)]}'
{
  "log": [
    {
      "commit": "66c39900e29ee8f064281de0a0f92f1f5b7fd550",
      "tree": "c868e35cbb2a9b4b1509cbf483fc9f5cc7e5e5b7",
      "parents": [
        "3ff201ecc00e1f6986f28e93e607ddef84daa520"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Fri Jul 10 00:22:43 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri Jul 10 00:24:40 2026"
      },
      "message": "crypto: remove old hkdf API\n\nThe new crypto/kdf API is now used everywhere. Yay!\n\nFixed: 430616377\nChange-Id: I5c6b18956a60b536d6cd56de2c367634558ab8ee\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/8072603\nCommit-Queue: Matt Mueller \u003cmattm@chromium.org\u003e\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nAuto-Submit: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1659977}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 106605673039022ceeb73cd4aab05f80f2676229\n"
    },
    {
      "commit": "3ff201ecc00e1f6986f28e93e607ddef84daa520",
      "tree": "c138bd085885b6c65b5db20abdd43e0d916c5bac",
      "parents": [
        "2a223957ba837e189463714269483ad452c5fcbc"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Wed Jul 08 05:25:28 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jul 08 05:27:07 2026"
      },
      "message": "[crypto] Replace UNSAFE_TODO with span in unexportable keys\n\nRefactor `crypto/unexportable_key_win.cc` to use `base::span` instead of\nraw pointer arithmetic and `UNSAFE_TODO` macros. This improves memory\nsafety when parsing exported keys and signatures.\n\nSpecifically, this change:\n\n- Replaces `memcpy` and pointer arithmetic with `split_at`, `copy_from`,\n  and `reinterpret_span` when processing `BCRYPT_ECCKEY_BLOB` and\n  `BCRYPT_RSAKEY_BLOB`.\n- Uses `base::ClampedNumeric` for size calculations instead of nested\n  `base::CheckAdd`.\n- Delegates DER encoding and SubjectPublicKeyInfo generation to\n  utilities in `keypair::PublicKey` and\n  `ConvertEcdsaRawComponentsToDer`, removing direct dependencies on\n  BoringSSL `BIGNUM` and `CBB`.\n\nChange-Id: I5d5c7f50cd101a1de4dbee333409f63f6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/8052649\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1658498}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 3349196127d46f376da5644ec87ae6d6b9198670\n"
    },
    {
      "commit": "2a223957ba837e189463714269483ad452c5fcbc",
      "tree": "7a2d9da23268b32dea141d8dc834201e9f276407",
      "parents": [
        "1ac6e2d59ed278bdf3fb50c5d9cb215a78f9fec1"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Tue Jul 07 18:51:27 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jul 07 18:54:31 2026"
      },
      "message": "[crypto] Force SHA-256 for Windows TPM RSA keys\n\nTPM 2.0 RSA keys created on Windows via the Platform Crypto Provider\ndefault to using SHA-1 for signing if left unconfigured. This change\nexplicitly restricts these keys to SHA-256 by setting the\nNCRYPT_PCP_RSA_SCHEME_HASH_ALG_PROPERTY property during key creation.\n\nAdditionally, this change refactors the Windows unexportable key code by\nintroducing a SecurityStatusOr template alias and a SetNCryptProperty\nhelper function. Multiple functions are updated to use these helpers\nalong with ASSIGN_OR_RETURN and RETURN_IF_ERROR macros to streamline\nerror handling and improve readability.\n\nChange-Id: Ic3ec1c65ce7cf6ee3efb76f3ed6a91386a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/8053224\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1658164}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 32ec006ee9e002565dcce5e57d23f1e8aabfa827\n"
    },
    {
      "commit": "1ac6e2d59ed278bdf3fb50c5d9cb215a78f9fec1",
      "tree": "f0fa7c9acd994685d9212b70c71e2c43f563ed75",
      "parents": [
        "67c4a46d8fa00e52e25618b845d482df6c9abe72"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Jul 06 19:34:55 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Jul 06 19:36:21 2026"
      },
      "message": "[crypto] Re-enable Windows RSA unexportable key tests\n\nVerified that the entire stack compiles and passes on Win11 Tests x64\nbot.\n\n* UTR Results:\nhttps://ci.chromium.org/ui/inv/u-jdoerrie-2026-07-06-08-32-00-bf88c138ea6d1411\n* Swarming Task:\nhttps://chromium-swarm.appspot.com/task?id\u003d794f60f50bab1010\n\nBug: 529304622\nChange-Id: Ic0a66e849b48da72c1c3a409c846e4386a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/8044068\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1657387}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 0e888fbd961251ec6a7a439e55cab5a94d52edff\n"
    },
    {
      "commit": "67c4a46d8fa00e52e25618b845d482df6c9abe72",
      "tree": "9c2c1f93bd83ec1838323a7bdb08236b2b2f0c1a",
      "parents": [
        "88f778c246fc3189bd39ecb4700cc78e6c806c3e"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Jul 06 19:32:54 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Jul 06 19:34:54 2026"
      },
      "message": "[crypto] Merge UnexportableKey into UnexportableSigningKey\n\nSimplify the unexportable key class hierarchy by removing the redundant\ncrypto::UnexportableKey class and merging its interface into\ncrypto::UnexportableSigningKey.\n\nThis change is part of the effort to close Device Bound Session\nCredentials (DBSC) Single Sign-On (SSO) gaps on Windows and macOS, which\nrequires hardware-backed attestation keys to perform signing operations\n(specifically signing the header and payload combination to generate\nsession registration JWTs). To enable this,\ncrypto::UnexportableAttestationKey now inherits directly from\ncrypto::UnexportableSigningKey, exposing the SignSlowly() signing\ninterface on attestation keys.\n\nUpdate all references across components/unexportable_keys, crypto/apple,\nand crypto/win. Mock and software-backed unsecure key implementations\nare also adjusted to match the new inheritance structure. On Windows,\nAttestationKeyWin implements SignSlowly() and SupportsTls13() using\nNOTIMPLEMENTED() stubs.\n\nBug: 530828835\nChange-Id: I0f213240d570ab1675a94851cbb5e2e86a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/8035003\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1657384}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: d6efd373d20bbb8611dde1f00baa5713451c8534\n"
    },
    {
      "commit": "88f778c246fc3189bd39ecb4700cc78e6c806c3e",
      "tree": "51f0b3c4a89cae90298fc7e815173968bb5c0e06",
      "parents": [
        "b39f53b84ad63aafd8ddd63be3c1dd43eb90add0"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Fri Jul 03 13:57:14 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri Jul 03 18:46:28 2026"
      },
      "message": "[dbsc] Implement hardware-backed attestation keys on macOS\n\nProvide macOS support for hardware-backed attestation keys using the\nSecure Enclave to enable certification that a device-bound session\ncredential (DBSC) signing key resides in the same physical hardware.\n\nTo minimize code duplication, refactor the existing Secure Enclave\nsigning key implementation:\n\n- Extract common key properties and initialization into a templated base\n  class `AppleKeyImpl`.\n- Consolidate key generation and wrapped key restoration into templated\n  helper functions `GenerateKeySlowlyImpl` and\n  `FromWrappedKeySlowlyImpl`.\n\nUse these helper functions to introduce the concrete class\n`UnexportableAttestationKeyApple`. It implements `CertifySlowly` by\nsigning a statement that combines a challenge and the SHA-256 hash of\nthe target signing key\u0027s Subject Public Key Info (SPKI).\n\nAdditionally, update `UnexportableKeyProviderApple` to expose the new\nattestation key generation and recovery methods, and document the new\ncustom Secure Enclave format in the `AttestationStatement` structure.\n\nBug: 501307389\nChange-Id: I8a01c3f09587b49000ab14ab2ffc28256a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/8025259\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1656546}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: a5c8d23819b83b8916cd711ab6e0b1a8ccb3c0b1\n"
    },
    {
      "commit": "b39f53b84ad63aafd8ddd63be3c1dd43eb90add0",
      "tree": "03cc0cba633f52edcaa016fe32f670723df075ec",
      "parents": [
        "2cfd02fba09187ecc6fbc47c482ac762aa5d8282"
      ],
      "author": {
        "name": "Justin Lulejian",
        "email": "jlulejian@chromium.org",
        "time": "Mon Jun 29 16:37:33 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Jun 29 16:40:00 2026"
      },
      "message": "[Gardener] Disable Windoes RSA_PKCS1_SHA256 UnexportableKey tests\n\nThe RSA_PKCS1_SHA256 test cases in UnexportableKeyTest are currently\nfailing on Windows CI builders because RSA key generation is not\nsupported by the underlying hardware/TPM. Disable the failing parameter\nonly on Windows using BUILDFLAG(IS_WIN) and add a TODO to fix it.\n\nTAG\u003dagy\nCONV\u003db3eb2b72-de2a-4809-9408-e06b6d838d2c\n\nBug: 529304622\nChange-Id: I7a477d4a33902265060b1f383d8bdf359d3188c1\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/8020723\nAuto-Submit: Justin Lulejian \u003cjlulejian@chromium.org\u003e\nCommit-Queue: Justin Lulejian \u003cjlulejian@chromium.org\u003e\nReviewed-by: Sayed Elabady \u003celabadysayed@chromium.org\u003e\nOwners-Override: Justin Lulejian \u003cjlulejian@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1654141}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 925d12ee3917d38b3139a7a2c38fc2ed91a85f46\n"
