Remove Android support for out-of-process KeyStores

Support for out-of-process KeyStores was added to Chrome for Android
builds to support certain OEM-specific functionality. It worked by binding
to a service that implemented the RemoteAndroidKeyStoreInterface, and
using that for private key operations, rather than the default in-process
KeyStore.

However, support for this functionality in Chrome is being retired;
device manufacturers wishing to offer this functionality to Chrome
users can simply fall back to the default KeyStore implementation.

As such, remove the code and service descriptors; only local,
in-process KeyStores will be supported.

BUG=560614

Review URL: https://codereview.chromium.org/1474603004

Cr-Commit-Position: refs/heads/master@{#362649}

4 files changed, 18 insertions, 37 deletions

diff --git a/android_webview/java/src/org/chromium/android_webview/AwBrowserContext.java b/android_webview/java/src/org/chromium/android_webview/AwBrowserContext.java
index 9925882..244dfed 100644
--- a/android_webview/java/src/org/chromium/android_webview/AwBrowserContext.java
+++ b/android_webview/java/src/org/chromium/android_webview/AwBrowserContext.java
@@ -8,7 +8,6 @@ import android.content.Context;
 import android.content.SharedPreferences;
 
 import org.chromium.content.browser.ContentViewStatics;
-import org.chromium.net.DefaultAndroidKeyStore;
 
 /**
  * Java side of the Browser Context: contains all the java side objects needed to host one
@@ -20,12 +19,11 @@ import org.chromium.net.DefaultAndroidKeyStore;
 public class AwBrowserContext {
     private static final String HTTP_AUTH_DATABASE_FILE = "http_auth.db";
 
-    private SharedPreferences mSharedPreferences;
+    private final SharedPreferences mSharedPreferences;
 
     private AwGeolocationPermissions mGeolocationPermissions;
     private AwFormDatabase mFormDatabase;
     private HttpAuthDatabase mHttpAuthDatabase;
-    private DefaultAndroidKeyStore mLocalKeyStore;
     private AwMessagePortService mMessagePortService;
 
     public AwBrowserContext(SharedPreferences sharedPreferences, Context applicationContext) {
@@ -53,13 +51,6 @@ public class AwBrowserContext {
         return mHttpAuthDatabase;
     }
 
-    public DefaultAndroidKeyStore getKeyStore() {
-        if (mLocalKeyStore == null) {
-            mLocalKeyStore = new DefaultAndroidKeyStore();
-        }
-        return mLocalKeyStore;
-    }
-
     public AwMessagePortService getMessagePortService() {
         if (mMessagePortService == null) {
             mMessagePortService = new AwMessagePortService();
diff --git a/android_webview/java/src/org/chromium/android_webview/AwContents.java b/android_webview/java/src/org/chromium/android_webview/AwContents.java
index fb2391a..ca80b7e 100644
--- a/android_webview/java/src/org/chromium/android_webview/AwContents.java
+++ b/android_webview/java/src/org/chromium/android_webview/AwContents.java
@@ -710,7 +710,7 @@ public class AwContents implements SmartClipProvider,
         mWebContentsDelegate = new AwWebContentsDelegateAdapter(
                 this, contentsClient, mContentViewClient, mContext, mContainerView);
         mContentsClientBridge = new AwContentsClientBridge(mContext, contentsClient,
-                mBrowserContext.getKeyStore(), AwContentsStatics.getClientCertLookupTable());
+                AwContentsStatics.getClientCertLookupTable());
         mZoomControls = new AwZoomControls(this);
         mBackgroundThreadClient = new BackgroundThreadClientImpl();
         mIoThreadClient = new IoThreadClientImpl();
diff --git a/android_webview/java/src/org/chromium/android_webview/AwContentsClientBridge.java b/android_webview/java/src/org/chromium/android_webview/AwContentsClientBridge.java
index c1b03a1..efca3d0 100644
--- a/android_webview/java/src/org/chromium/android_webview/AwContentsClientBridge.java
+++ b/android_webview/java/src/org/chromium/android_webview/AwContentsClientBridge.java
@@ -13,8 +13,6 @@ import android.webkit.ValueCallback;
 import org.chromium.base.ThreadUtils;
 import org.chromium.base.annotations.CalledByNative;
 import org.chromium.base.annotations.JNINamespace;
-import org.chromium.net.AndroidPrivateKey;
-import org.chromium.net.DefaultAndroidKeyStore;
 
 import java.security.Principal;
 import java.security.PrivateKey;
@@ -39,23 +37,18 @@ public class AwContentsClientBridge {
     // The native peer of this object.
     private long mNativeContentsClientBridge;
 
-    private DefaultAndroidKeyStore mLocalKeyStore;
-
-    private ClientCertLookupTable mLookupTable;
+    private final ClientCertLookupTable mLookupTable;
 
