New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 10 users

Issue metadata

Status: Verified
Owner:
Closed: Dec 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Launch-OWP
Launch-Accessibility: ----
Launch-Exp-Leadership: ----
Launch-Leadership: ----
Launch-Legal: ----
Launch-M-Approved: ----
Launch-M-Target: ----
Launch-Privacy: ----
Launch-Security: ----
Launch-Test: ----
Launch-UI: ----
Team-Security-UX

Blocking:
issue 567876
issue 568184

Restricted
  • Only users with EditIssue permission may comment.


Show other hotlists

Hotlists containing this issue:
Hotlist-1


Sign in to add a comment
link

Issue 514767: Deprecate <keygen> and application/x-*-user-cert

Reported by rsleevi@chromium.org, Jul 28 2015 Project Member

Issue description

Change description:
Deprecate the <keygen> tag and special handling for application/x-x509-*-cert

Changes to API surface:
- Add deprecation notice to <keygen>
- Treat application/x-x509-*-cert as normal downloads, rather than special handling

Links:
Public standards discussion: https://blog.whatwg.org/this-week-in-html5-episode-35

Support in other browsers:
Internet Explorer: Not supported
Firefox: Not implemented as spec'd (custom extensions)
Safari: Supported

*Make sure to fill in any labels with a -?, including all OSes this change
affects. Feel free to leave other labels at the defaults.
 

Comment 1 by henry.st...@gmail.com, Sep 6 2015

A large discussion took place on blink-dev, with a number of points being put forward - many more than here.

https://groups.google.com/a/chromium.org/d/msg/blink-dev/pX5NbX0Xack/kmHsyMGJZAMJ

One of the security issues put forward on MD5 insecurity

> 4) <keygen> itself is problematically and incompatibly insecure - requiring the use of MD5 in a signing algorithm as part of the SPKAC generated. This can't easily be changed w/o breaking compatibility with UAs.

was shown to be due to a misunderstanding of how keygen actually works. The MD5 signature in the keyrequest is actually not used - it could just as well be generated by the server . A full explanation of how keygen actually works is https://github.com/whatwg/html/issues/102

Tim Berners Lee opened an Agenda item for discussion on the W3C Technical Architecture Group at the W3C where a larger higer level debate is taking place.

https://lists.w3.org/Archives/Public/www-tag/2015Sep/thread.html

Please wait until the debate has taken place before deprecating.

Comment 2 by rsleevi@chromium.org, Sep 7 2015

Labels: Restrict-AddIssueComment-EditIssue
Henry's summary about MD5 is incorrect. Not addressing it on this bug to avoid the repeated forking of discussion.

Comment 3 by rsleevi@chromium.org, Oct 29 2015

Cc: rsleevi@chromium.org
Labels: -M-47 M-48
Owner: svaldez@chromium.org
Updating owner to reflect who is doing this work.

Comment 4 by bugdroid1@chromium.org, Nov 16 2015

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee

commit 4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee
Author: svaldez <svaldez@chromium.org>
Date: Mon Nov 16 23:14:46 2015

Adding <keygen> Content Setting (core)

Adding the KEYGEN content setting type and core functionality.

---

The purpose of the content setting is to disable <keygen> usage by default, while allowing user and enterprise settings to selectively enable <keygen>. This is early UI gating prior to the deprecation of <keygen>.

From UX discussions, we'd like to use a Page Action presented on the form rendering in order to allow the user to change the key generation settings of the page. The content setting will then determine whether the OnKeygen call actually runs the crypto to generate and store the keys.

blink-dev Thread:
https://groups.google.com/a/chromium.org/d/msg/blink-dev/pX5NbX0Xack/kmHsyMGJZAMJ