    },
    {
      "commit": "2cfd02fba09187ecc6fbc47c482ac762aa5d8282",
      "tree": "07bb923ffef85b913102e13c085e2529b3129007",
      "parents": [
        "d152490835cc8d069326257b858d884e9fad6af7"
      ],
      "author": {
        "name": "Will Taylor",
        "email": "willjt@google.com",
        "time": "Fri Jun 26 00:51:37 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri Jun 26 00:53:19 2026"
      },
      "message": "Migrate from base::SHA1HashString to crypto::obsolete::hash::Sha1.\n\nReplace usages of base::SHA1HashString with crypto::obsolete::hash::Sha1\nfor SHA1 hashing in FileSystemAccessFileHandleImpl and its unit tests.\nFunctionality is the same, except that we are able to track current sha1\nusage as sha1 is deprecated and discouraged for new code.\n\nBug: 430344933\nChange-Id: I7e4005b56ee1df041cb83c17405567bf160a9c19\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7987714\nCommit-Queue: Will Taylor \u003cwilljt@google.com\u003e\nReviewed-by: Rahul Singh \u003crahsin@microsoft.com\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1652840}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 85dc499e417d5a5363277ea369246d5eba8ab0f8\n"
    },
    {
      "commit": "d152490835cc8d069326257b858d884e9fad6af7",
      "tree": "102339babc3a3783edcd1c9a0b1582d8d9d1caed",
      "parents": [
        "2424d2145f8ded96b681663600d798673c65718f"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Thu Jun 25 09:04:00 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jun 25 09:05:56 2026"
      },
      "message": "[crypto] Restrict keychain queries on macOS\n\nEnsure that keychain queries for unexportable keys are scoped to the\ndata protection keychain.\n\nBug: 520516655\nChange-Id: I67fe92097b757d97549235ad5c4f2a7c6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7966018\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1652247}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 49d90ea1fbcbe0eb8d9cdcb9de2fb0179dc9ef1b\n"
    },
    {
      "commit": "2424d2145f8ded96b681663600d798673c65718f",
      "tree": "4727cb61618e519e324aa1898c0a9ea5b1de38a7",
      "parents": [
        "e1d5f61ca89cd545a3096f06d62170855f603e43"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Wed Jun 24 17:10:16 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jun 24 17:13:46 2026"
      },
      "message": "crypto/hash: deprecate sha1\n\nSpecifically, mark as deprecated:\n* crypto/hash sha1 support\n* crypto/hmac sha1 support\n* crypto/kdf Pbkdf2HmacSha1\n* crypto/sign schemes with sha1\n\nSome of these will get moved into crypto/obsolete later, some will\nget deleted (I guess).\n\nBug: 527094641\nChange-Id: I4da356b37e754647a956b2c0d326289211a9d18e\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7989372\nAuto-Submit: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: David Benjamin \u003cdavidben@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1651799}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 61e3eac75340b83348a0bf99a8ff6e65cc8f7334\n"
    },
    {
      "commit": "e1d5f61ca89cd545a3096f06d62170855f603e43",
      "tree": "c174d340752da9b2a4622274fd3eea50a5aa8582",
      "parents": [
        "92f6b7bebb20cc5e07f535ca13bb4f1f8207bdfc"
      ],
      "author": {
        "name": "David Benjamin",
        "email": "davidben@chromium.org",
        "time": "Wed Jun 24 15:47:15 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jun 24 15:48:51 2026"
      },
      "message": "Use some newer BoringSSL APIs in crypto/keypair\n\n- We have new keygen functions that are a bit less tedious\n\n- We have an API to directly copy the public half of a key without\n  transiting through SPKI\n\n- Instead of parsing and then checking the key type afterwards, we have\n  parsing APIs that take a list of supported key types. This avoids\n  running the parsers for unsupported types at all. These APIs also\n  check for trailing data (the pattern of leaving trailing data was, in\n  hindsight, kinda error-prone).\n\nChange-Id: I8b83c76648295f3b2c994fa37328b840f7514544\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7988614\nAuto-Submit: David Benjamin \u003cdavidben@chromium.org\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1651742}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: c3c33d4592a6a07d5bca774ffc598c7e456c48e8\n"
    },
    {
      "commit": "92f6b7bebb20cc5e07f535ca13bb4f1f8207bdfc",
      "tree": "826a8a9e574f48ded27c6487ef5baa259e0cf364",
      "parents": [
        "2089ea8eac6093dfd8081669c5b05142959bf22e"
      ],
      "author": {
        "name": "Ali Hijazi",
        "email": "ahijazi@chromium.org",
        "time": "Wed Jun 24 14:50:36 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jun 24 14:52:49 2026"
      },
      "message": "[Crypto] Add background thread warning to SelectAlgorithm\n\nAdd a warning comment to UnexportableKeyProvider::SelectAlgorithm()\ndocumenting that it can trigger a synchronous load of ncrypt.dll on\nWindows, and therefore must be called on a background thread.\n\nBug: 526291688\nChange-Id: Ie7744bad5c0aa154342e5a3b26bae46d03657fb7\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7993255\nCommit-Queue: Ali Hijazi \u003cahijazi@chromium.org\u003e\nReviewed-by: Adam Langley \u003cagl@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1651712}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 07c26214166006971ff438a06b5b4d8c8bd437b8\n"
    },
    {
      "commit": "2089ea8eac6093dfd8081669c5b05142959bf22e",
      "tree": "b0960fc18b81976bd683009d0b50928e4572e80b",
      "parents": [
        "c1eb90516e518db61620fc6bdcda2538eaadf82b"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Wed Jun 24 00:27:33 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jun 24 00:29:30 2026"
      },
      "message": "variations: use crypto/hpke\n\n... instead of hand-calling the HPKE APIs.\n\nThis also allows deleting the enc_len parameter the variations crypto\nAPIs take, since the crypto/hpke API handles the details of splitting\noff the ciphertext when unsealing internally.\n\nBug: 505830922\nChange-Id: I8d260e67e87c978129e8bf29e68632228d583e06\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7953719\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nAuto-Submit: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1651401}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: c1f15fa253ffcc0a8d876dc09a81f7cba399549b\n"
    },
    {
      "commit": "c1eb90516e518db61620fc6bdcda2538eaadf82b",
      "tree": "f09b59d62b9d7309cd557ecf0aa26596c971fb53",
      "parents": [
        "7dc3e798aa9c96e00b5b3d61b2adc110e21c92d6"
      ],
      "author": {
        "name": "David Benjamin",
        "email": "davidben@chromium.org",
        "time": "Tue Jun 23 23:37:40 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jun 23 23:40:18 2026"
      },
      "message": "crypto: Fix documentation of FromEcP256Point, etc\n\nAn EC point is not an integer, so \"big endian integer point\" does not\nmake much sense. X9.62 is an opaque phrase, but it is the name of the\nformat. Also include a reference to the corresponding serialization\nformat to help hint callers.\n\nAlso rework the warning about using SPKI/PKCS8. It\u0027s odd that we only\nput that on some methods. It\u0027s also a bit strong. Formats as these are\nright when you only want to encode public key. (SPKI shouldn\u0027t be used\nin places where you already know the algorithm. It adds overhead and\nrisks extra failures if what you get back is something not of the type\nyou expected.) To avoid copy-pasting it everywhere, I put it as a\nsection header. There sadly have to be two of them because we put\nimport/export in different groups.\n\nChange-Id: I56ad251d374fd20f557a1eade0ad1fc6a5843eaa\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7987559\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nAuto-Submit: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1651370}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 471cc6c983c762c36aaae0987add7e855ddddc26\n"
    },
    {
      "commit": "7dc3e798aa9c96e00b5b3d61b2adc110e21c92d6",
      "tree": "41f45421a29539c76049a26f8074c1be1e9c92c4",
      "parents": [
        "4987d40517d63b808123dc4a471b40089dadf848"
      ],
      "author": {
        "name": "Mark Cogan",
        "email": "marq@chromium.org",
        "time": "Tue Jun 23 16:15:16 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jun 23 16:16:47 2026"
      },
      "message": "Remove crypto::apple::RecordKeychainMigrationStatus()\n\nCalling this function during launch for every user was impacting\nstability, and in any case the dat collected wasn\u0027t that useful.\n\nThe only call site was removed in\nhttps://chromium-review.git.corp.google.com/c/chromium/src/+/7966023 .\n\nBug: 526890997\nChange-Id: I132c13a72c052aa440b602e761feac4040621960\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7984626\nAuto-Submit: Mark Cogan \u003cmarq@chromium.org\u003e\nCommit-Queue: Christian Dullweber \u003cdullweber@chromium.org\u003e\nReviewed-by: Adam Langley \u003cagl@chromium.org\u003e\nReviewed-by: Christian Dullweber \u003cdullweber@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1651052}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: f9901944e26d9ed5ce90d816f701815b3e41724a\n"
