Encrypt all stored cookies on selected operating systems.

As part of the goal of protecting private user information, this encrypts the cookie values on operating systems with user-specific crypto APIs and that do not otherwise protect this data.

Performance tests indicate a penalty of about 1ms per cookie  (regardless of size) on a Mac and 0.1ms to 0.7ms (depending on the size) under Windows.  This will be higher on older hardware but still insignificant.

Encrypted data is binary (with an overhead of 128 bytes on Windows) and binary data must be stored in a BLOB so only one of two fields ("value" or "encrypted_value") will have data with the other being empty.  Both values, however, need to be read & written when accessing a cookie because they are marked "non null").

BUG=313323

Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=234855

Review URL: https://codereview.chromium.org/24734007

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240684 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 3 insertions, 1 deletions

diff --git a/android_webview/native/cookie_manager.cc b/android_webview/native/cookie_manager.cc
index 83565b4..a0f01f2 100644
--- a/android_webview/native/cookie_manager.cc
+++ b/android_webview/native/cookie_manager.cc
@@ -26,6 +26,7 @@
 #include "base/threading/thread_restrictions.h"
 #include "content/public/browser/browser_context.h"
 #include "content/public/browser/browser_thread.h"
+#include "content/public/browser/cookie_crypto_delegate.h"
 #include "content/public/browser/cookie_store_factory.h"
 #include "content/public/common/url_constants.h"
 #include "jni/AwCookieManager_jni.h"
@@ -190,7 +191,8 @@ void CookieManager::CreateCookieMonster(
     NULL,
     NULL,
     client_task_runner,
-    background_task_runner);
+    background_task_runner,
+    scoped_ptr<content::CookieCryptoDelegate>());
   cookie_monster_ = cookie_store->GetCookieMonster();
   cookie_monster_->SetPersistSessionCookies(true);
   SetAcceptFileSchemeCookiesLocked(kDefaultFileSchemeAllowed);