Adding <keygen> Content Setting (Final)

Disabling KEYGEN based on Content Setting.

BUG=514767

Review URL: https://codereview.chromium.org/1476873002

Cr-Commit-Position: refs/heads/master@{#369580}

9 files changed, 29 insertions, 11 deletions

diff --git a/content/browser/renderer_host/render_message_filter.cc b/content/browser/renderer_host/render_message_filter.cc
index 44114fd..cec7b8b 100644
--- a/content/browser/renderer_host/render_message_filter.cc
+++ b/content/browser/renderer_host/render_message_filter.cc
@@ -531,6 +531,7 @@ void RenderMessageFilter::OnCacheableMetadataAvailable(
 void RenderMessageFilter::OnKeygen(uint32_t key_size_index,
                                    const std::string& challenge_string,
                                    const GURL& url,
+                                   const GURL& top_origin,
                                    IPC::Message* reply_msg) {
   if (!resource_context_)
     return;
@@ -552,6 +553,13 @@ void RenderMessageFilter::OnKeygen(uint32_t key_size_index,
       return;
   }
 
+  if (!GetContentClient()->browser()->AllowKeygen(top_origin,
+                                                  resource_context_)) {
+    RenderProcessHostMsg_Keygen::WriteReplyParams(reply_msg, std::string());
+    Send(reply_msg);
+    return;
+  }
+
   resource_context_->CreateKeygenHandler(
       key_size_in_bits,
       challenge_string,
diff --git a/content/browser/renderer_host/render_message_filter.h b/content/browser/renderer_host/render_message_filter.h
index f8307a9..ce07dfe 100644
--- a/content/browser/renderer_host/render_message_filter.h
+++ b/content/browser/renderer_host/render_message_filter.h
@@ -195,6 +195,7 @@ class CONTENT_EXPORT RenderMessageFilter : public BrowserMessageFilter {
   void OnKeygen(uint32_t key_size_index,
                 const std::string& challenge_string,
                 const GURL& url,
+                const GURL& top_origin,
                 IPC::Message* reply_msg);
   void PostKeygenToWorkerThread(IPC::Message* reply_msg,
                                 scoped_ptr<net::KeygenHandler> keygen_handler);
diff --git a/content/child/blink_platform_impl.cc b/content/child/blink_platform_impl.cc
index 42f6052..3e65c04 100644
--- a/content/child/blink_platform_impl.cc
+++ b/content/child/blink_platform_impl.cc
@@ -1219,7 +1219,8 @@ bool BlinkPlatformImpl::databaseSetFileSize(
 blink::WebString BlinkPlatformImpl::signedPublicKeyAndChallengeString(
     unsigned key_size_index,
     const blink::WebString& challenge,
-    const blink::WebURL& url) {
+    const blink::WebURL& url,
+    const blink::WebURL& top_origin) {
   return blink::WebString("");
 }
 
diff --git a/content/child/blink_platform_impl.h b/content/child/blink_platform_impl.h
index 2adc28e..4ee76e1 100644
--- a/content/child/blink_platform_impl.h
+++ b/content/child/blink_platform_impl.h
@@ -79,7 +79,8 @@ class CONTENT_EXPORT BlinkPlatformImpl
   blink::WebString signedPublicKeyAndChallengeString(
       unsigned key_size_index,
       const blink::WebString& challenge,
-      const blink::WebURL& url) override;
+      const blink::WebURL& url,
+      const blink::WebURL& top_origin) override;
   size_t memoryUsageMB() override;
   size_t actualMemoryUsageMB() override;
   size_t physicalMemoryMB() override;
diff --git a/content/common/render_process_messages.h b/content/common/render_process_messages.h
index 5ff6255..e802f8e 100644
--- a/content/common/render_process_messages.h
+++ b/content/common/render_process_messages.h
@@ -40,10 +40,11 @@ IPC_STRUCT_TRAITS_END()
 // Asks the browser process to generate a keypair for grabbing a client
 // certificate from a CA (<keygen> tag), and returns the signed public
 // key and challenge string.
-IPC_SYNC_MESSAGE_CONTROL3_1(RenderProcessHostMsg_Keygen,
+IPC_SYNC_MESSAGE_CONTROL4_1(RenderProcessHostMsg_Keygen,
                             uint32_t /* key size index */,
                             std::string /* challenge string */,
                             GURL /* URL of requestor */,
+                            GURL /* Origin of top-level frame */,
                             std::string /* signed public key and challenge */)
 
