github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-04-10 03:01:51 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
78896775d929b685fc1af2cba9962f9e4112a494
electron/patches/chromium/fix_os_crypt_async_cookie_encryption.patch
electron-roller[bot] 3d8105ae7f chore: bump chromium to 146.0.7680.153 (41-x-y) (#50346) 
* chore: bump chromium in DEPS to 146.0.7680.153

* chore: update patches

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
2026-03-18 17:49:48 -04:00

791 lines
35 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Keeley Hammond <khammond@slack-corp.com>
Date: Tue, 13 Jan 2026 13:26:29 -0800
Subject: fix: revert OS_Crypt Async in Cookie Encryption
Electron 40/M144 uses os_crypt async by default for cookie store
providers when using cookie encryption. We need time to properly
implement this in Electron and make sure the async logic is
working properly.
This patch reverts the port of os_crypt async and falls back to
the old sync logic to unlock Electron 40. This patch can be removed
when os_crypt async is added to Electron.
Revert "Reland "Port net::CookieCryptoDelegate to os_crypt async""
This reverts commit f01b115c7e21a09cc762f65bf7fd9c6ea9d9d0f8.
diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn
index 1a861ff7867f19935178c8368a9a720230fee026..b1ca947122f4ea715be18a0fd4e75b30fffc5a3c 100644
--- a/chrome/browser/BUILD.gn
+++ b/chrome/browser/BUILD.gn
@@ -714,6 +714,8 @@ static_library("browser") {
"net/chrome_report_sender.h",
"net/convert_explicitly_allowed_network_ports_pref.cc",
"net/convert_explicitly_allowed_network_ports_pref.h",
+ "net/cookie_encryption_provider_impl.cc",
+ "net/cookie_encryption_provider_impl.h",
"net/default_dns_over_https_config_source.cc",
"net/default_dns_over_https_config_source.h",
"net/dns_over_https_config_source.h",
diff --git a/chrome/browser/extensions/chrome_extension_cookies.cc b/chrome/browser/extensions/chrome_extension_cookies.cc
index fc13abe302557d38cfce798d46551989337abb2c..22eac75cf685039796ecf40e7d86c9f54084a08b 100644
--- a/chrome/browser/extensions/chrome_extension_cookies.cc
+++ b/chrome/browser/extensions/chrome_extension_cookies.cc
@@ -6,7 +6,6 @@
#include <optional>
-#include "chrome/browser/browser_process.h"
#include "chrome/browser/content_settings/cookie_settings_factory.h"
#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
#include "chrome/browser/extensions/chrome_extension_cookies_factory.h"
@@ -49,9 +48,7 @@ ChromeExtensionCookies::ChromeExtensionCookies(Profile* profile)
profile_->GetPath().Append(chrome::kExtensionsCookieFilename),
profile_->ShouldRestoreOldSessionCookies(),
profile_->ShouldPersistSessionCookies()));
- creation_config->crypto_delegate = cookie_config::GetCookieCryptoDelegate(
- g_browser_process->os_crypt_async(),
- content::GetUIThreadTaskRunner({}));
+ creation_config->crypto_delegate = cookie_config::GetCookieCryptoDelegate();
}
creation_config->cookieable_schemes.push_back(extensions::kExtensionScheme);
diff --git a/chrome/browser/net/chrome_network_service_browsertest.cc b/chrome/browser/net/chrome_network_service_browsertest.cc
index fa37d56b3a3b1e324ca121992fd7b54a945d75f7..05d4d5eaecf119a956210539f601b8f437aaa788 100644
--- a/chrome/browser/net/chrome_network_service_browsertest.cc
+++ b/chrome/browser/net/chrome_network_service_browsertest.cc
@@ -5,7 +5,6 @@
#include "base/feature_list.h"
#include "base/files/file_path.h"
#include "base/files/file_util.h"
-#include "base/task/sequenced_task_runner.h"
#include "base/test/bind.h"
#include "base/test/scoped_feature_list.h"
#include "base/threading/thread_restrictions.h"
@@ -20,7 +19,6 @@
#include "chrome/test/base/in_process_browser_test.h"
#include "chrome/test/base/ui_test_utils.h"
#include "components/cookie_config/cookie_store_util.h"
-#include "components/os_crypt/async/browser/test_utils.h"
#include "content/public/browser/browser_context.h"
#include "content/public/browser/network_service_instance.h"
#include "content/public/browser/network_service_util.h"
@@ -139,16 +137,10 @@ class ChromeNetworkServiceBrowserTest
IN_PROC_BROWSER_TEST_P(ChromeNetworkServiceBrowserTest,
PRE_PRE_EncryptedCookies) {
// These test is only valid if crypto is enabled on the platform.