    },
    {
      "commit": "4987d40517d63b808123dc4a471b40089dadf848",
      "tree": "d8c4dc3bfd0ba60ead7e006c0a40b769e4779bfb",
      "parents": [
        "e2d2622e221430836dc74693e4ae6da61687334a"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Tue Jun 23 09:45:34 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jun 23 09:47:17 2026"
      },
      "message": "[crypto] Add UMA metrics for attestation key operations\n\nIntroduce distinct UMA metrics for attestation key operations to\ndifferentiate them from standard unexportable key operations.\n\nPreviously, operations on attestation keys were either not fully tracked\nor were conflated with regular unexportable keys. This change adds\nspecific TPMOperation enum values for the creation, wrapping, and\nexporting of attestation keys.\n\nThe Windows unexportable key provider is updated to pass the KeyUsage\ncontext during key loading and creation, ensuring that the new\nattestation-specific operations are logged accurately. This provides\nfiner-grained visibility into the performance and reliability of TPM\nattestation features.\n\nBug: 501306775\nChange-Id: Ie480ba7e5717f77573b30790969c6e036a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7967539\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1650876}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 4b3be860aa032cbbf851f1c9ec03d12ce70560ef\n"
    },
    {
      "commit": "e2d2622e221430836dc74693e4ae6da61687334a",
      "tree": "70aba000615089dfed2ed77ce2a6b30bd77f4cfe",
      "parents": [
        "0b5658b5d627b18582d24df6eefcf77aa096d751"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Tue Jun 23 09:45:15 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jun 23 09:46:55 2026"
      },
      "message": "[crypto] Use transparent lookups in UnexportableKey tests\n\nMigrate the `keys_` tracking container in the metrics unittests from\n`std::set` to `absl::flat_hash_set`. This utilizes the transparent\nhasher and equality helpers (`base::TransparentHashAs` and\n`base::TransparentEqualAs`) to enable heterogeneous lookups.\n\nThis change allows querying, erasing, and looking up keys directly using\n`base::span\u003cconst uint8_t\u003e`. Previously, operations like `contains` and\n`erase` required allocating and copying the span\u0027s contents into a\ntemporary `std::vector\u003cuint8_t\u003e`, which is no longer necessary.\n\nChange-Id: Ie482bdbbca11a5b383eaadc3eb10a03a6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7963020\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nAuto-Submit: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1650875}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 25254a60ab0bef9c0616f8ceff8641d36c2f0f55\n"
    },
    {
      "commit": "0b5658b5d627b18582d24df6eefcf77aa096d751",
      "tree": "1ee560840d8fd87a9752815fc21e9f2e122cd126",
      "parents": [
        "c6e7b302907d84580185b711dd8f84a0f725342c"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Jun 22 06:01:51 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Jun 22 06:03:57 2026"
      },
      "message": "[dbsc] Implement C++ wrapper around Rust TPM FFI parser\n\nThis change introduces `crypto::tpm_parser`, a C++ wrapper layer over\nthe Rust TPM FFI parser. Previously, callers interacted directly with\nthe FFI boundary and performed local signature verification.\n\nThis update improves type safety and ergonomics by:\n\n- Introducing C++ types and returning `base::expected` for better error\n  handling across the FFI boundary.\n- Moving TPM signature verification (`VerifySignature`) out of call\n  sites and into the centralized C++ wrapper, leveraging existing\n  BoringSSL-backed C++ verification (`crypto::sign::Verify`).\n- Renaming Rust verification structs to reflect that they now strictly\n  perform parsing operations, deferring cryptographic verification to\n  C++.\n- Refactoring `unexportable_key_win.cc` to consume the new, safer C++\n  API and metrics logging structure.\n\nNO_IFTTT\u003dcrypto/tpm_parser.h is a new file\n\nBug: 501306222\nChange-Id: Idb68151021fb35f29bff014ba80fc3536a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7956124\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1650133}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 66b2c00f57c854f621e5380759f75576bb43bacf\n"
    },
    {
      "commit": "c6e7b302907d84580185b711dd8f84a0f725342c",
      "tree": "fcc34761f7bed57fd99914a1b1ac0a4b58db5686",
      "parents": [
        "73b534685dc5ecd46afe7142c1ffee00b557824e"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Wed Jun 17 20:58:34 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jun 17 21:00:54 2026"
      },
      "message": "[dbsc] Move TPM signature verification from Rust to C++\n\nMigrate the verification of TPM signatures from Rust to C++ to leverage\nexisting C++ cryptographic infrastructure. The Rust implementation is\nsimplified to focus solely on parsing the TPM-specific signature format\n(TPMT_SIGNATURE) and returning its raw components.\n\nKey modifications include:\n\n- Replacing the Rust-based `verify_signature` function with a parser\n  that extracts raw RSA or ECDSA components.\n- Introducing utility functions in `crypto/ecdsa_utils` to convert raw\n  ECDSA signatures (concatenated R and S) into DER format.\n- Implementing verification logic in `unexportable_key_win.cc` using the\n  standard `crypto::sign` namespace.\n- Removing the BoringSSL dependency from the Rust `tpm` target to\n  streamline the build.\n\nBug: 501306222\nChange-Id: I733755e876d1f3616ad032a8317364b16a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7946121\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1648568}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: b46cf7820f5b1054e4b11008c30664065b1ef917\n"
    },
    {
      "commit": "73b534685dc5ecd46afe7142c1ffee00b557824e",
      "tree": "862bf9a08a6088b978281ce0c8b3cf90ca7c5207",
      "parents": [
        "969bf379a1dc9f43e4b41d3358432b24a18142a8"
      ],
      "author": {
        "name": "Louis Romero",
        "email": "lpromero@google.com",
        "time": "Tue Jun 16 14:23:48 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jun 16 14:25:47 2026"
      },
      "message": "Fix memory leak in RecordKeychainMigrationStatus\n\nRecordKeychainMigrationStatus was using NSToCFOwnershipCast to convert\nNSMutableDictionary queries to CFDictionaryRef parameters for\nKeychainV2::GetInstance().ItemCopyMatching. NSToCFOwnershipCast uses\n__bridge_retained under the hood, which increments the retain count.\nBecause the returned CFDictionaryRef was not wrapped in a\nScopedCFTypeRef or manually released, the dictionary was leaked.\n\nThis CL replaces NSToCFOwnershipCast with NSToCFPtrCast, which uses\na non-retaining __bridge cast. This is safe because the dictionaries\nare ARC-managed and remain in scope for the duration of the function.\n\nFixed: 524555692\nChange-Id: I43426becfc619ef184b5b170129bc22935168d82\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7949501\nAuto-Submit: Louis Romero \u003clpromero@google.com\u003e\nCommit-Queue: Louis Romero \u003clpromero@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1647529}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 997b56352e2a9fc99991c56fcb91e66e2d572ea1\n"
    },
    {
      "commit": "969bf379a1dc9f43e4b41d3358432b24a18142a8",
      "tree": "cb8a6f13346127b568933f3d78784337f9e484c4",
      "parents": [
        "07d5be70e9f3dd2ac6d62aaaaa4d410a8f3ed4c1"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Jun 15 12:35:25 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Jun 15 12:37:48 2026"
      },
      "message": "[uma] Centralize TPM operation/signature variants and add KeyCertification\n\nBug: 501306364\nChange-Id: Ib6828fcd15dba213b1dd004f20e2f3f36a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7879843\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1646744}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 13e896c565dba628b706fb3d93bb238ab0b8d666\n"
    },
    {
      "commit": "07d5be70e9f3dd2ac6d62aaaaa4d410a8f3ed4c1",
      "tree": "639c926b37972520ed73c6dd03958ad6c2fd4323",
      "parents": [
        "4d0e5218f03a77ce9e3f7ba1b3170b704bb32470"
      ],
      "author": {
        "name": "Avi Drissman",
        "email": "avi@chromium.org",
        "time": "Thu Jun 11 15:04:56 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jun 11 15:06:31 2026"
      },
      "message": "Switch to a modern value\n\nkLAPolicyDeviceOwnerAuthenticationWithBiometricsOrWatch is deprecated in\nfavor of LAPolicyDeviceOwnerAuthenticationWithBiometricsOrCompanion.\nBecause they have the exact same value, switch to the modern spelling.\n\nBug: none\nChange-Id: I1bc56193cd25ac0de4ee6238141614f76a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7922091\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nAuto-Submit: Avi Drissman \u003cavi@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1645375}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 5d4394f1a08e9ad751d1a9d42a679ba79096232a\n"