 // Message sent from the renderer to the browser to request that the browser
diff --git a/content/renderer/renderer_blink_platform_impl.cc b/content/renderer/renderer_blink_platform_impl.cc
index b823677..c4d4fed 100644
--- a/content/renderer/renderer_blink_platform_impl.cc
+++ b/content/renderer/renderer_blink_platform_impl.cc
@@ -809,11 +809,12 @@ blink::WebPublicSuffixList* RendererBlinkPlatformImpl::publicSuffixList() {
 blink::WebString RendererBlinkPlatformImpl::signedPublicKeyAndChallengeString(
     unsigned key_size_index,
     const blink::WebString& challenge,
-    const blink::WebURL& url) {
+    const blink::WebURL& url,
+    const blink::WebURL& top_origin) {
   std::string signed_public_key;
   RenderThread::Get()->Send(new RenderProcessHostMsg_Keygen(
       static_cast<uint32_t>(key_size_index), challenge.utf8(), GURL(url),
-      &signed_public_key));
+      GURL(top_origin), &signed_public_key));
   return WebString::fromUTF8(signed_public_key);
 }
 
diff --git a/content/renderer/renderer_blink_platform_impl.h b/content/renderer/renderer_blink_platform_impl.h
index 72fda4f..8cdb93d 100644
--- a/content/renderer/renderer_blink_platform_impl.h
+++ b/content/renderer/renderer_blink_platform_impl.h
@@ -110,7 +110,8 @@ class CONTENT_EXPORT RendererBlinkPlatformImpl : public BlinkPlatformImpl {
   blink::WebString signedPublicKeyAndChallengeString(
       unsigned key_size_index,
       const blink::WebString& challenge,
-      const blink::WebURL& url) override;
+      const blink::WebURL& url,
+      const blink::WebURL& top_origin) override;
   void getPluginList(bool refresh,
                      blink::WebPluginListBuilder* builder) override;
   blink::WebPublicSuffixList* publicSuffixList() override;
diff --git a/third_party/WebKit/Source/core/html/HTMLKeygenElement.cpp b/third_party/WebKit/Source/core/html/HTMLKeygenElement.cpp
index 160e505..f4588d2 100644
--- a/third_party/WebKit/Source/core/html/HTMLKeygenElement.cpp
+++ b/third_party/WebKit/Source/core/html/HTMLKeygenElement.cpp
@@ -105,7 +105,10 @@ void HTMLKeygenElement::appendToFormData(FormData& formData)
     const AtomicString& keyType = fastGetAttribute(keytypeAttr);
     if (!keyType.isNull() && !equalIgnoringCase(keyType, "rsa"))
         return;
-    String value = Platform::current()->signedPublicKeyAndChallengeString(shadowSelect()->selectedIndex(), fastGetAttribute(challengeAttr), document().baseURL());
+    SecurityOrigin* topOrigin = document().frame()->tree().top()->securityContext()->securityOrigin();
+    String value = Platform::current()->signedPublicKeyAndChallengeString(
+        shadowSelect()->selectedIndex(), fastGetAttribute(challengeAttr), document().baseURL(),
+        KURL(KURL(), topOrigin->toString()));
     if (!value.isNull())
         formData.append(name(), value);
 }
diff --git a/third_party/WebKit/public/platform/Platform.h b/third_party/WebKit/public/platform/Platform.h
index 8f871af..718d8d8 100644
--- a/third_party/WebKit/public/platform/Platform.h
+++ b/third_party/WebKit/public/platform/Platform.h
@@ -251,10 +251,11 @@ public:
     // Returns a base64 encoded signed copy of a public key from a newly
     // generated key pair and the supplied challenge string. keySizeindex
     // specifies the strength of the key.
-    virtual WebString signedPublicKeyAndChallengeString(unsigned keySizeIndex,
-                                                        const WebString& challenge,
-                                                        const WebURL& url) { return WebString(); }
-
+    virtual WebString signedPublicKeyAndChallengeString(
+        unsigned keySizeIndex, const WebString& challenge, const WebURL& url, const WebURL& topOrigin)
+    {
+        return WebString();
+    }
 
     // Memory --------------------------------------------------------------