- auto os_crypt_async = os_crypt_async::GetTestOSCryptAsyncForTesting(
- /*is_sync_for_unittests=*/true);
- auto crypto_delegate = cookie_config::GetCookieCryptoDelegate(
- os_crypt_async.get(), base::SequencedTaskRunner::GetCurrentDefault());
+ auto crypto_delegate = cookie_config::GetCookieCryptoDelegate();
if (!crypto_delegate) {
GTEST_SKIP() << "No crypto on this platform.";
}
- base::RunLoop run_loop;
- crypto_delegate->Init(run_loop.QuitClosure());
- run_loop.Run();
std::string ciphertext;
crypto_delegate->EncryptString(kCookieValue, &ciphertext);
ASSERT_NE(ciphertext, kCookieValue) << "Crypto should really encrypt.";
diff --git a/services/network/public/cpp/cookie_encryption_provider_impl.cc b/chrome/browser/net/cookie_encryption_provider_impl.cc
similarity index 71%
rename from services/network/public/cpp/cookie_encryption_provider_impl.cc
rename to chrome/browser/net/cookie_encryption_provider_impl.cc
index 52fedf2057b963951be560a362fec28208c2a4b5..3f770666618f2df56b8cd6855766418d319481f0 100644
--- a/services/network/public/cpp/cookie_encryption_provider_impl.cc
+++ b/chrome/browser/net/cookie_encryption_provider_impl.cc
@@ -1,19 +1,18 @@
-// Copyright 2025 The Chromium Authors
+// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#include "services/network/public/cpp/cookie_encryption_provider_impl.h"
+#include "chrome/browser/net/cookie_encryption_provider_impl.h"
+#include "chrome/browser/browser_process.h"
#include "components/os_crypt/async/browser/os_crypt_async.h"
-CookieEncryptionProviderImpl::CookieEncryptionProviderImpl(
- os_crypt_async::OSCryptAsync* os_crypt_async)
- : os_crypt_async_(os_crypt_async) {}
+CookieEncryptionProviderImpl::CookieEncryptionProviderImpl() = default;
CookieEncryptionProviderImpl::~CookieEncryptionProviderImpl() = default;
void CookieEncryptionProviderImpl::GetEncryptor(GetEncryptorCallback callback) {
- os_crypt_async_->GetInstance(base::BindOnce(
+ g_browser_process->os_crypt_async()->GetInstance(base::BindOnce(
[](GetEncryptorCallback callback, os_crypt_async::Encryptor encryptor) {
std::move(callback).Run(std::move(encryptor));
},
diff --git a/services/network/public/cpp/cookie_encryption_provider_impl.h b/chrome/browser/net/cookie_encryption_provider_impl.h
similarity index 65%
rename from services/network/public/cpp/cookie_encryption_provider_impl.h
rename to chrome/browser/net/cookie_encryption_provider_impl.h
index 8f80cabd7c919c682e603ff6af0c12ae4431e366..68df8a7a04e9a8455b7143432173d9e48dc1ea5e 100644
--- a/services/network/public/cpp/cookie_encryption_provider_impl.h
+++ b/chrome/browser/net/cookie_encryption_provider_impl.h
@@ -1,27 +1,20 @@
-// Copyright 2025 The Chromium Authors
+// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#ifndef SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
-#define SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
+#ifndef CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
+#define CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
-#include "base/component_export.h"
-#include "base/memory/raw_ptr.h"
#include "components/os_crypt/async/common/encryptor.h"
#include "mojo/public/cpp/bindings/receiver_set.h"
#include "services/network/public/mojom/cookie_encryption_provider.mojom.h"
-namespace os_crypt_async {
-class OSCryptAsync;
-}
-
// Implementation of CookieEncryptionProvider interface. This is Windows only
// for now, but will be expanded to other platforms in future.