---

BUG= 514767 

Review URL: https://codereview.chromium.org/1417173010

Cr-Commit-Position: refs/heads/master@{#359950}

[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/chrome/browser/chrome_content_browser_client.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/chrome/browser/chrome_content_browser_client.h
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/chrome/browser/content_settings/host_content_settings_map_unittest.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/chrome/browser/content_settings/tab_specific_content_settings.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/chrome/browser/content_settings/tab_specific_content_settings_unittest.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/components/content_settings/core/browser/content_settings_default_provider.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/components/content_settings/core/browser/content_settings_policy_provider.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/components/content_settings/core/browser/content_settings_registry.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/components/content_settings/core/common/content_settings.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/components/content_settings/core/common/content_settings_types.h
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/components/content_settings/core/common/pref_names.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/components/content_settings/core/common/pref_names.h
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/content/public/browser/content_browser_client.cc
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/content/public/browser/content_browser_client.h
[modify] http://crrev.com/4d3f6bf5aeed76f36cf5982718be9e8bc6cc33ee/tools/metrics/histograms/histograms.xml

Comment 5 by bugdroid1@chromium.org, Nov 23 2015

Project Member

Comment 6 by svaldez@chromium.org, Dec 2 2015

Attached screenshots of the potential keygen UI using Content Settings.
desktop.png
21.2 KB View Download
android.png
57.7 KB View Download

Comment 7 by svaldez@chromium.org, Dec 3 2015

Labels: -M-48 M-49

Comment 8 by egm@chromium.org, Dec 8 2015

Blocking: chromium:567876

Comment 9 by svaldez@chromium.org, Dec 9 2015

Blocking: chromium:568184

Comment 10 by bugdroid1@chromium.org, Jan 5 2016

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d5d97d05af70d8a8003769e22c46dbee17a3251c

commit d5d97d05af70d8a8003769e22c46dbee17a3251c
Author: svaldez <svaldez@chromium.org>
Date: Tue Jan 05 21:22:42 2016

Adding <keygen> Content Setting (Blink)

Adding the KEYGEN hooks into Blink to detect <keygen> usage.

BUG= 514767 

Review URL: https://codereview.chromium.org/1417033010

Cr-Commit-Position: refs/heads/master@{#367650}

[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/chrome/browser/content_settings/tab_specific_content_settings.cc
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/chrome/browser/content_settings/tab_specific_content_settings.h
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/chrome/renderer/content_settings_observer.cc
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/chrome/renderer/content_settings_observer.h
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/components/content_settings/content/common/content_settings_messages.h
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/third_party/WebKit/Source/core/html/HTMLKeygenElement.cpp
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/third_party/WebKit/Source/core/loader/FrameLoaderClient.h
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/third_party/WebKit/Source/web/FrameLoaderClientImpl.cpp
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/third_party/WebKit/Source/web/FrameLoaderClientImpl.h
[modify] http://crrev.com/d5d97d05af70d8a8003769e22c46dbee17a3251c/third_party/WebKit/public/web/WebContentSettingsClient.h

Comment 11 by davidben@chromium.org, Jan 12 2016

 Issue 414048  has been merged into this issue.

Comment 12 by bugdroid1@chromium.org, Jan 12 2016

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/3004135bd9660dd87d673a374def42e9bbec341a

commit 3004135bd9660dd87d673a374def42e9bbec341a
Author: svaldez <svaldez@chromium.org>
Date: Tue Jan 12 01:07:29 2016

- Removing x-x509-user-cert mime-type handling for non-Android systems.

BUG= 514767 

Review URL: https://codereview.chromium.org/1423663012

Cr-Commit-Position: refs/heads/master@{#368746}

[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/chrome/browser/download/chrome_download_manager_delegate.cc
[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/chrome/browser/download/download_target_determiner.cc
[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/chrome/browser/download/download_target_determiner_unittest.cc
[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/components/mime_util/mime_util.cc
[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/components/mime_util/mime_util.h
[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/components/mime_util/mime_util_unittest.cc
[delete] http://crrev.com/1ca070f9a787243a9659c24acb735c4f175dd077/content/browser/loader/certificate_resource_handler.cc
[delete] http://crrev.com/1ca070f9a787243a9659c24acb735c4f175dd077/content/browser/loader/certificate_resource_handler.h
[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/content/browser/loader/mime_type_resource_handler.cc
[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/content/content_browser.gypi
[modify] http://crrev.com/3004135bd9660dd87d673a374def42e9bbec341a/tools/metrics/histograms/histograms.xml

