Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(365)

Issue 2033353002: Remove PeerConnectionIdentityStore and related messaging/storage code. (Closed)

Created:
4 years, 6 months ago by hbos_chromium
Modified:
4 years, 5 months ago
CC:
chasej+watch_chromium.org, chromium-reviews, creis+watch_chromium.org, darin-cc_chromium.org, devtools-reviews_chromium.org, feature-media-reviews_chromium.org, iclelland+watch_chromium.org, jam, jkarlin+watch_chromium.org, markusheintz_, mcasas+watch+vc_chromium.org, miu+watch_chromium.org, mkwst+moarreviews-renderer_chromium.org, mlamouri+watch-content_chromium.org, msramek+watch_chromium.org, nasko+codewatch_chromium.org, Peter Beverloo, pfeldman, posciak+watch_chromium.org, wjmaclean, battre
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Remove PeerConnectionIdentityStore and related messaging/storage code. Motivation and Background: This is the Chromium implementation of WebRTC's DtlsIdentityStoreInterface, which allows generating/requesting identities/certificates to be used for the DTLS handshake by a peer connection. Originally, RSA-1024 was the only ciphersuite used and this store was optimized for this by preemptively generating and caching. After certificate generation was parameterized[1], RSA-2048 support mandated by spec and ECDSA P-256 being the default certificate type[2], WebRTC crypto code[3] was updated to be parameterized. Due to the parameterization we wanted to move over to use the fully parameterized WebRTC crypto code and stop maintaining two crypto paths. But during the transition, when RSA-1024 was still the default, we wanted to take advantage of the performance benefits of the PeerConnectionIdentityStore. The compromise was an "if request to generate RSA-1024 use this code, else use WebRTC crypto code". After having switched the default to ECDSA, performance was no longer an issue and PeerConnectionIdentityStore was no longer used. (Note that applications insisting on using RSA-1024 (not recommended, weaker) by explicitly generating it with RTCPeerConnection.generateCertificate have the ability to reuse certificates with persistent storage in IndexedDB[4] for performance instead. For RSA-2048 this is what you'd have to do anyway, or generate every time.) After this change we will be able to remove DtlsIdentityStoreInterface in favor of rtc::RTCCertificateGeneratorInterface, rtc::RTCCertificateGenerator being the implementation used by default. Changes: - Remove PeerConnectionIdentityStore and classes specifically related to its functionality. Remove related unittests and update gypi files. - Update code to stop using WebRTCIdentityStore, WebRTCIdentityServiceHost and WebRTCIdentityService. - On startup, delete the SQL database files (after a 120s delay) for WebRTCIdentityStore if present. These files are no longer created or referenced, but a client upgrading might otherwise still have these files on disk since earlier versions of Chrome. [1] https://w3c.github.io/webrtc-pc/archives/20160125/webrtc.html#widl-RTCPeerConnection-generateCertificate-Promise-RTCCertificate--AlgorithmIdentifier-keygenAlgorithm [2] https://w3c.github.io/webrtc-pc/archives/20160125/webrtc.html#sec.cert-mgmt [3] By "WebRTC crypto code" I mean SSLIdentity::Generate and new API relying on it, rtc::RTCCertificateGenerator / rtc::RTCCertificate. [4] https://w3c.github.io/webrtc-pc/archives/20160125/webrtc.html#dictionary-rtcconfiguration-members BUG=webrtc:5708, webrtc:5707 Committed: https://crrev.com/faf3baf7db0e031ffaacfa5cf18e0626ab1ed284 Cr-Commit-Position: refs/heads/master@{#403448}

Patch Set 1 #

Total comments: 2

Patch Set 2 : Rebase with master #

Patch Set 3 : Removed webrtc_indetity from browser_protocol.json #

Patch Set 4 : Rebase with master #

Patch Set 5 : Delete WebRTCIdentityStore files on startup (browser_prefs.cc) #

Total comments: 2

Patch Set 6 : Delete WebRTCIdentityStore DB on File thread #

Total comments: 2

Patch Set 7 : Rebase with master #

Patch Set 8 : Make it compile on WIN too with FILE_PATH_LITERAL #

Patch Set 9 : Rebase with master again #

Patch Set 10 : Correction: Post to FILE thread (was accidentally posting to IO thread) #