-class COMPONENT_EXPORT(NETWORK_CPP) CookieEncryptionProviderImpl
+class CookieEncryptionProviderImpl
: public network::mojom::CookieEncryptionProvider {
public:
- explicit CookieEncryptionProviderImpl(
- os_crypt_async::OSCryptAsync* os_crypt_async);
+ CookieEncryptionProviderImpl();
~CookieEncryptionProviderImpl() override;
CookieEncryptionProviderImpl(const CookieEncryptionProviderImpl&) = delete;
@@ -37,7 +30,6 @@ class COMPONENT_EXPORT(NETWORK_CPP) CookieEncryptionProviderImpl
private:
mojo::ReceiverSet<network::mojom::CookieEncryptionProvider> receivers_;
- raw_ptr<os_crypt_async::OSCryptAsync> os_crypt_async_;
};
-#endif // SERVICES_NETWORK_PUBLIC_CPP_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
+#endif // CHROME_BROWSER_NET_COOKIE_ENCRYPTION_PROVIDER_IMPL_H_
diff --git a/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc b/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc
index 80a738ef815e33058d22df4595e2c9ddad3937c3..007473976bc4bbeeeefbb75d6c03b795be5267d7 100644
--- a/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc
+++ b/chrome/browser/net/cookie_encryption_provider_interactive_uitest.cc
@@ -13,6 +13,7 @@
#include "base/test/test_future.h"
#include "build/config/linux/dbus/buildflags.h"
#include "chrome/browser/browser_features.h"
+#include "chrome/browser/net/cookie_encryption_provider_impl.h"
#include "chrome/browser/policy/chrome_browser_policy_connector.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/browser.h"
@@ -25,7 +26,6 @@
#include "content/public/test/browser_test.h"
#include "content/public/test/test_launcher.h"
#include "net/cookies/canonical_cookie.h"
-#include "services/network/public/cpp/cookie_encryption_provider_impl.h"
#include "services/network/public/mojom/cookie_manager.mojom.h"
#include "services/network/public/mojom/network_context.mojom.h"
#include "testing/gtest/include/gtest/gtest.h"
diff --git a/chrome/browser/net/system_network_context_manager.cc b/chrome/browser/net/system_network_context_manager.cc
index 341cae2bda7fce9e5133966cb8670b9858a44654..6ba158980107ee77d38acc40dd377017731f0de7 100644
--- a/chrome/browser/net/system_network_context_manager.cc
+++ b/chrome/browser/net/system_network_context_manager.cc
@@ -919,13 +919,8 @@ void SystemNetworkContextManager::DisableQuic() {
void SystemNetworkContextManager::
AddCookieEncryptionManagerToNetworkContextParams(
network::mojom::NetworkContextParams* network_context_params) {
- if (!cookie_encryption_provider_) {
- cookie_encryption_provider_ =
- std::make_unique<CookieEncryptionProviderImpl>(
- g_browser_process->os_crypt_async());
- }
network_context_params->cookie_encryption_provider =
- cookie_encryption_provider_->BindNewRemote();
+ cookie_encryption_provider_.BindNewRemote();
}
void SystemNetworkContextManager::AddSSLConfigToNetworkContextParams(
diff --git a/chrome/browser/net/system_network_context_manager.h b/chrome/browser/net/system_network_context_manager.h
index 611833bce86135d792670a2cbfbfc661bcedf8dd..6d39b73f77d294ec21aa2d9c328e7f1fa9aad47d 100644
--- a/chrome/browser/net/system_network_context_manager.h
+++ b/chrome/browser/net/system_network_context_manager.h
@@ -14,6 +14,7 @@
#include "base/memory/raw_ptr.h"
#include "base/memory/scoped_refptr.h"
#include "chrome/browser/net/cert_verifier_service_time_updater.h"
+#include "chrome/browser/net/cookie_encryption_provider_impl.h"
#include "chrome/browser/net/proxy_config_monitor.h"
#include "chrome/browser/net/stub_resolver_config_reader.h"
#include "chrome/browser/ssl/ssl_config_service_manager.h"
@@ -23,7 +24,6 @@
#include "mojo/public/cpp/bindings/pending_receiver.h"
#include "mojo/public/cpp/bindings/remote.h"
#include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom-forward.h"
-#include "services/network/public/cpp/cookie_encryption_provider_impl.h"
#include "services/network/public/mojom/host_resolver.mojom-forward.h"
#include "services/network/public/mojom/network_context.mojom.h"
#include "services/network/public/mojom/network_service.mojom.h"
@@ -303,7 +303,7 @@ class SystemNetworkContextManager {
GssapiLibraryLoadObserver gssapi_library_loader_observer_{this};
#endif // BUILDFLAG(IS_LINUX)
- std::unique_ptr<CookieEncryptionProviderImpl> cookie_encryption_provider_;