Comment 13 by palmer@chromium.org, Jan 12 2016

Cc: f...@chromium.org
Labels: Cr-Security-UX Cr-Security

Comment 14 by svaldez@chromium.org, Jan 12 2016

To update this bug as well, the UI now looks like the attached. (Modulo the Android icon being changed to the code icon)
android.png
57.7 KB View Download
desktop.png
24.8 KB View Download

Comment 15 by bugdroid1@chromium.org, Jan 14 2016

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/18120959576e11ad4dec9edd2c3539ed0bba7cc7

commit 18120959576e11ad4dec9edd2c3539ed0bba7cc7
Author: svaldez <svaldez@chromium.org>
Date: Thu Jan 14 21:12:49 2016

Adding <keygen> Content Setting (UI)

Adding the KEYGEN content setting non-Android UI.

BUG= 514767 

Review URL: https://codereview.chromium.org/1412523003

Cr-Commit-Position: refs/heads/master@{#369542}

[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/app/generated_resources.grd
[add] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/app/theme/default_100_percent/common/allowed_keygen.png
[add] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/app/theme/default_100_percent/common/blocked_keygen.png
[add] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/app/theme/default_200_percent/common/allowed_keygen.png
[add] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/app/theme/default_200_percent/common/blocked_keygen.png
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/app/theme/theme_resources.grd
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/browser/resources/options/content_settings.html
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/browser/resources/options/content_settings.js
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/browser/resources/options/content_settings_exceptions_area.html
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/browser/ui/website_settings/website_settings.cc
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/browser/ui/website_settings/website_settings_ui.cc
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/chrome/browser/ui/webui/options/content_settings_handler.cc
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/components/content_settings/core/browser/host_content_settings_map.cc
[modify] http://crrev.com/18120959576e11ad4dec9edd2c3539ed0bba7cc7/tools/metrics/actions/actions.xml

Comment 16 by bugdroid1@chromium.org, Jan 14 2016

Project Member

Comment 18 by bugdroid1@chromium.org, Jan 20 2016

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/34a7682cd49f8fdfb6a0f715a6118076f9ad8224

commit 34a7682cd49f8fdfb6a0f715a6118076f9ad8224
Author: svaldez <svaldez@chromium.org>
Date: Wed Jan 20 16:47:52 2016

Adding <keygen> Content Setting (Android UI)

This adds Android UI to allow the user to change the Content Setting to block/allow keygen usage on a per-site basis.

To trigger the exception, we also create a Content Exception on any site that uses a <keygen> element.

BUG= 514767 

Review URL: https://codereview.chromium.org/1432573002

Cr-Commit-Position: refs/heads/master@{#370416}

[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/java/res/xml/single_website_preferences.xml
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/java/src/org/chromium/chrome/browser/pageinfo/WebsiteSettingsPopup.java
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/ContentSettingsResources.java
[add] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/KeygenInfo.java
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/SingleWebsitePreferences.java
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/Website.java
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/WebsitePermissionsFetcher.java
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/WebsitePreferenceBridge.java
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/android/javatests/src/org/chromium/chrome/browser/preferences/website/SiteSettingsPreferencesTest.java
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/browser/android/preferences/website_preference_bridge.cc
[modify] http://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224/chrome/browser/ui/android/website_settings_popup_android.cc

Comment 19 by svaldez@chromium.org, Jan 20 2016

After far too long debugging the testing on Android, I believe everything has been committed to trunk for this phase of the deprecation.

Once the following have hit canary, I'll ask for a merge into 49:
https://crrev.com/b4ac7fc14dfc0e46607defb902cad59623cef55b (370343) - Policy Bits
https://crrev.com/34a7682cd49f8fdfb6a0f715a6118076f9ad8224 (370416) - Android UI

Comment 20 by svaldez@chromium.org, Jan 25 2016

Labels: Merge-Request-49
If I'm reading the releases right, I believe both these changes have passed through a Dev release.

Merge Reasons:
Policy Bits (370343) - Enterprise requires the ability to set site-wide policies for key generation.
Android UI (370416) - This is the mechanical bits of the UI (the resources/strings are already in 49 from pre-branch) and brings the Android UI in line with the Desktop UI.