    },
    {
      "commit": "4d0e5218f03a77ce9e3f7ba1b3170b704bb32470",
      "tree": "8adcfb481b361fae02daa7080974764ea63c9c2d",
      "parents": [
        "885652d31103a87a3ef68e1cfd582570c3a7abc1"
      ],
      "author": {
        "name": "Jeffrey Gour",
        "email": "jeffreygour@microsoft.com",
        "time": "Tue Jun 09 16:47:12 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jun 09 16:50:06 2026"
      },
      "message": "Move SecureZeroBuffer to crypto/secure_util for reusability\n\nThis CL moves SecureZeroBuffer from the internal namespace in\nprocess_bound_string.h/cc to secure_util.h/cc in order to improve the\nability to use the method outside of ProcessBoundString. Specifically,\nit will be used by the new Encrypted\u003ctypename StringType\u003e class being\nintroduced in https://crrev.com/c/7904562.\n\nBug: 513276101\nChange-Id: Ie893de151e0974f985c7384a9c556fa8c93cf3c2\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7909601\nReviewed-by: Will Harris \u003cwfh@chromium.org\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jeffrey Gour \u003cjeffreygour@microsoft.com\u003e\nCr-Commit-Position: refs/heads/main@{#1644048}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: fb1bff6f56938760362582f4883ddfd72677eb9c\n"
    },
    {
      "commit": "885652d31103a87a3ef68e1cfd582570c3a7abc1",
      "tree": "b30f9c78b5fc2c21d0ae2aad9a9a6d71bf45d905",
      "parents": [
        "288b962e8bb1a182ab8543dfbfcadcdfdffb4b1e"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Fri Jun 05 08:56:21 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri Jun 05 08:58:44 2026"
      },
      "message": "[crypto] Implement TPM key certification metrics\n\nMeasure the latency and success rate of TPM key certification operations\nvia UMA. This change adds reporting for the kKeyCertification operation\nto monitor the performance of the Certify operation in Device Bound\nSession Credentials.\n\nTo support this, the key deletion logic in unexportable_key_metrics.cc\nis generalized to handle both signing and attestation keys. A new\nhelper, wrap_delete_key, is introduced to manage unique_ptr deleters\nmore efficiently. Additionally, unit tests are updated to verify the new\nhistograms, and the metrics unit test file is moved to the common source\nlist in the BUILD.gn file.\n\nBug: 501306775\nChange-Id: I32481ea4134055a35a886f957b925b066a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7890375\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1642217}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: cd24e3f897e3049fa7fa5065f0fb2c05253f768a\n"
    },
    {
      "commit": "288b962e8bb1a182ab8543dfbfcadcdfdffb4b1e",
      "tree": "2a6ebffc74fafe347e671dd82a19978f4db39426",
      "parents": [
        "e46aa188a53ad1d165021041adecf3a22579599a"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Fri Jun 05 08:55:59 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri Jun 05 08:58:24 2026"
      },
      "message": "[crypto] Implement software attestation key provider\n\nThis change implements the UnexportableAttestationKey interface for the\nsoftware-backed unsecure key provider. This allows the provider to\nemulate hardware-backed attestation by generating synthetic TPM 2.0\ncertification statements and formatting signatures into TPM-compatible\nstructures.\n\nKey modifications:\n\n- Refactor the software signing key implementation into a template base\n  class to share common logic between signing and attestation.\n- Implement SoftwareAttestationKey::CertifySlowly to generate\n  TPMS_ATTEST structures and format the result as an\n  AttestationStatement.\n- Add helper functions for serializing TPM-compatible ECDSA and RSA\n  signatures from DER-encoded signatures.\n- Update SoftwareProvider to support generating and loading wrapped\n  attestation keys.\n\nThis implementation enables end-to-end testing of features relying on\ndevice attestation, such as Device Bound Session Credentials (DBSC), in\nenvironments without physical TPM hardware.\n\nBug: 501306775\nChange-Id: I913fdbdfa3ac5846f4c4f6b678f243306a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7902311\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1642216}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: fbb4e1861db4b71a23e524ffebe964cba55bebcb\n"
    },
    {
      "commit": "e46aa188a53ad1d165021041adecf3a22579599a",
      "tree": "cf530c81c8ee7d8ebc287d2f53cb4f5d4fb685e0",
      "parents": [
        "626fffec86d3f0cbb8dbbfce893c527163de8a8a"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Thu Jun 04 00:49:00 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jun 04 00:50:24 2026"
      },
      "message": "crypto/aead: add AES-128-GCM\n\nRequired to support components/gcm_driver.\n\nAI-Model: none\nBug: 427242312\nChange-Id: I7a5acd1b7b66e0dc9d625460a4306300b0ae3946\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7900060\nCommit-Queue: Matt Mueller \u003cmattm@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nAuto-Submit: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1641350}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: c423cb9708fd579fb164176a4c589e264d61145c\n"
    },
    {
      "commit": "626fffec86d3f0cbb8dbbfce893c527163de8a8a",
      "tree": "93ef32d4eb73fc42033f6cdc405557804855ca3a",
      "parents": [
        "a9ab0ff597ed2e9c1924dbdf2bd104e3400a16d5"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Tue Jun 02 09:28:51 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jun 02 09:31:01 2026"
      },
      "message": "[dbsc] Implement TPM key certification on Windows\n\nThis change implements the `CertifySlowly` interface for unexportable\nattestation keys on Windows. This allows cryptographically proving that\na signing key is resident in the same Trusted Platform Module (TPM) as\nthe attestation key.\n\nThe implementation leverages the Windows TPM Base Services (TBS) API to\nsubmit raw `TPM2_Certify` commands to the hardware. To ensure memory\nsafety when handling these complex structures, the command construction,\nresponse parsing, and signature verification are performed by a\nRust-based parser. This addresses the need for a memory-safe way to\nparse raw TPM response structures, such as `TPM2B_ATTEST` and\n`TPMT_SIGNATURE`.\n\nNew UMA histograms are introduced to monitor the reliability of these\noperations, covering TBS API status codes, TPM response codes, and\nresults from the Rust-based verification logic.\n\nBug: 501306222\nChange-Id: Ifbe9e275833a95d5c6202b9741a0c77a6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7863844\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Sebastien Lalancette \u003cseblalancette@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1640028}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 8f99b231f4647ea25ecabc2e7ce53e8ca914d7d7\n"
    },
    {
      "commit": "a9ab0ff597ed2e9c1924dbdf2bd104e3400a16d5",
      "tree": "16bf8103ce9e2c6f35fc6b8e2f835acd051e4efe",
      "parents": [
        "058af966a3ba02ef1321e58a3bf40c1b5266d3c7"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Thu May 28 07:56:54 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu May 28 07:58:34 2026"
      },
      "message": "[dbsc] Implement TPM signature verification in Rust\n\nImplement cryptographic signature verification for TPM2_Certify\nresponses in Rust using bssl_crypto. This change adds support for\nparsing the TPMT_SIGNATURE structure and verifying both RSA PKCS#1 and\nECDSA P-256 signatures.\n\nBy performing these checks in Rust, we ensure that the processing of\npotentially untrusted hardware responses remains in a memory-safe\nenvironment, fulfilling the \"Rule of 2\" requirements for the Device\nBound Session Credentials (DBSC) implementation. This verification step\nconfirms that the attestation statement was indeed signed by the\nexpected hardware key.\n\nBug: 501306222\nChange-Id: I3c0848a570b3bd36466472aa9bf290c56a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7843193\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Daniel Cheng \u003cdcheng@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1637527}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 2c4702cf572a7961fd20e8267eddb19c3dc614c2\n"
    },
    {
      "commit": "058af966a3ba02ef1321e58a3bf40c1b5266d3c7",
      "tree": "c9194f39919e6b60d9a85cfc9a5d6d618cdf7a8e",
      "parents": [
        "754c888afc968f7e8a6fa1f08bb9928fa6ab371f"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Wed May 27 09:55:47 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed May 27 09:57:39 2026"
      },