+ CookieEncryptionProviderImpl cookie_encryption_provider_;
std::unique_ptr<CertVerifierServiceTimeUpdater> cert_verifier_time_updater_;
};
diff --git a/components/cookie_config/BUILD.gn b/components/cookie_config/BUILD.gn
index e348b0d1a59470c5cf153ae02e420b9dd6bd1892..a7a51003386fe7b62aaf5b7008c63acefd428942 100644
--- a/components/cookie_config/BUILD.gn
+++ b/components/cookie_config/BUILD.gn
@@ -13,7 +13,7 @@ component("cookie_config") {
public_deps = [ "//base" ]
deps = [
- "//components/os_crypt/async/browser",
+ "//components/os_crypt/sync",
"//net:extras",
]
}
diff --git a/components/cookie_config/DEPS b/components/cookie_config/DEPS
index 2c847bf159af83cd12bb343deff0cae9957a4183..a428c0b502bee622fbc7eff7d83a2e8500c058df 100644
--- a/components/cookie_config/DEPS
+++ b/components/cookie_config/DEPS
@@ -1,4 +1,4 @@
include_rules = [
- "+components/os_crypt/async",
+ "+components/os_crypt/sync",
"+net/extras/sqlite",
]
diff --git a/components/cookie_config/cookie_store_util.cc b/components/cookie_config/cookie_store_util.cc
index 55742de998756cbcd686d13a77b2a695eda06884..e7efdfe3a5ecae3b5461bba469f0377b3c920b21 100644
--- a/components/cookie_config/cookie_store_util.cc
+++ b/components/cookie_config/cookie_store_util.cc
@@ -5,12 +5,8 @@
#include "components/cookie_config/cookie_store_util.h"
#include "base/functional/callback.h"
-#include "base/memory/scoped_refptr.h"
-#include "base/memory/weak_ptr.h"
-#include "base/task/sequenced_task_runner.h"
#include "build/build_config.h"
-#include "components/os_crypt/async/browser/os_crypt_async.h"
-#include "components/os_crypt/async/common/encryptor.h"
+#include "components/os_crypt/sync/os_crypt.h"
#include "net/extras/sqlite/cookie_crypto_delegate.h"
namespace cookie_config {
@@ -19,123 +15,40 @@ namespace cookie_config {
BUILDFLAG(IS_CHROMEOS)
namespace {
-void OnOsCryptReadyOnUi(
- base::OnceCallback<void(os_crypt_async::Encryptor)> callback,
- scoped_refptr<base::SequencedTaskRunner> task_runner,
- os_crypt_async::Encryptor encryptor) {
- task_runner->PostTask(
- FROM_HERE, base::BindOnce(std::move(callback), std::move(encryptor)));
-}
-
-void InitOnUi(base::OnceCallback<void(os_crypt_async::Encryptor)> callback,
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> task_runner) {
- os_crypt_async->GetInstance(
- base::BindOnce(&OnOsCryptReadyOnUi, std::move(callback),
- std::move(task_runner)),
- os_crypt_async::Encryptor::Option::kEncryptSyncCompat);
-}
-
// Use the operating system's mechanisms to encrypt cookies before writing
// them to persistent store. Currently this only is done with desktop OS's
// because ChromeOS and Android already protect the entire profile contents.
class CookieOSCryptoDelegate : public net::CookieCryptoDelegate {
public:
- CookieOSCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner);
-
- CookieOSCryptoDelegate(const CookieOSCryptoDelegate&) = delete;
- CookieOSCryptoDelegate& operator=(const CookieOSCryptoDelegate&) = delete;
-
- ~CookieOSCryptoDelegate() override;
-
- // net::CookieCryptoDelegate implementation:
void Init(base::OnceClosure callback) override;
bool EncryptString(const std::string& plaintext,
std::string* ciphertext) override;
bool DecryptString(const std::string& ciphertext,
std::string* plaintext) override;
-
- private:
- void OnOsCryptReady(os_crypt_async::Encryptor encryptor);
-
- raw_ptr<os_crypt_async::OSCryptAsync> os_crypt_async_;
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner_;
- std::optional<os_crypt_async::Encryptor> encryptor_;
-
- bool initializing_ = false;
- std::vector<base::OnceClosure> init_callbacks_;
-
- base::WeakPtrFactory<CookieOSCryptoDelegate> weak_ptr_factory_{this};
};
-CookieOSCryptoDelegate::CookieOSCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner)
- : os_crypt_async_(os_crypt_async), ui_task_runner_(ui_task_runner) {}
-
-CookieOSCryptoDelegate::~CookieOSCryptoDelegate() = default;
-
void CookieOSCryptoDelegate::Init(base::OnceClosure callback) {
- if (encryptor_.has_value()) {
- std::move(callback).Run();
- return;
- }
-
- init_callbacks_.emplace_back(std::move(callback));
- if (initializing_) {
- return;
- }
- initializing_ = true;
-
- // PostTaskAndReplyWithResult can't be used here because
- // OSCryptAsync::GetInstance() is async.