Comment 21 by tin...@google.com, Jan 25 2016

Labels: -Merge-Request-49 Merge-Approved-49 Hotlist-Merge-Approved
Your change meets the bar and is auto-approved for M49 (branch: 2623)

Comment 23 by bugdroid1@chromium.org, Jan 25 2016

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/797002194be4592ededdc0e3c627a1b6eee70326

commit 797002194be4592ededdc0e3c627a1b6eee70326
Author: David Benjamin <davidben@chromium.org>
Date: Mon Jan 25 18:31:38 2016

Adding <keygen> Content Setting (Android UI)

This adds Android UI to allow the user to change the Content Setting to block/allow keygen usage on a per-site basis.

To trigger the exception, we also create a Content Exception on any site that uses a <keygen> element.

BUG= 514767 

Review URL: https://codereview.chromium.org/1432573002

Cr-Commit-Position: refs/heads/master@{#370416}
(cherry picked from commit 34a7682cd49f8fdfb6a0f715a6118076f9ad8224)

Review URL: https://codereview.chromium.org/1636593002 .

Cr-Commit-Position: refs/branch-heads/2623@{#120}
Cr-Branched-From: 92d77538a86529ca35f9220bd3cd512cbea1f086-refs/heads/master@{#369907}

[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/java/res/xml/single_website_preferences.xml
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/java/src/org/chromium/chrome/browser/pageinfo/WebsiteSettingsPopup.java
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/ContentSettingsResources.java
[add] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/KeygenInfo.java
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/SingleWebsitePreferences.java
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/Website.java
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/WebsitePermissionsFetcher.java
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/java/src/org/chromium/chrome/browser/preferences/website/WebsitePreferenceBridge.java
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/android/javatests/src/org/chromium/chrome/browser/preferences/website/SiteSettingsPreferencesTest.java
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/browser/android/preferences/website_preference_bridge.cc
[modify] http://crrev.com/797002194be4592ededdc0e3c627a1b6eee70326/chrome/browser/ui/android/website_settings_popup_android.cc

Comment 24 by bugdroid1@chromium.org, Jan 25 2016

Project Member
The following revision refers to this bug:
  https://chrome-internal.googlesource.com/bling/chromium.git/+/9f9a12367ace897fbbda7afe826f6a4a178bbca2

commit 9f9a12367ace897fbbda7afe826f6a4a178bbca2
Author: David Benjamin <davidben@chromium.org>
Date: Mon Jan 25 18:25:25 2016

Comment 25 by bugdroid1@chromium.org, Jan 25 2016

Project Member
The following revision refers to this bug:
  https://chrome-internal.googlesource.com/bling/chromium.git/+/797002194be4592ededdc0e3c627a1b6eee70326

commit 797002194be4592ededdc0e3c627a1b6eee70326
Author: David Benjamin <davidben@chromium.org>
Date: Mon Jan 25 18:31:38 2016

Comment 26 by scunning...@chromium.org, Jan 28 2016

Unittests and javatests appear to provide good coverage. Should you also consider adding an integration test, such as a browsertest?

Comment 27 by tnagel@chromium.org, Feb 1 2016

Cc: tnagel@chromium.org
Steven, is there a specific reason that the policy was implemented as an int instead of a boolean?

Comment 28 by svaldez@chromium.org, Feb 1 2016

I was following how the other content settings policies were implemented, DefaultJavaScriptSettings/DefaultPopupsSetting/etc which all are implemented as integers in both the policy files, and the backend handlers.

Comment 29 by tnagel@chromium.org, Feb 5 2016

Thank you, sgtm.  (I have not enough history with Chrome to know why the content settings policies look the way they do today...)

Comment 30 by sheriffbot@chromium.org, Apr 21 2016

Project Member
For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 31 by bugdroid1@chromium.org, Jun 30 2016

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/00eeb94e3e4c9c6bb78c322b9e3ba49f396af3a3

commit 00eeb94e3e4c9c6bb78c322b9e3ba49f396af3a3
Author: mmenke <mmenke@chromium.org>
Date: Thu Jun 30 00:20:52 2016

Remove declaration of GetCertificateMimeTypeForMimeType.