      "message": "[dbsc] Implement Rust TPM response parser for key certification\n\nThis CL introduces the memory-safe Rust parser for TPM2_Certify\nresponses, specifically validating the TPM2B_ATTEST and TPMT_SIGNATURE\nstructures. The parsed results are securely bounded and returned across\nthe CXX boundary via a CertifyResponse struct.\n\nBug: 501306222\nChange-Id: Iacaf6b6c6325c0969b3939ef2dd782436a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7830199\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Daniel Cheng \u003cdcheng@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1636806}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 962f4cd8c41baab61806dcd5bdf1a8ce3afe793b\n"
    },
    {
      "commit": "754c888afc968f7e8a6fa1f08bb9928fa6ab371f",
      "tree": "b7a2f9b8ef135d507756390415f158e2c70bc40e",
      "parents": [
        "a0254471c8932e2fb5cb668503dfd63bbd36662e"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Thu May 21 08:21:41 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu May 21 08:24:29 2026"
      },
      "message": "[dbsc] Implement Rust TPM parser for certify command construction\n\nImplement a memory-safe parser and builder for TPM 2.0 structures in\nRust, specifically for constructing TPM2_Certify commands. This\naddresses the requirement to move complex serialization of untrusted\ndata into a memory-safe language, adhering to the \"Rule of 2.\"\n\nThe change introduces:\n\n- A Writer abstraction for safe big-endian buffer generation.\n- A Reader abstraction for parsing TPM responses.\n- Support for various signature schemes and hash algorithms.\n- A cxx bridge for interoperability with existing C++ components.\n\nThis ensures that the Device Bound Session Credentials (DBSC) logic can\nsafely interact with the TPM without the memory safety risks associated\nwith manual buffer manipulation in C++.\n\nFixed: 501306595\nChange-Id: I87822f532bc8f4ee2e7c618d48fa370f6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7828681\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Daniel Cheng \u003cdcheng@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1634109}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: e845bc46f9c9c56d2f104371724cc360ccbfe24b\n"
    },
    {
      "commit": "a0254471c8932e2fb5cb668503dfd63bbd36662e",
      "tree": "4360911822e6da49b580a4751bf16bb773e47eba",
      "parents": [
        "9b541ab7660d2ed481502c03d63e30b65684b398"
      ],
      "author": {
        "name": "Avi Drissman",
        "email": "avi@chromium.org",
        "time": "Tue May 19 16:20:03 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue May 19 16:21:35 2026"
      },
      "message": "Don\u0027t leak a CFString\n\nCFStringCreateCopy returns an object that needs to be released.\nCFArrayAppendValue retains the value passed in, so passing a copy\ndirectly into it will leak that value.\n\nThe value, keychain_access_group_, is created in the constructor of\nFakeKeychainV2, so there\u0027s no need to create a copy of it.\n\nBug: none\nChange-Id: Idb721603be572f26a05f322c16568e526a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7857749\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Avi Drissman \u003cavi@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1632902}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: c2e021d3e55f6a18b56cb770bbea11edf8685a77\n"
    },
    {
      "commit": "9b541ab7660d2ed481502c03d63e30b65684b398",
      "tree": "7ca9a2d7f1f309ce0b3a56372ff8c1d1a016e888",
      "parents": [
        "65f51c94e7a4a150717b83546467ae68bd2f11de"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Tue May 19 16:00:14 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue May 19 16:01:42 2026"
      },
      "message": "[dbsc] Implement restricted attestation key support on Windows\n\nAdd support for generating and loading Attestation Identity Keys (AIK)\nusing the Microsoft Platform Crypto Provider. These keys are now\nproperly restricted by setting the `NCRYPT_PCP_IDENTITY_KEY` usage\npolicy during generation. This ensures that the TPM reserves the keys\nfor attestation purposes and prevents them from being used to sign\narbitrary data.\n\nThis change refactors the Windows unexportable key provider to share\nimplementation details between signing and attestation keys:\n\n- Introduces a `WinKeyImpl` template to manage common key properties.\n- Consolidates key creation and loading logic into internal helper\n  functions.\n- Implements the `AttestationKeyWin` wrapper class.\n- Updates `DuplicatePlatformKeyHandle` to work with the base\n  `UnexportableKey` interface.\n\nThis implementation provides the necessary Windows-specific attestation\nkey infrastructure and ensures keys are generated with the required\nrestricted usage policy for hardware-backed identity.\n\nBug: 501307116, 501305842\nChange-Id: I49a9ad47b176d5d2b068a1d1345ad8e46a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7827868\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1632870}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: d4e5f816d3ae9739abdf0f0f411b756e3df0400d\n"
    },
    {
      "commit": "65f51c94e7a4a150717b83546467ae68bd2f11de",
      "tree": "c07df4c410f88c3831f8bcf72af86dd4a5abe759",
      "parents": [
        "2cef556cb279ec43720dd08792f024ceb3c55394"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Tue May 19 08:17:55 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue May 19 08:19:45 2026"
      },
      "message": "[dbsc] Rename MockUnexportableKey to MockUnexportableSigningKey\n\nRename the mock unexportable key class and its associated helper methods\nto explicitly indicate they refer to signing keys. This disambiguation\nis necessary to support the introduction of attestation keys for Device\nBound Session Credentials.\n\nThe following renames were performed:\n\n- `MockUnexportableKey` to `MockUnexportableSigningKey`.\n- `AddNextGeneratedKey` to `AddNextGeneratedSigningKey`.\n- `next_generated_keys_` to `next_generated_signing_keys_`.\n\nThese updates ensure type safety and clarity as the crypto component\nexpands to support hardware-backed certification and distinct key roles\nfor attestation and signing.\n\nBug: 501306819, 501306500, 501307389\nChange-Id: I899149cd2ddcc2f0568cd3360b29abe66a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7827656\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Slobodan Pejic \u003cslobodan@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1632692}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 17ddc0a615f7c313a98f5132fc3daf8c86d990d1\n"
    },
    {
      "commit": "2cef556cb279ec43720dd08792f024ceb3c55394",
      "tree": "d8a0d1b4234f4832b6292c814e23ab4b068ea6b6",
      "parents": [
        "b4e26c401994738d9755ddf448b33bae5dde16ab"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Tue May 19 08:16:55 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue May 19 08:18:51 2026"
      },
      "message": "[dbsc] Add attestation key interfaces to crypto::UnexportableKey\n\nIntroduce foundational C++ interfaces for Attestation Identity Keys\n(AIK) in the `crypto` component. These interfaces allow Chrome to\nperform hardware-backed certification over signing keys, which is\nrequired for the DBSC-SSO flow to prove that a session key resides in\nthe same physical hardware as an IdP key.\n\nThe following structures and classes are added:\n\n- `AttestationStatement`: Holds the TPM or Secure Enclave statement and\n  signature resulting from certification.\n- `UnexportableAttestationKey`: An interface for keys that can certify\n  an `UnexportableSigningKey` via a challenge-response mechanism.\n- `UnexportableKeyProvider`: Updated to support the generation and\n  import of hardware-backed attestation keys.\n\nThese additions establish the platform-agnostic API boundary needed for\nfuture Windows and macOS implementations. This change also introduces\nmock implementations for the new AIK interfaces.\n\nBug: 501306819, 501306500, 501307389\nChange-Id: Id072f42fcc8e58c8cf519f3f1837b9826a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7822922\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1632691}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 66beec8926297642200581c1948e25149ce45569\n"
    },
    {
      "commit": "b4e26c401994738d9755ddf448b33bae5dde16ab",
      "tree": "b0a483c4be70dbf1dd73d3c21337517015c19bf5",
      "parents": [
        "a27aeaadc946c527f028b9ada5abf31071cfb234"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Wed May 13 16:36:22 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed May 13 16:39:08 2026"
      },
      "message": "[dbsc] Move UnexportableKey mocks to crypto\n\nMove MockUnexportableKey, MockUnexportableKeyProvider, and\nScopedMockUnexportableKeyProvider from components/unexportable_keys to\ncrypto. This centralizes testing utilities alongside the interfaces they\nmock and enables their integration into lower-layer components.\n\nRename the moved classes to the crypto namespace and update all include\npaths and call sites.\n\nBug: 501307389, 501306500,501306819\nBypass-Check-License: Rename\nChange-Id: Ib1af837ba8afe25543e2c4ae15c8b98e6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7827769\nReviewed-by: Slobodan Pejic \u003cslobodan@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nReviewed-by: Rohit Rao \u003crohitrao@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1630032}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 8d70142aa3311f885be5dc1483c45d5578e92b6f\n"