- ui_task_runner_->PostTask(
- FROM_HERE,
- base::BindOnce(&InitOnUi,
- base::BindOnce(&CookieOSCryptoDelegate::OnOsCryptReady,
- weak_ptr_factory_.GetWeakPtr()),
- os_crypt_async_,
- base::SequencedTaskRunner::GetCurrentDefault()));
- os_crypt_async_ = nullptr;
+ std::move(callback).Run();
}
bool CookieOSCryptoDelegate::EncryptString(const std::string& plaintext,
std::string* ciphertext) {
- CHECK(encryptor_) << "EncryptString called before Init completed";
- return encryptor_->EncryptString(plaintext, ciphertext);
+ return OSCrypt::EncryptString(plaintext, ciphertext);
}
bool CookieOSCryptoDelegate::DecryptString(const std::string& ciphertext,
std::string* plaintext) {
- CHECK(encryptor_) << "DecryptString called before Init completed";
- return encryptor_->DecryptString(ciphertext, plaintext);
-}
-
-void CookieOSCryptoDelegate::OnOsCryptReady(
- os_crypt_async::Encryptor encryptor) {
- encryptor_ = std::move(encryptor);
- initializing_ = false;
- for (auto& callback : init_callbacks_) {
- std::move(callback).Run();
- }
- init_callbacks_.clear();
+ return OSCrypt::DecryptString(ciphertext, plaintext);
}
} // namespace
-std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner) {
- return std::make_unique<CookieOSCryptoDelegate>(os_crypt_async,
- ui_task_runner);
+std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate() {
+ return std::make_unique<CookieOSCryptoDelegate>();
}
#else // BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC) || BUILDFLAG(IS_LINUX) ||
// BUILDFLAG(IS_CHROMEOS)
-std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner) {
+std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate() {
return nullptr;
}
#endif // BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC) || BUILDFLAG(IS_LINUX) ||
diff --git a/components/cookie_config/cookie_store_util.h b/components/cookie_config/cookie_store_util.h
index 9d142e9f13fb0d30d5795c2a82f2cbc5274d381c..1e1b7ebc234d7e3f981e023fe49cd0b13ed62c6e 100644
--- a/components/cookie_config/cookie_store_util.h
+++ b/components/cookie_config/cookie_store_util.h
@@ -8,28 +8,17 @@
#include <memory>
#include "base/component_export.h"
-#include "base/memory/scoped_refptr.h"
-
-namespace base {
-class SequencedTaskRunner;
-}
namespace net {
class CookieCryptoDelegate;
} // namespace net
-namespace os_crypt_async {
-class OSCryptAsync;
-} // namespace os_crypt_async
-
namespace cookie_config {
// Factory method for returning a CookieCryptoDelegate if one is appropriate for
// this platform.
COMPONENT_EXPORT(COMPONENTS_COOKIE_CONFIG)
-std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate(
- os_crypt_async::OSCryptAsync* os_crypt_async,
- scoped_refptr<base::SequencedTaskRunner> ui_task_runner);
+std::unique_ptr<net::CookieCryptoDelegate> GetCookieCryptoDelegate();
} // namespace cookie_config
diff --git a/components/os_crypt/sync/BUILD.gn b/components/os_crypt/sync/BUILD.gn
index 64345078af6ebb76f5ca695ff7b87f8df1956e5f..4bb0fe1ef70133f2d7df516192d61b95d36ce4de 100644
--- a/components/os_crypt/sync/BUILD.gn
+++ b/components/os_crypt/sync/BUILD.gn
@@ -12,7 +12,13 @@ component("sync") {
visibility = [
"//electron:*",
"//chrome/browser",
+ "//chrome/browser/prefs:impl",
+ "//chrome/browser/ui",
+ "//chrome/browser/web_applications",
"//chrome/test:test_support",
+ "//components/autofill/content/browser",
+ "//components/cookie_config",
+ "//components/gcm_driver",
"//components/os_crypt/async/browser:dpapi_key_provider",
"//components/os_crypt/async/browser:freedesktop_secret_key_provider",
"//components/os_crypt/async/browser:keychain_key_provider",
@@ -22,17 +28,24 @@ component("sync") {
"//components/os_crypt/async/common:unit_tests",
"//components/os_crypt/sync:test_support",
"//components/os_crypt/sync:unit_tests",
+ "//components/password_manager/core/browser",
+ "//components/password_manager/core/browser:hash_password_manager",
+ "//components/password_manager/core/browser:unit_tests",
+ "//components/password_manager/core/browser/password_store:password_store_impl",
+ "//components/password_manager/core/browser/password_store:unit_tests",
