt_async::OSCryptAsync* os_crypt_async);
+ const HeadlessBrowserContextOptions* options);
HeadlessRequestContextManager(const HeadlessBrowserContextOptions* options,
- base::FilePath user_data_path,
- os_crypt_async::OSCryptAsync* os_crypt_async);
+ base::FilePath user_data_path);
HeadlessRequestContextManager(const HeadlessRequestContextManager&) = delete;
HeadlessRequestContextManager& operator=(
@@ -56,15 +49,12 @@ class HeadlessRequestContextManager {
const bool cookie_encryption_enabled_;
- const raw_ptr<os_crypt_async::OSCryptAsync> os_crypt_async_;
-
base::FilePath user_data_path_;
base::FilePath disk_cache_dir_;
std::string accept_language_;
std::string user_agent_;
std::unique_ptr<net::ProxyConfig> proxy_config_;
std::unique_ptr<HeadlessProxyConfigMonitor> proxy_config_monitor_;
- std::unique_ptr<CookieEncryptionProviderImpl> cookie_encryption_provider_;
mojo::PendingRemote<::network::mojom::NetworkContext> system_context_;
};
diff --git a/services/network/network_context.cc b/services/network/network_context.cc
index ff05425e150671a71abe74b01d9da0103698e8cf..d63d56e532f0e8e1f9e5e3d3906539a545af56e8 100644
--- a/services/network/network_context.cc
+++ b/services/network/network_context.cc
@@ -3266,12 +3266,7 @@ NetworkContext::MakeSessionCleanupCookieStore() const {
crypto_delegate = std::make_unique<CookieOSCryptAsyncDelegate>(
std::move(params_->cookie_encryption_provider));
} else {
-#if !BUILDFLAG(IS_ANDROID)
- // A cookie crypto delegate should not be created on Android to
- // match the behavior of cookie_config::GetCookieCryptoDelegate().
- // See https://crbug.com/449652881
- NOTREACHED();
-#endif
+ crypto_delegate = cookie_config::GetCookieCryptoDelegate();
}
}
diff --git a/services/network/public/cpp/BUILD.gn b/services/network/public/cpp/BUILD.gn
index b48bdf27cd97142ceebc1f0b769b502bf037ce36..3b1424b6df37aa4a3cd341e8b89524e34480d4ac 100644
--- a/services/network/public/cpp/BUILD.gn
+++ b/services/network/public/cpp/BUILD.gn
@@ -69,8 +69,6 @@ component("cpp") {
"content_decoding_interceptor.h",
"content_language_parser.cc",
"content_language_parser.h",
- "cookie_encryption_provider_impl.cc",
- "cookie_encryption_provider_impl.h",
"cors/cors.cc",
"cors/cors.h",
"cors/origin_access_list.cc",
@@ -187,8 +185,6 @@ component("cpp") {
deps = [
"//base",
"//components/link_header_util",
- "//components/os_crypt/async/browser",
- "//components/os_crypt/async/common",
"//components/prefs",
"//ipc",
"//net",
diff --git a/services/network/public/mojom/network_context.mojom b/services/network/public/mojom/network_context.mojom
index efe7273d1fff01d6f368da60ba82a429746251ef..5db0eee84899192bd5bcf01ae6fe02ca49f3780b 100644
--- a/services/network/public/mojom/network_context.mojom
+++ b/services/network/public/mojom/network_context.mojom
@@ -573,9 +573,10 @@ struct NetworkContextParams {
bool acam_preflight_spec_conformant = true;
// Sets the cookie encryption provider to be used by this network context if
- // `enable_encrypted_cookies` is enabled.
- // The `GetEncryptor` method on the supplied `cookie_encryption_provider` is
- // called to obtain a valid set of keys for cookie encryption.
+ // `enable_encrypted_cookies` is also enabled.
+ // If both are set then the `GetEncryptor` method on the supplied
+ // `cookie_encryption_provider` is called to obtain a valid set of keys for
+ // cookie encryption.
pending_remote<CookieEncryptionProvider>? cookie_encryption_provider;
// Enables Device Bound Session Credential for this network context.
Reference in New Issue View Git Blame Copy Permalink