    },
    {
      "commit": "a27aeaadc946c527f028b9ada5abf31071cfb234",
      "tree": "4c5f11db31eee360227c6223488f27155fe03eea",
      "parents": [
        "d93a8507f23b7ccfa8cd2a3b639866b7e5640b7e"
      ],
      "author": {
        "name": "Mark Cogan",
        "email": "marq@chromium.org",
        "time": "Thu May 07 07:49:19 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu May 07 07:51:29 2026"
      },
      "message": "Add histograms to track iOS keychain migration\n\nIntroduce UMA histograms to track the success and failure rates of\nkeychain item accessibility migration on iOS. This allows for better\nvisibility into how often items require updates from the legacy\nkSecAttrAccessibleWhenUnlocked attribute to the preferred\nkSecAttrAccessibleAfterFirstUnlock attribute.\n\nKey functional changes include:\n* Define Security.iOS.KeychainMigrationResult histogram and associated\n  enums to record migration outcomes (Success, Failure, or Not Needed).\n* Update MigrateKeychainItemAccessibilityIfNeeded in keychain_util.mm\n  to record these metrics using KeychainV2.\n* Enhance FakeKeychainV2 to support mockable return codes for\n  ItemUpdate, enabling comprehensive testing of failure scenarios.\n* Expand keychain_util_unittest.mm to verify metric recording across\n  all migration states.\n\nFakeKyechainV2 is also updated to support cleanly testing these changes:\n* Removed strict DCHECKs that required kSecReturnRef and\n  kSecReturnAttributes to be true; this meant non-test code had to\n  include these keys even if they weren\u0027t functionally needed.\n* Added the ability to filter items by the kSecAttrAccessible attribute.\n* Improved access group handling: if kSecAttrAccessGroup is missing from\n  a query, it now defaults to filtering by the FakeKeychainV2 instance\u0027s\n  own access group rather than triggering a DCHECK.\n* Added safety checks to ensure result is non-null before assigning\n  matching items.\n* Introduced item_update_result_ to allow tests to simulate specific\n  OSStatus failure codes.\n* Expanded supported item classes to include kSecClassGenericPassword\n  (previously only kSecClassKey was supported).\n* Enhanced matching logic for updates: it now supports filtering by both\n  kSecAttrApplicationLabel and kSecAttrAccount, making it more robust\n  for different types of keychain items.\n\nChange-Id: Ia1dae3b21c9d3bd79c5a9b9644a6afd9dd594bfd\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7792920\nReviewed-by: Christian Dullweber \u003cdullweber@chromium.org\u003e\nReviewed-by: Adam Langley \u003cagl@chromium.org\u003e\nReviewed-by: Chris Thompson \u003ccthomp@chromium.org\u003e\nCommit-Queue: Mark Cogan \u003cmarq@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1626773}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: cbc4146c2d47804007c3a2090a862ba1bf2cd346\n"
    },
    {
      "commit": "d93a8507f23b7ccfa8cd2a3b639866b7e5640b7e",
      "tree": "bd670034906cd5fa494330419d2b1b0304d4b0af",
      "parents": [
        "57ac2402e8d5eb70c226909cfa2cfb86c31d5165"
      ],
      "author": {
        "name": "Nick Harper",
        "email": "nharper@chromium.org",
        "time": "Fri May 01 02:43:42 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri May 01 02:45:47 2026"
      },
      "message": "Add base::Feature for ML-DSA signatures in TLS\n\nBug: 497896140\nChange-Id: Iba306c7cc90d80d10a8d77dcd3516e7bffea6f82\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7805484\nCommit-Queue: Nick Harper \u003cnharper@chromium.org\u003e\nAuto-Submit: Nick Harper \u003cnharper@chromium.org\u003e\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1623681}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: a2638b6eeba78d30a00a5b182d09c33ad29d350b\n"
    },
    {
      "commit": "57ac2402e8d5eb70c226909cfa2cfb86c31d5165",
      "tree": "3532c9f7c0cfdb2848b49db9deafa460bfc57ca8",
      "parents": [
        "274e6abafd61b0e3d51a1e075bfe967551308340"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Tue Apr 28 21:32:28 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Apr 28 21:34:36 2026"
      },
      "message": "crypto/hpke: add AES-128-GCM and Base mode support\n\nThese are needed to support components/signin.\n\nAI-Model: antigravity\nBug: 505830922\nChange-Id: If34d31b98008c3447665cd0b4d25def630ee0e0c\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7800536\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nAuto-Submit: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1622041}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 4f920611bc602e06d377db5fefcb8a8fdd0a8020\n"
    },
    {
      "commit": "274e6abafd61b0e3d51a1e075bfe967551308340",
      "tree": "db50bfe2d2e2fcd052c255bb86cf71b02eb4f65a",
      "parents": [
        "63f1587036250c86df5137fbebe98d9db28d6507"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Tue Apr 28 02:45:17 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Apr 28 02:47:28 2026"
      },
      "message": "crypto: add one-shot auth HPKE api\n\nThis handles only the config used by components/sync currently:\n* One-shot Auth mode\n* KEM \u003d DHKEM(X25519, HKDF-SHA256)\n* KDF \u003d HKDF-SHA256\n* AEAD \u003d ChaCha20-Poly1305\n\nOther configs will come later if there are users of them.\n\nAI-Model: antigravity\nBug: 505830922\nChange-Id: I1efb3b04503b32bfb9194b08fea47c8f40cd9863\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7790154\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1621503}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: e31dbbcc5c7769bbd6485c7730c163041c60fbb5\n"
    },
    {
      "commit": "63f1587036250c86df5137fbebe98d9db28d6507",
      "tree": "20e896f40e06e4f404ed63f12738341fd19a9474",
      "parents": [
        "c4d176c18135b9680cfb8748ffd394037d979577"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Mon Apr 27 22:56:26 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Apr 27 22:59:06 2026"
      },
      "message": "crypto: fix UNSAFE_TODO in aead_unittest.cc\n\nVia memcmp -\u003e span comparison. Trivial.\n\nBug: None\nChange-Id: I72ac758b076bfadd5e437c63e3dcb6d0541c8736\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7796070\nCommit-Queue: Matt Mueller \u003cmattm@chromium.org\u003e\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nAuto-Submit: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1621376}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 21669c4ec77b2a82a8463587f5d59412226372bb\n"
    },
    {
      "commit": "c4d176c18135b9680cfb8748ffd394037d979577",
      "tree": "3163d33838fa369ad492e2b48e6901796f9ef2c8",
      "parents": [
        "2462dd422833c0b083d8a4fb6d33abe53b186d20"
      ],
      "author": {
        "name": "Anatoli Hancharou",
        "email": "antoli@google.com",
        "time": "Mon Apr 27 21:17:38 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Apr 27 21:20:08 2026"
      },
      "message": "[crypto] Skip Secure Enclave availability check on iOS\n\nThe call to `GetTokenIDs()` triggers a synchronous initialization of\n`TKTokenWatcher`, which has been observed to cause hangs and crashes on\niOS when called in certain contexts.\n\nThis CL disables both the Secure Enclave presence check and the\nentitlement check on iOS since Secure Enclave has been available on iOS\nsince the A7 chip (iPhone 5s), making this check redundant for all\nsupported iOS versions.\n\nBug: 506057158\nChange-Id: Idb07b9b0162fbcf119361953372fd64d6d0ec4b3\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7795958\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Anatoli Hancharou \u003cantoli@google.com\u003e\nCr-Commit-Position: refs/heads/main@{#1621315}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: cec6c7f0495e2ffc626475207c961c36cd6e62c4\n"
    },
    {
      "commit": "2462dd422833c0b083d8a4fb6d33abe53b186d20",
      "tree": "78e5ab779c7c1b8a32b3d8b65a7c0b96dc6e5a7a",
      "parents": [
        "151ae8fbdf7287d9ed26b5cbb53a2374c0114f54"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Apr 27 18:08:08 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Apr 27 18:09:51 2026"
      },
      "message": "[dbsc] Generalize unexportable key deletion APIs\n\nRenames unexportable key deletion methods to be purpose-agnostic,\ntransitioning from signing-key specific naming to a more general\nnomenclature. This allows the APIs to support the deletion of both\nsigning and attestation keys as part of the Device Bound Session\nCredentials (DBSC) effort.\n\nSpecifically, this change:\n- Renames DeleteSigningKeysSlowly to DeleteKeysSlowly across the\n  crypto layer and the unexportable keys component.\n- Updates DeleteAllSigningKeysSlowly to DeleteAllKeysSlowly.\n- Refactors UnexportableKeyTaskManager and DeleteKeysTask to operate\n  on the RefCountedUnexportableKey base class.\n- Updates associated mocks and unit tests to reflect the new API.\n\nBug: 501306323\nChange-Id: Ic137f919ef841667a18d14afbca3bd846a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7784699\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Sylvain Defresne \u003csdefresne@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1621187}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 2763d6c4e3cfc966c486e4de13413c80a53466c6\n"