"//components/signin/core/browser",
"//components/sync:unit_tests",
"//components/sync/nigori",
+ "//components/sync/service",
+ "//components/trusted_vault",
+ "//components/trusted_vault:unit_tests",
+ "//content/browser",
"//headless:headless_browser",
+ "//headless:headless_shell_lib",
"//ios/chrome/browser/web/model:web_internal",
"//services/network:network_service",
"//services/test/echo:lib",
]
- if (is_mac) {
- visibility += [ "//headless:headless_shell_lib" ]
- }
sources = [
"os_crypt.h",
diff --git a/headless/BUILD.gn b/headless/BUILD.gn
index 2cb8ad89be824bfa2022d79f9e6ba2a160e1508d..d8efdf1a2c576c74f8789f7bb8485e2a11d30d4c 100644
--- a/headless/BUILD.gn
+++ b/headless/BUILD.gn
@@ -401,7 +401,6 @@ source_set("headless_browser") {
"//components/optimization_guide/proto:optimization_guide_proto",
"//components/origin_trials:browser",
"//components/origin_trials:common",
- "//components/os_crypt/async/browser",
"//components/os_crypt/sync",
"//components/profile_metrics",
"//components/security_state/content",
diff --git a/headless/lib/browser/DEPS b/headless/lib/browser/DEPS
index 14de55a42b5cd21caad4d9c21b9f4573c77b436e..30c5598abf83f9fb6040fc5ebcfde72beb858a72 100644
--- a/headless/lib/browser/DEPS
+++ b/headless/lib/browser/DEPS
@@ -44,7 +44,6 @@ specific_include_rules = {
"headless_browser_impl.*": [
"+services/device/public/cpp/geolocation/system_geolocation_source_apple.h",
"+services/device/public/cpp/geolocation/geolocation_system_permission_manager.h",
- "+components/os_crypt/async",
"+components/password_manager/core/browser/password_manager_switches.h",
"+components/policy",
"+components/prefs",
@@ -53,9 +52,6 @@ specific_include_rules = {
"+components/metrics",
"+components/variations",
],
- "headless_request_context_manager.cc": [
- "+components/os_crypt/async/browser",
- ],
"headless_browser_impl_unittest.cc": [
"+third_party/blink/public/common/features.h",
],
diff --git a/headless/lib/browser/headless_browser_context_impl.cc b/headless/lib/browser/headless_browser_context_impl.cc
index f664e9994a3c38ef2aa30773f6ca4668451dd76c..ad83a721a8bf17225af7d2c5954ecdd82cf8e1dc 100644
--- a/headless/lib/browser/headless_browser_context_impl.cc
+++ b/headless/lib/browser/headless_browser_context_impl.cc
@@ -77,7 +77,7 @@ HeadlessBrowserContextImpl::HeadlessBrowserContextImpl(
? base::FilePath()
: path_;
request_context_manager_ = std::make_unique<HeadlessRequestContextManager>(
- context_options_.get(), user_data_path, browser->os_crypt_async());
+ context_options_.get(), user_data_path);
profile_metrics::SetBrowserProfileType(
this, IsOffTheRecord() ? profile_metrics::BrowserProfileType::kIncognito
: profile_metrics::BrowserProfileType::kRegular);
diff --git a/headless/lib/browser/headless_browser_impl.cc b/headless/lib/browser/headless_browser_impl.cc
index eb1a52ac99254bac3219f072e859ba68d11f8c59..80558c02a49b90a30c86ce32f61076aa35aab7b8 100644
--- a/headless/lib/browser/headless_browser_impl.cc
+++ b/headless/lib/browser/headless_browser_impl.cc
@@ -16,8 +16,6 @@
#include "base/task/single_thread_task_runner.h"
#include "build/config/linux/dbus/buildflags.h"
#include "components/embedder_support/user_agent_utils.h"
-#include "components/os_crypt/async/browser/os_crypt_async.h"
-#include "components/os_crypt/async/common/encryptor.h"
#include "components/version_info/version_info.h"
#include "content/public/browser/browser_task_traits.h"
#include "content/public/browser/browser_thread.h"
@@ -212,8 +210,7 @@ void HeadlessBrowserImpl::SetDefaultBrowserContext(
if (default_browser_context_ && !system_request_context_manager_) {
system_request_context_manager_ =
HeadlessRequestContextManager::CreateSystemContext(
- HeadlessBrowserContextImpl::From(browser_context)->options(),
- os_crypt_async());
+ HeadlessBrowserContextImpl::From(browser_context)->options());
}
}
@@ -269,8 +266,6 @@ bool HeadlessBrowserImpl::ShouldStartDevToolsServer() {
}
void HeadlessBrowserImpl::PreMainMessageLoopRun() {
- CreateOSCryptAsync();
-
platform_delegate_->Initialize(options_.value());
// We don't support the tethering domain on this agent host.