     // Used for mocking this class in tests.
-    protected AwContentsClientBridge(DefaultAndroidKeyStore keyStore,
-            ClientCertLookupTable table) {
-        mLocalKeyStore = keyStore;
+    protected AwContentsClientBridge(ClientCertLookupTable table) {
         mLookupTable = table;
     }
 
     public AwContentsClientBridge(Context context, AwContentsClient client,
-            DefaultAndroidKeyStore keyStore, ClientCertLookupTable table) {
+            ClientCertLookupTable table) {
         assert client != null;
         mContext = context;
         mClient = client;
-        mLocalKeyStore = keyStore;
         mLookupTable = table;
     }
 
@@ -67,9 +60,9 @@ public class AwContentsClientBridge {
      */
     public class ClientCertificateRequestCallback {
 
-        private int mId;
-        private String mHost;
-        private int mPort;
+        private final int mId;
+        private final String mHost;
+        private final int mPort;
         private boolean mIsCalled;
 
         public ClientCertificateRequestCallback(int id, String host, int port) {
@@ -109,9 +102,7 @@ public class AwContentsClientBridge {
         private void proceedOnUiThread(PrivateKey privateKey, X509Certificate[] chain) {
             checkIfCalled();
 
-            AndroidPrivateKey key = mLocalKeyStore.createKey(privateKey);
-
-            if (key == null || chain == null || chain.length == 0) {
+            if (privateKey == null || chain == null || chain.length == 0) {
                 Log.w(TAG, "Empty client certificate chain?");
                 provideResponse(null, null);
                 return;
@@ -127,8 +118,8 @@ public class AwContentsClientBridge {
                 provideResponse(null, null);
                 return;
             }
-            mLookupTable.allow(mHost, mPort, key, encodedChain);
-            provideResponse(key, encodedChain);
+            mLookupTable.allow(mHost, mPort, privateKey, encodedChain);
+            provideResponse(privateKey, encodedChain);
         }
 
         private void ignoreOnUiThread() {
@@ -149,10 +140,10 @@ public class AwContentsClientBridge {
             mIsCalled = true;
         }
 
-        private void provideResponse(AndroidPrivateKey androidKey, byte[][] certChain) {
+        private void provideResponse(PrivateKey privateKey, byte[][] certChain) {
             if (mNativeContentsClientBridge == 0) return;
             nativeProvideClientCertificateResponse(mNativeContentsClientBridge, mId,
-                    certChain, androidKey);
+                    certChain, privateKey);
         }
     }
 
@@ -275,7 +266,7 @@ public class AwContentsClientBridge {
     private native void nativeProceedSslError(long nativeAwContentsClientBridge, boolean proceed,
             int id);
     private native void nativeProvideClientCertificateResponse(long nativeAwContentsClientBridge,
-            int id, byte[][] certChain, AndroidPrivateKey androidKey);
+            int id, byte[][] certChain, PrivateKey androidKey);
 
     private native void nativeConfirmJsResult(long nativeAwContentsClientBridge, int id,
             String prompt);
diff --git a/android_webview/java/src/org/chromium/android_webview/ClientCertLookupTable.java b/android_webview/java/src/org/chromium/android_webview/ClientCertLookupTable.java
index 88e6ed1..388f19d 100644
--- a/android_webview/java/src/org/chromium/android_webview/ClientCertLookupTable.java
+++ b/android_webview/java/src/org/chromium/android_webview/ClientCertLookupTable.java
@@ -4,8 +4,7 @@
 
 package org.chromium.android_webview;
 
-import org.chromium.net.AndroidPrivateKey;
-
+import java.security.PrivateKey;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -22,9 +21,9 @@ public class ClientCertLookupTable {
      * A container for the certificate data.
      */
     public static class Cert {
-        AndroidPrivateKey mPrivateKey;
+        PrivateKey mPrivateKey;
         byte[][] mCertChain;
-        public Cert(AndroidPrivateKey privateKey, byte[][] certChain) {
+        public Cert(PrivateKey privateKey, byte[][] certChain) {
             this.mPrivateKey = privateKey;
             byte[][] newChain = new byte[certChain.length][];
             for (int i = 0; i < certChain.length; i++) {
@@ -48,7 +47,7 @@ public class ClientCertLookupTable {
         mDenieds = new HashSet<String>();
     }
 
-    public void allow(String host, int port, AndroidPrivateKey privateKey, byte[][] chain) {
+    public void allow(String host, int port, PrivateKey privateKey, byte[][] chain) {
         String host_and_port = hostAndPort(host, port);
         mCerts.put(host_and_port, new Cert(privateKey, chain));
         mDenieds.remove(host_and_port);