Looks like the function definition was actually removed in
https://codereview.chromium.org/1423663012.

BUG= 514767 

Review-Url: https://codereview.chromium.org/2105553009
Cr-Commit-Position: refs/heads/master@{#403018}

[modify] https://crrev.com/00eeb94e3e4c9c6bb78c322b9e3ba49f396af3a3/components/mime_util/mime_util.cc
[modify] https://crrev.com/00eeb94e3e4c9c6bb78c322b9e3ba49f396af3a3/components/mime_util/mime_util.h

Comment 32 by bugdroid1@chromium.org, Oct 12 2016

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1778469523cb7726e71898f2bd1362ff49eb973d

commit 1778469523cb7726e71898f2bd1362ff49eb973d
Author: rsleevi <rsleevi@chromium.org>
Date: Wed Oct 12 01:36:20 2016

Cleanup unreachable cert adding code

The ability to use Chrome to import certs directly into the OS was
removed in M49. This cleans up the related code, which is now
unreachable.

Most notably, this removes OnCertAdded/OnCertRemoved from the
CertDatabase, which were intended to relate to direct user additions
of certs, and instead folds the notifications (which only exist
for ChromeOS/Linux when using chrome://certificates) into a generic
OnCertDBChanged, which better reflects the cross-platform knowledge
we have available.

BUG= 514767 

Review-Url: https://codereview.chromium.org/2363653002
Cr-Commit-Position: refs/heads/master@{#424638}

[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/android_webview/browser/aw_content_browser_client.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/android_webview/browser/aw_content_browser_client.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/chrome/app/generated_resources.grd
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/chrome/browser/BUILD.gn
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/chrome/browser/chrome_content_browser_client.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/chrome/browser/chrome_content_browser_client.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/chrome/browser/chromeos/platform_keys/platform_keys_nss.cc
[delete] https://crrev.com/5e8b08e1e1d33dbf7b2fcb4447499c30eea863b6/chrome/browser/ssl/ssl_add_certificate.cc
[delete] https://crrev.com/5e8b08e1e1d33dbf7b2fcb4447499c30eea863b6/chrome/browser/ssl/ssl_add_certificate.h
[delete] https://crrev.com/5e8b08e1e1d33dbf7b2fcb4447499c30eea863b6/chrome/browser/ssl/ssl_add_certificate_android.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/chromeos/cert_loader.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/chromeos/cert_loader.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/chromeos/cert_loader_unittest.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/components/infobars/core/infobar_delegate.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/content/public/browser/content_browser_client.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/android/BUILD.gn
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/android/network_library.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/android/network_library.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/base/mime_util.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/caching_cert_verifier.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/caching_cert_verifier.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/cert_database.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/cert_database.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/cert_database_android.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/cert_database_ios.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/cert_database_mac.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/cert_database_nss.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/cert_database_openssl.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/cert_database_win.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/nss_cert_database.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/nss_cert_database.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/cert/nss_cert_database_chromeos_unittest.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/quic/chromium/quic_stream_factory.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/quic/chromium/quic_stream_factory.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/quic/chromium/quic_stream_factory_test.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/socket/client_socket_factory.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/socket/client_socket_pool_manager_impl.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/socket/client_socket_pool_manager_impl.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/spdy/spdy_session_pool.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/spdy/spdy_session_pool.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/ssl/ssl_client_auth_cache.cc
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/ssl/ssl_client_auth_cache.h
[modify] https://crrev.com/1778469523cb7726e71898f2bd1362ff49eb973d/net/ssl/ssl_client_auth_cache_unittest.cc

Comment 33 by lgar...@chromium.org, Nov 22 2016

Components: -Security>UX Internals>Permissions>Model

Comment 34 by lgar...@chromium.org, Nov 22 2016

Components: -Security>UX Internals>Permissions>Model

Comment 35 by rsleevi@chromium.org, Dec 12 2016

Status: Verified (was: Assigned)

Sign in to add a comment