@@ -287,7 +282,6 @@ void HeadlessBrowserImpl::WillRunMainMessageLoop(base::RunLoop& run_loop) {
}
void HeadlessBrowserImpl::PostMainMessageLoopRun() {
- os_crypt_async_.reset();
#if defined(HEADLESS_USE_PREFS)
if (local_state_) {
local_state_->CommitPendingWrite();
diff --git a/headless/lib/browser/headless_browser_impl.h b/headless/lib/browser/headless_browser_impl.h
index 1d9ba1861de0065cb059710fab7b619c0df55216..69056c94a348566e2d080307c794e5dd28322dff 100644
--- a/headless/lib/browser/headless_browser_impl.h
+++ b/headless/lib/browser/headless_browser_impl.h
@@ -31,9 +31,11 @@ class PolicyService;
class PrefService;
#endif
-namespace os_crypt_async {
-class OSCryptAsync;
-}
+#if BUILDFLAG(IS_MAC)
+namespace device {
+class GeolocationSystemPermissionManager;
+} // namespace device
+#endif
namespace ui {
class Compositor;
@@ -99,10 +101,6 @@ class HEADLESS_EXPORT HeadlessBrowserImpl : public HeadlessBrowser {
int exit_code() const { return exit_code_; }
- os_crypt_async::OSCryptAsync* os_crypt_async() {
- return os_crypt_async_.get();
- }
-
#if defined(HEADLESS_USE_PREFS)
void CreatePrefService();
PrefService* GetPrefs();
@@ -121,8 +119,6 @@ class HEADLESS_EXPORT HeadlessBrowserImpl : public HeadlessBrowser {
int exit_code_ = 0;
- std::unique_ptr<os_crypt_async::OSCryptAsync> os_crypt_async_;
-
base::flat_map<std::string, std::unique_ptr<HeadlessBrowserContextImpl>>
browser_contexts_;
raw_ptr<HeadlessBrowserContext, AcrossTasksDanglingUntriaged>
diff --git a/headless/lib/browser/headless_request_context_manager.cc b/headless/lib/browser/headless_request_context_manager.cc
index 6c4ce0a6fa6624cace08bfdb2c62b12836a744fa..fe1a11f94a709400434fb41a5bdcdb8f4d47a959 100644
--- a/headless/lib/browser/headless_request_context_manager.cc
+++ b/headless/lib/browser/headless_request_context_manager.cc
@@ -11,7 +11,6 @@
#include "base/task/single_thread_task_runner.h"
#include "build/build_config.h"
#include "components/embedder_support/switches.h"
-#include "components/os_crypt/async/browser/os_crypt_async.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/network_service_instance.h"
#include "headless/lib/browser/headless_browser_context_options.h"
@@ -138,10 +137,9 @@ class HeadlessProxyConfigMonitor
// static
std::unique_ptr<HeadlessRequestContextManager>
HeadlessRequestContextManager::CreateSystemContext(
- const HeadlessBrowserContextOptions* options,
- os_crypt_async::OSCryptAsync* os_crypt_async) {
+ const HeadlessBrowserContextOptions* options) {
auto manager = std::make_unique<HeadlessRequestContextManager>(
- options, base::FilePath(), os_crypt_async);
+ options, base::FilePath());
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
auto auth_params = ::network::mojom::HttpAuthDynamicParams::New();
@@ -172,8 +170,7 @@ HeadlessRequestContextManager::CreateSystemContext(
HeadlessRequestContextManager::HeadlessRequestContextManager(
const HeadlessBrowserContextOptions* options,
- base::FilePath user_data_path,
- os_crypt_async::OSCryptAsync* os_crypt_async)
+ base::FilePath user_data_path)
:
// On Windows, Cookie encryption requires access to local_state prefs.
#if BUILDFLAG(IS_WIN) && !defined(HEADLESS_USE_PREFS)
@@ -183,7 +180,6 @@ HeadlessRequestContextManager::HeadlessRequestContextManager(
!base::CommandLine::ForCurrentProcess()->HasSwitch(
switches::kDisableCookieEncryption)),
#endif
- os_crypt_async_(os_crypt_async),
user_data_path_(std::move(user_data_path)),
disk_cache_dir_(options->disk_cache_dir()),
accept_language_(options->accept_language()),
@@ -192,10 +188,6 @@ HeadlessRequestContextManager::HeadlessRequestContextManager(
options->proxy_config()
? std::make_unique<net::ProxyConfig>(*options->proxy_config())
: nullptr) {
- if (cookie_encryption_enabled_) {
- cookie_encryption_provider_ =
- std::make_unique<CookieEncryptionProviderImpl>(os_crypt_async_.get());
- }
if (!proxy_config_) {
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
if (command_line->HasSwitch(switches::kNoSystemProxyConfigService)) {
@@ -240,10 +232,6 @@ void HeadlessRequestContextManager::ConfigureNetworkContextParamsInternal(
if (!user_data_path_.empty()) {
context_params->enable_encrypted_cookies = cookie_encryption_enabled_;
- if (cookie_encryption_enabled_) {
- context_params->cookie_encryption_provider =
- cookie_encryption_provider_->BindNewRemote();
- }
context_params->file_paths =
::network::mojom::NetworkContextFilePaths::New();
context_params->file_paths->data_directory =
diff --git a/headless/lib/browser/headless_request_context_manager.h b/headless/lib/browser/headless_request_context_manager.h