Patch Set 11 : Delayed deletion by 120s #

Unified diffs Side-by-side diffs Delta from patch set Stats (+29 lines, -2834 lines) Patch
M chrome/browser/browsing_data/browsing_data_remover.cc View 1 2 3 4 5 6 2 chunks +0 lines, -8 lines 0 comments Download
M chrome/browser/prefs/browser_prefs.cc View 1 2 3 4 5 6 7 8 9 10 4 chunks +20 lines, -0 lines 0 comments Download
M content/browser/background_sync/background_sync_manager_unittest.cc View 1 2 3 4 5 6 7 8 1 chunk +1 line, -1 line 0 comments Download
M content/browser/background_sync/background_sync_service_impl_unittest.cc View 1 2 3 4 5 6 7 8 1 chunk +1 line, -1 line 0 comments Download
M content/browser/devtools/protocol/storage_handler.cc View 2 chunks +0 lines, -3 lines 0 comments Download
D content/browser/media/webrtc/webrtc_identity_store.h View 1 chunk +0 lines, -126 lines 0 comments Download
D content/browser/media/webrtc/webrtc_identity_store.cc View 1 chunk +0 lines, -325 lines 0 comments Download
D content/browser/media/webrtc/webrtc_identity_store_backend.h View 1 chunk +0 lines, -122 lines 0 comments Download
D content/browser/media/webrtc/webrtc_identity_store_backend.cc View 1 chunk +0 lines, -610 lines 0 comments Download
D content/browser/media/webrtc/webrtc_identity_store_unittest.cc View 1 chunk +0 lines, -396 lines 0 comments Download
D content/browser/renderer_host/media/webrtc_identity_service_host.h View 1 chunk +0 lines, -74 lines 0 comments Download
D content/browser/renderer_host/media/webrtc_identity_service_host.cc View 1 chunk +0 lines, -101 lines 0 comments Download
D content/browser/renderer_host/media/webrtc_identity_service_host_unittest.cc View 1 chunk +0 lines, -260 lines 0 comments Download
M content/browser/renderer_host/render_process_host_impl.cc View 1 2 3 4 5 6 7 8 2 chunks +0 lines, -4 lines 0 comments Download
M content/browser/storage_partition_impl.h View 1 2 3 4 5 6 7 8 4 chunks +0 lines, -5 lines 0 comments Download
M content/browser/storage_partition_impl.cc View 1 2 3 4 5 6 7 8 9 chunks +4 lines, -28 lines 0 comments Download
M content/common/content_message_generator.h View 1 2 3 1 chunk +0 lines, -1 line 0 comments Download
D content/common/media/webrtc_identity_messages.h View 1 chunk +0 lines, -41 lines 0 comments Download
M content/content_browser.gypi View 1 2 3 4 5 6 7 8 2 chunks +0 lines, -6 lines 0 comments Download
M content/content_common.gypi View 1 2 3 4 5 6 7 8 1 chunk +0 lines, -1 line 0 comments Download
M content/content_renderer.gypi View 1 2 3 4 5 6 2 chunks +0 lines, -4 lines 0 comments Download
M content/content_tests.gypi View 1 2 3 4 5 6 3 chunks +0 lines, -3 lines 0 comments Download
M content/public/browser/storage_partition.h View 1 2 3 1 chunk +3 lines, -4 lines 0 comments Download
D content/renderer/media/peer_connection_identity_store.h View 1 chunk +0 lines, -49 lines 0 comments Download
D content/renderer/media/peer_connection_identity_store.cc View 1 chunk +0 lines, -178 lines 0 comments Download
M content/renderer/media/rtc_certificate.cc View 1 chunk +0 lines, -1 line 0 comments Download
D content/renderer/media/webrtc_identity_service.h View 1 chunk +0 lines, -97 lines 0 comments Download
D content/renderer/media/webrtc_identity_service.cc View 1 chunk +0 lines, -145 lines 0 comments Download
D content/renderer/media/webrtc_identity_service_unittest.cc View 1 chunk +0 lines, -225 lines 0 comments Download
M content/renderer/render_thread_impl.h View 1 2 3 4 5 6 3 chunks +0 lines, -11 lines 0 comments Download
M content/renderer/render_thread_impl.cc View 1 2 3 4 5 6 7 8 2 chunks +0 lines, -3 lines 0 comments Download
M third_party/WebKit/Source/core/inspector/browser_protocol.json View 1 2 3 4 5 6 7 8 1 chunk +0 lines, -1 line 0 comments Download