    },
    {
      "commit": "151ae8fbdf7287d9ed26b5cbb53a2374c0114f54",
      "tree": "f30b54a87e2e9268b54e52e6455f84d64a6bd328",
      "parents": [
        "9f97c6981647402b23d7eb4f3040ef45086f56ac"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Apr 27 16:33:57 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Apr 27 16:36:06 2026"
      },
      "message": "[dbsc] Introduce UnexportableKey as a base class for hardware keys\n\nIntroduce the UnexportableKey base class to the crypto library to serve\nas a common interface for hardware-backed keys. This change is part of\nan effort to extend the key hierarchy to support new types of hardware\nkeys, such as attestation keys for the Device Bound Session Credentials\n(DBSC) protocol.\n\nThe refactoring splits the existing UnexportableSigningKey class into a\nbase class and a specialized subclass. Shared hardware-bound properties,\nincluding the signature algorithm, subject public key info, and wrapped\nkey data, are moved to the new base class. Methods specific to signing\nremain in the UnexportableSigningKey subclass.\n\nThis restructuring also improves the library\u0027s architecture by laying\nthe groundwork to move stateful behaviors into mixins, thereby avoiding\ndiamond inheritance issues. These changes facilitate the future\nimplementation of Attestation Identity Keys (AIK) required to secure\nsingle sign-on flows.\n\nBug: 501306323\nChange-Id: I3d7c9cac6c94aeb40f28260ac10d79226a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7790328\nAuto-Submit: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1621155}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 65a9d85001c37f5861a71cd79067c128dd9b43b5\n"
    },
    {
      "commit": "9f97c6981647402b23d7eb4f3040ef45086f56ac",
      "tree": "bda381a5245f1e346064f799340ab2b9cd44d6b6",
      "parents": [
        "5840bad0d51a6ed7a5dbd06463f69572db874ef9"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Apr 27 10:05:07 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Apr 27 10:07:14 2026"
      },
      "message": "[dbsc] Introduce standalone StatefulKey mixin\n\nRefactor the unexportable key hierarchy to use a standalone StatefulKey\ninterface instead of the combined StatefulUnexportableSigningKey. This\nchange addresses potential diamond inheritance issues as the system\nexpands to support new key types, such as attestation keys.\n\nPreviously, the hierarchy relied on a combined interface that coupled\nsigning capabilities with platform state. By separating statefulness\ninto a standalone mixin, the architecture becomes more modular and\nallows for better type safety across hardware-backed key categories.\n\nKey modifications:\n\n- Define crypto::StatefulKey as a standalone mixin for keys backed by\n  permanent platform state, such as the macOS keychain.\n- Replace AsStatefulUnexportableSigningKey() with AsStatefulKey() in the\n  base UnexportableKey interface to allow for generic state discovery.\n- Update the Apple and Mock implementations to inherit from both the\n  signing key interface and the new stateful mixin.\n- Generalize DeleteSigningKeysSlowly to accept standard unexportable\n  signing keys, internally verifying statefulness before deletion.\n\nThis architectural change simplifies the class hierarchy and ensures\nconsistency as the DBSC implementation evolves.\n\nBug: 501306323\nChange-Id: If17c75ecd721761519b7488a7c7efd126a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7786119\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nAuto-Submit: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1620975}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: e94b66b2c5a6cb69d6cbcad99597b0467e6cd0da\n"
    },
    {
      "commit": "5840bad0d51a6ed7a5dbd06463f69572db874ef9",
      "tree": "808a0bc1fb1850d48fb88bf023cd5988c10ecdfe",
      "parents": [
        "0d9ddbc9c6a370931b71a491f98deece29f373f3"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Thu Apr 23 08:20:23 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Apr 23 08:23:52 2026"
      },
      "message": "[dbsc] Rename unexportable key garbage collection methods\n\nRename GetAllSigningKeysForGarbageCollectionSlowlyAsync and its\nassociated callbacks to GetAllKeysForGarbageCollectionSlowlyAsync.\n\nThis change is part of a broader refactor to improve type safety by\ndistinguishing between hardware-backed key roles, such as signing and\nattestation keys. Since the garbage collection process retrieves all\nmanaged keys regardless of their specific role, removing the \"Signing\"\nqualifier provides a more accurate description of the method\u0027s purpose.\n\nThe update spans the UnexportableKeyService interface, its\nimplementations, Mojo definitions, and various consumer classes across\nthe signin and networking components. It also renames the underlying\nStatefulUnexportableKeyProvider::GetAllKeysSlowly method in the crypto\nlayer.\n\nBug: 501307307\nChange-Id: Ia0c758a0541b3ef4b14313ef2767edb36a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7780666\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1619372}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 234b233d62f70f874949a79d1e8f68c83f88f111\n"
    },
    {
      "commit": "0d9ddbc9c6a370931b71a491f98deece29f373f3",
      "tree": "3f707e2eb98fdc20e6cb6f54d3701599d716f024",
      "parents": [
        "343cc61d1abfc5d355425c71435836a7f587454c"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Wed Apr 22 17:49:37 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Apr 22 17:52:51 2026"
      },
      "message": "crypto: add pubkey encryption API\n\nThis change:\n* Adds crypto::encrypt::Encrypt and crypto::encrypt::Decrypt, with\n  initial support for RSA-OAEP-SHA1 only (others to follow)\n* Adds a couple of utility functions in crypto::encrypt\n* Adds test coverage for the new functions\n\nPatchset 1 of this CL shows a sample migration of a potential client.\n\nAI-Model: antigravity\nBug: 504697287\nChange-Id: I2ca5f990c5ff0932e3c38f42a96c7a10ee6b5bfb\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7782633\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1618958}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 34f8ea3ff0a5d17c6405e8e4a10283aa5ab71ea3\n"
    },
    {
      "commit": "343cc61d1abfc5d355425c71435836a7f587454c",
      "tree": "7b90fb357d7512aac7813a769cfcc4143b3bd0f3",
      "parents": [
        "989c54bf68d8b95e6ca405c3d859ddb81d7c4d84"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Tue Apr 21 22:18:39 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Apr 21 22:20:14 2026"
      },
      "message": "crypto: use //crypto APIs in software unexportable key\n\nMigrate from BoringSSL to //crypto APIs (crypto::keypair and\ncrypto::sign). The new implementation is shorter and functionally\nequivalent.\n\nAI-Model: gemini-3.1-flash\nBug: 372283556\nChange-Id: Ib5001944b0a993330f779d6604b40017578b084c\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7777111\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1618489}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 6e4157d8f78b18c87e994094cbc6a537bb60bb74\n"
    },
    {
      "commit": "989c54bf68d8b95e6ca405c3d859ddb81d7c4d84",
      "tree": "49c34620f640ca86fec1ee00798c1c83d26ec366",
      "parents": [
        "855d68180460f6342534db6bf45bfd19625e02ba"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Mon Apr 20 16:43:42 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Apr 20 16:46:00 2026"
      },
      "message": "net-ssl: add net::CryptoPrivateKey\n\nBy analogy with net::OpenSSLPrivateKey, but backed by a\ncrypto::keypair::PrivateKey instead of a BoringSSL EVP_PKEY, and using\ncrypto::sign for signatures instead of BoringSSL APIs. This required\nadding support for a few more signature schemes to crypto::sign as well.\n\nThis will allow migrating all clients of net::OpenSSLPrivateKey to\nnet::CryptoPrivateKey, then ultimately deleting net::OpenSSLPrivateKey.\n\nSince net::CryptoPrivateKey supports Ed25519, this change also adds an\nEd25519 certificate to the test set for use in its unit tests.\n\nAI-Model: gemini-3.1-flash\nBug: 372283556\nChange-Id: Ib7d020ca9b9bcfc20386dfe06cbfa368d7c00151\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7765985\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1617557}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: d0a78a5b1fd9d0230a227b59673986a217396d90\n"
    },
    {
      "commit": "855d68180460f6342534db6bf45bfd19625e02ba",
      "tree": "c9ca498052696d501dfa1a3448eff0576b7d5e16",
      "parents": [
        "e58daa300453ac4e1d04188f0fa715380d3afa8c"
      ],
      "author": {
        "name": "Tom Anderson",
        "email": "thomasanderson@chromium.org",
        "time": "Fri Apr 17 21:59:41 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri Apr 17 22:02:39 2026"
      },