index 91d74eaadd9f4d451e809b38a2f999b298068820..e45427ce90f909e609688ab59f4581b185b6757e 100644
--- a/headless/lib/browser/headless_request_context_manager.h
+++ b/headless/lib/browser/headless_request_context_manager.h
@@ -13,13 +13,8 @@
#include "content/public/browser/browser_context.h"
#include "mojo/public/cpp/bindings/pending_remote.h"
#include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom-forward.h"
-#include "services/network/public/cpp/cookie_encryption_provider_impl.h"
#include "services/network/public/mojom/network_context.mojom.h"
-namespace os_crypt_async {
-class OSCryptAsync;
-}
-
namespace headless {
class HeadlessBrowserContextOptions;
@@ -28,12 +23,10 @@ class HeadlessProxyConfigMonitor;
class HeadlessRequestContextManager {
public:
static std::unique_ptr<HeadlessRequestContextManager> CreateSystemContext(
- const HeadlessBrowserContextOptions* options,
- os_crypt_async::OSCryptAsync* os_crypt_async);
+ const HeadlessBrowserContextOptions* options);
HeadlessRequestContextManager(const HeadlessBrowserContextOptions* options,
- base::FilePath user_data_path,
- os_crypt_async::OSCryptAsync* os_crypt_async);
+ base::FilePath user_data_path);
HeadlessRequestContextManager(const HeadlessRequestContextManager&) = delete;
HeadlessRequestContextManager& operator=(
@@ -56,15 +49,12 @@ class HeadlessRequestContextManager {
const bool cookie_encryption_enabled_;
- const raw_ptr<os_crypt_async::OSCryptAsync> os_crypt_async_;
-
base::FilePath user_data_path_;
base::FilePath disk_cache_dir_;
std::string accept_language_;
std::string user_agent_;
std::unique_ptr<net::ProxyConfig> proxy_config_;
std::unique_ptr<HeadlessProxyConfigMonitor> proxy_config_monitor_;
- std::unique_ptr<CookieEncryptionProviderImpl> cookie_encryption_provider_;
mojo::PendingRemote<::network::mojom::NetworkContext> system_context_;
};
diff --git a/services/network/network_context.cc b/services/network/network_context.cc
index b83e4c4c2eddb9fc276fffb77bb115e2721b1684..b884f242bbe4dfdc9d823a4afb6f95ad71742c71 100644
--- a/services/network/network_context.cc
+++ b/services/network/network_context.cc
@@ -3278,12 +3278,7 @@ NetworkContext::MakeSessionCleanupCookieStore() const {
crypto_delegate = std::make_unique<CookieOSCryptAsyncDelegate>(
std::move(params_->cookie_encryption_provider));
} else {
-#if !BUILDFLAG(IS_ANDROID)
- // A cookie crypto delegate should not be created on Android to
- // match the behavior of cookie_config::GetCookieCryptoDelegate().
- // See https://crbug.com/449652881
- NOTREACHED();
-#endif
+ crypto_delegate = cookie_config::GetCookieCryptoDelegate();
}
}
diff --git a/services/network/public/cpp/BUILD.gn b/services/network/public/cpp/BUILD.gn
index fe41eb9197024cf6a2d10171d113d2273eb3a082..207c19559c760d1224053833919e9c53cbeeae02 100644
--- a/services/network/public/cpp/BUILD.gn
+++ b/services/network/public/cpp/BUILD.gn
@@ -71,8 +71,6 @@ component("cpp") {
"content_decoding_interceptor.h",
"content_language_parser.cc",
"content_language_parser.h",
- "cookie_encryption_provider_impl.cc",
- "cookie_encryption_provider_impl.h",
"cors/cors.cc",
"cors/cors.h",
"cors/origin_access_list.cc",
@@ -195,8 +193,6 @@ component("cpp") {
deps = [
"//base",
"//components/link_header_util",
- "//components/os_crypt/async/browser",
- "//components/os_crypt/async/common",
"//components/prefs",
"//components/url_pattern",
"//ipc",
diff --git a/services/network/public/mojom/network_context.mojom b/services/network/public/mojom/network_context.mojom
index b843412396f17bc094fa5a5dcf4ab3a11ef7d00d..12263d516497009081ebb1f52ec245b0339f9923 100644
--- a/services/network/public/mojom/network_context.mojom
+++ b/services/network/public/mojom/network_context.mojom
@@ -576,9 +576,10 @@ struct NetworkContextParams {
bool acam_preflight_spec_conformant = true;
// Sets the cookie encryption provider to be used by this network context if
- // `enable_encrypted_cookies` is enabled.
- // The `GetEncryptor` method on the supplied `cookie_encryption_provider` is
- // called to obtain a valid set of keys for cookie encryption.
+ // `enable_encrypted_cookies` is also enabled.
+ // If both are set then the `GetEncryptor` method on the supplied
+ // `cookie_encryption_provider` is called to obtain a valid set of keys for
+ // cookie encryption.
pending_remote<CookieEncryptionProvider>? cookie_encryption_provider;
// Enables Device Bound Session Credential for this network context.
Reference in New Issue View Git Blame Copy Permalink