Messages

Total messages: 35 (12 generated)
hbos_chromium
Please take a look jiayl, I'm removing a lot of code that you originally added. ...
4 years, 6 months ago (2016-06-03 09:33:09 UTC) #4
jiayl
lgtm
4 years, 6 months ago (2016-06-03 16:56:22 UTC) #5
hbos_chromium
Please take a look, y'all. Ownerships: chrome/browser/browsing_data/ mkwst content/browser/background_sync/ iclelland content/browser/devtools/protocol/ dgozman content/browser/media/webrtc/ tommi content/browser/renderer_host/media/ ...
4 years, 6 months ago (2016-06-04 11:10:39 UTC) #7
iclelland
On 2016/06/04 11:10:39, hbos_chromium wrote: > Please take a look, y'all. > > Ownerships: > ...
4 years, 6 months ago (2016-06-04 12:14:54 UTC) #8
dgozman
devtools lgtm with comment https://codereview.chromium.org/2033353002/diff/1/content/browser/devtools/protocol/storage_handler.cc File content/browser/devtools/protocol/storage_handler.cc (left): https://codereview.chromium.org/2033353002/diff/1/content/browser/devtools/protocol/storage_handler.cc#oldcode72 content/browser/devtools/protocol/storage_handler.cc:72: if (set.count(kWebRTCIdentity)) Could you please ...
4 years, 6 months ago (2016-06-04 14:24:54 UTC) #9
hbos_chromium
Please take a look, jochen, tommi and mkwst. https://codereview.chromium.org/2033353002/diff/1/content/browser/devtools/protocol/storage_handler.cc File content/browser/devtools/protocol/storage_handler.cc (left): https://codereview.chromium.org/2033353002/diff/1/content/browser/devtools/protocol/storage_handler.cc#oldcode72 content/browser/devtools/protocol/storage_handler.cc:72: if ...
4 years, 6 months ago (2016-06-05 11:40:51 UTC) #10
jochen (gone - plz use gerrit)
lgtm
4 years, 6 months ago (2016-06-06 15:02:00 UTC) #11
Mike West
IPC LGTM. I have some concerns about the browsing_data bits however. If we're removing the ...
4 years, 6 months ago (2016-06-09 14:01:31 UTC) #12
hbos_chromium
+battre for browser_prefs.cc and the privacy concern raised in #12. As discussed over email, the ...
4 years, 6 months ago (2016-06-21 13:54:16 UTC) #15
battre
I would like to delegate the privacy review to msramek@ as I won't find time ...
4 years, 6 months ago (2016-06-21 15:59:42 UTC) #17
msramek
On 2016/06/21 13:54:16, hbos_chromium wrote: > +battre for browser_prefs.cc and the privacy concern raised in ...
4 years, 6 months ago (2016-06-21 16:41:01 UTC) #18
hbos_chromium
On 2016/06/21 16:41:01, msramek wrote: > On 2016/06/21 13:54:16, hbos_chromium wrote: > > +battre for ...
4 years, 6 months ago (2016-06-22 10:13:15 UTC) #19
msramek
On 2016/06/22 10:13:15, hbos_chromium wrote: > On 2016/06/21 16:41:01, msramek wrote: > > On 2016/06/21 ...
4 years, 6 months ago (2016-06-22 10:46:11 UTC) #20
hbos_chromium
I seem to have forgotten about this CL for the past week. - battre, as ...
4 years, 5 months ago (2016-06-30 12:16:08 UTC) #21
battre
https://codereview.chromium.org/2033353002/diff/80001/chrome/browser/prefs/browser_prefs.cc File chrome/browser/prefs/browser_prefs.cc (right): https://codereview.chromium.org/2033353002/diff/80001/chrome/browser/prefs/browser_prefs.cc#newcode717 chrome/browser/prefs/browser_prefs.cc:717: false); I don't think that you can call base::DeleteFile ...
4 years, 5 months ago (2016-06-30 12:38:32 UTC) #22
hbos_chromium
PTAL battre. https://codereview.chromium.org/2033353002/diff/80001/chrome/browser/prefs/browser_prefs.cc File chrome/browser/prefs/browser_prefs.cc (right): https://codereview.chromium.org/2033353002/diff/80001/chrome/browser/prefs/browser_prefs.cc#newcode717 chrome/browser/prefs/browser_prefs.cc:717: false); On 2016/06/30 12:38:32, battre wrote: > ...
4 years, 5 months ago (2016-06-30 15:28:17 UTC) #23
battre
LGTM with one comment https://codereview.chromium.org/2033353002/diff/100001/chrome/browser/prefs/browser_prefs.cc File chrome/browser/prefs/browser_prefs.cc (right): https://codereview.chromium.org/2033353002/diff/100001/chrome/browser/prefs/browser_prefs.cc#newcode305 chrome/browser/prefs/browser_prefs.cc:305: content::BrowserThread::PostTask( I would suggest to ...
4 years, 5 months ago (2016-07-01 10:43:45 UTC) #24
hbos_chromium
PTAL tommi https://codereview.chromium.org/2033353002/diff/100001/chrome/browser/prefs/browser_prefs.cc File chrome/browser/prefs/browser_prefs.cc (right): https://codereview.chromium.org/2033353002/diff/100001/chrome/browser/prefs/browser_prefs.cc#newcode305 chrome/browser/prefs/browser_prefs.cc:305: content::BrowserThread::PostTask( On 2016/07/01 10:43:45, battre wrote: > ...
4 years, 5 months ago (2016-07-01 12:15:35 UTC) #25
tommi (sloooow) - chröme
lgtm
4 years, 5 months ago (2016-07-01 12:16:45 UTC) #26
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2033353002/200001
4 years, 5 months ago (2016-07-01 12:21:09 UTC) #29
commit-bot: I haz the power
Committed patchset #11 (id:200001)
4 years, 5 months ago (2016-07-01 13:43:36 UTC) #32
commit-bot: I haz the power
CQ bit was unchecked.
4 years, 5 months ago (2016-07-01 13:43:39 UTC) #33
commit-bot: I haz the power
4 years, 5 months ago (2016-07-01 13:45:08 UTC) #35
Message was sent while issue was closed.
Patchset 11 (id:??) landed as
https://crrev.com/faf3baf7db0e031ffaacfa5cf18e0626ab1ed284
Cr-Commit-Position: refs/heads/master@{#403448}

Powered by Google App Engine
This is Rietveld 408576698