Mac: implement <keygen> support, including adding generated cert to the Keychain.

chrome/browser/renderer_host/resource_dispatcher_host.cc

Index: chrome/browser/renderer_host/resource_dispatcher_host.cc
diff --git a/chrome/browser/renderer_host/resource_dispatcher_host.cc b/chrome/browser/renderer_host/resource_dispatcher_host.cc
index 9a245c7d01e79e99537f0e632f7a58b55f1b6c6c..b57fb276028eeb10b909e2920f6e06bdae8d028e 100644
--- a/chrome/browser/renderer_host/resource_dispatcher_host.cc
+++ b/chrome/browser/renderer_host/resource_dispatcher_host.cc
@@ -47,6 +47,7 @@
 #include "chrome/browser/renderer_host/socket_stream_dispatcher_host.h"
 #include "chrome/browser/renderer_host/sync_resource_handler.h"
 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
+#include "chrome/browser/ssl/ssl_add_cert_handler.h"
 #include "chrome/browser/ssl/ssl_client_auth_handler.h"
 #include "chrome/browser/ssl/ssl_manager.h"
 #include "chrome/browser/worker_host/worker_service.h"
@@ -981,6 +982,13 @@ void ResourceDispatcherHost::OnSSLCertificateError(
   SSLManager::OnSSLCertificateError(this, request, cert_error, cert);
 }
 
+void ResourceDispatcherHost::OnClientCertificateGenerated(
+    URLRequest* request,
+    net::X509Certificate* cert) {
+  new SSLAddCertHandler(request, cert);
+  // The handler will run the UI and delete itself when it's finished.
+}
+
 void ResourceDispatcherHost::OnSetCookieBlocked(URLRequest* request) {
   RESOURCE_LOG("OnSetCookieBlocked: " << request->url().spec());