      "message": "[OSCrypt] Remove usage of legacy sync backend\n\nThe sync backend is no longer used since the async backend is now used\neverywhere.\n\n- Removed OSCryptMocker and related legacy OSCrypt references from tests\n  and the rest of the codebase.\n- Updated documentation and histograms to reflect the removal.\n\nOBSOLETE_HISTOGRAMS\u003dRemoved in 2026 as OSCrypt Async replaces OSCrypt Sync and fallbacks are no longer possible.\n\nBug: 447372315\nChange-Id: I60f30ad8443b38727369253cb114001f6acb3979\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7759877\nReviewed-by: Alex Gough \u003cajgo@chromium.org\u003e\nReviewed-by: Nico Weber \u003cthakis@chromium.org\u003e\nOwners-Override: Alex Gough \u003cajgo@chromium.org\u003e\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nReviewed-by: Chris Thompson \u003ccthomp@chromium.org\u003e\nReviewed-by: Rohit Rao \u003crohitrao@chromium.org\u003e\nReviewed-by: Peter Kvitek \u003ckvitekp@chromium.org\u003e\nReviewed-by: Bo Liu \u003cboliu@chromium.org\u003e\nReviewed-by: Lei Zhang \u003cthestig@chromium.org\u003e\nReviewed-by: Reilly Grant \u003creillyg@chromium.org\u003e\nCommit-Queue: Thomas Anderson \u003cthomasanderson@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1616878}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 21b80f4fd64669a95201f9d192258355a264dfbb\n"
    },
    {
      "commit": "e58daa300453ac4e1d04188f0fa715380d3afa8c",
      "tree": "a4f00f3ceb37eac29dba04c0453f0b1bb847ff15",
      "parents": [
        "71374fccd82377bf12063800b2e1082e07239aa5"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Thu Apr 16 00:46:30 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Apr 16 00:48:24 2026"
      },
      "message": "[crypto] add P-256 ECPrivateKey support\n\nAdd new methods to crypto::keypair::PrivateKey to deal with RFC 5915\nformat ECPrivateKey structures for P-256, in the style of the current\nones. Add unit tests for both round-tripping and known answers.\n\nThis is needed to support a couple of users of\nEC_KEY_parse_private_key(), all of whom are using P-256 keys.\n\nAI-Model: gemini-3.1-flash\nBug: 372283556\nChange-Id: Iaed63977f67de0a650934e7b2e068475c11d1bd8\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7763407\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1615526}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 6769bc849ce4f04fb837cb34d98aa1628f698a1a\n"
    },
    {
      "commit": "71374fccd82377bf12063800b2e1082e07239aa5",
      "tree": "f55a8f70a1122fa7b06b0eca7d0bab09ff83ffc1",
      "parents": [
        "88155fb23df680af6932641c340858b74953bbcb"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Wed Apr 15 15:19:48 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Apr 15 15:23:17 2026"
      },
      "message": "[webauthn] use //crypto APIs instead of BoringSSL\n\nRewrite uses of BoringSSL APIs in chrome/browser/webauthn to use the\nnewer wrappers in //crypto. Also clean up unused BoringSSL includes\nand helper functions in the android sub-directory.\n\nAI-Model: gemini-3.1-flash\nBug: 372283556\nChange-Id: I191facb34700967a74358754d1f904927a6ecf64\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7762927\nReviewed-by: Ken Buchanan \u003ckenrb@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1615187}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 311709eb71789a4da9749358a62382e3dc59ce0d\n"
    },
    {
      "commit": "88155fb23df680af6932641c340858b74953bbcb",
      "tree": "cb6d89bf5651ff275a7ecdef92ab2b133203efbe",
      "parents": [
        "b7f5d8c2b2fe8cd6886ed112ce75d54f1e9b03a8"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Tue Apr 14 00:28:41 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Apr 14 00:30:36 2026"
      },
      "message": "[crypto] implement RSAPrivateKey import/export\n\nThis change adds FromRSAPrivateKey() and ToRSAPrivateKey() to the\ncrypto::keypair::PrivateKey class, allowing for the import and export of\nRFC 8017-encoded RSA private keys (PKCS#1 format).\n\nIt also adds unit tests to verify both round-trip correctness and the\nparsing of a hardcoded RSA private key.\n\nAI-Model: gemini-3.1-flash\nBug: 372283556\nChange-Id: I935788386d9cd9933ce9760d626431b594ac2a65\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7758329\nReviewed-by: Adam Langley \u003cagl@chromium.org\u003e\nCommit-Queue: Elly \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1614092}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 8cd2f77c4da5bbf95cfe2615fdf63cfeaf9563ed\n"
    },
    {
      "commit": "b7f5d8c2b2fe8cd6886ed112ce75d54f1e9b03a8",
      "tree": "25338b3a99546ab5704bd7897b3cd7b89ff69ce8",
      "parents": [
        "7ca0f0cad8118278ec0757d722eb093b4b78fe15"
      ],
      "author": {
        "name": "Nina Satragno",
        "email": "nsatragno@chromium.org",
        "time": "Mon Apr 13 15:53:06 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Apr 13 15:55:44 2026"
      },
      "message": "[webauthn] Enable creating PINs when UV disabled\n\nEnable WebAuthnCreatePinWhenSystemUvDisabled by default. I verified it\nworks on a Windows box.\n\nAlso, stop caching user verifying key availability on Windows. UV key\navailability may change (e.g. if the user disables Windows Hello) while\nChrome is running, making the result stale (and somewhat defeating the\npoint of the code that we are enabling).\n\nFixed: 469125044\nChange-Id: Ibd2931e7c4ca87bb2ad0d6f7dc0b0e682d76cde4\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7747079\nReviewed-by: Elly \u003cellyjones@chromium.org\u003e\nReviewed-by: Ken Buchanan \u003ckenrb@chromium.org\u003e\nCommit-Queue: Nina Satragno \u003cnsatragno@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1613757}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: d29e714b4135ab23f6353ab616b6775dbe33507c\n"
    },
    {
      "commit": "7ca0f0cad8118278ec0757d722eb093b4b78fe15",
      "tree": "7b28142c2c707cdfd3c5028ce90d667f91df2a58",
      "parents": [
        "d179c73a63332e80d2ba9028ebc89f98a5aff71d"
      ],
      "author": {
        "name": "Arthur Sonzogni",
        "email": "arthursonzogni@chromium.org",
        "time": "Tue Apr 07 08:48:52 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Apr 07 08:51:03 2026"
      },
      "message": "[crypto] Convert to UNSAFE_TODO\n\nWe are migrating from coarse-grained file-level suppression (#pragma\nallow_unsafe_buffers) to granular, expression-level markers\n(UNSAFE_TODO()). The pragma disables safety checks for an entire file,\nwhereas UNSAFE_TODO() isolates specific potentially unsafe operations,\nallowing the rest of the file to be enforced as safe.\n\nDoc: https://docs.google.com/document/d/1ORQGBNn2R-CEvNbDTjRd-GrOBOFlCxIHdcvSUA_EhR4/edit?usp\u003dsharing\nAX-Relnotes: N/A\nCleanup: This is an mechanical #cleanup.\nBug: 409340989\nChange-Id: Id15903e9cdbdfa28aac3edb4e03356ddf0d747d3\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7726026\nAuto-Submit: Arthur Sonzogni \u003carthursonzogni@chromium.org\u003e\nCommit-Queue: Arthur Sonzogni \u003carthursonzogni@chromium.org\u003e\nReviewed-by: Emily Stark \u003cestark@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1610617}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: dee668f3a2bf520325e35136ec3aa9fdb9aceac0\n"
    },
    {
      "commit": "d179c73a63332e80d2ba9028ebc89f98a5aff71d",
      "tree": "d42722fc122e3dce8ad8581423b43d0f70a06deb",
      "parents": [
        "dad838c98a5998eba8357a4c7f3e6d4d848d9986"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Tue Mar 17 23:14:05 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Mar 17 23:16:38 2026"
      },
      "message": "crypto/kdf: rename PBKDF2 and Scrypt\n\nTo match the others:\n\n* DeriveKeyPbkdf2HmacSha1 -\u003e Pbkdf2HmacSha1\n* DeriveKeyScrypt -\u003e Scrypt\n\nand all clients are changed as well.\n\nAI-Model: Gemini 3 Flash\nFixed: 430635195\nChange-Id: Ifda8165bcf9985265fd4d738a05ba80097e2d387\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7674112\nReviewed-by: Daniel Cheng \u003cdcheng@chromium.org\u003e\nCommit-Queue: Elly FJ \u003cellyjones@chromium.org\u003e\nOwners-Override: Daniel Cheng \u003cdcheng@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1600858}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 640d483f00a40ea99f9b5949ae395ac93566e050\n"
    },
    {
      "commit": "dad838c98a5998eba8357a4c7f3e6d4d848d9986",
      "tree": "29fde9f6cd56a2b97a1bb01ca95b8f6a6423b601",
      "parents": [
        "0c13552a963b95f952dbe4acbebbd675eb449111"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Tue Mar 17 17:22:33 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Mar 17 17:24:30 2026"
      },
      "message": "crypto: add X25519 support\n\nSpecifically:\n* Add an X25519 type to crypto/keypair\n* Add an X25519 function to crypto/kex that uses those keypair types\n\nAI-Model: gemini-3-flash\nFixed: 432219825\nChange-Id: If759020816a2aa924ed1747bdff5b44f27434748\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7664322\nCommit-Queue: Elly FJ \u003cellyjones@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1600637}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: e5ebc0b41d03235956040a56a5897c38477f0031\n"
    },
    {
      "commit": "0c13552a963b95f952dbe4acbebbd675eb449111",
      "tree": "ebf1fcb2364a28f0867ba1ad2c62127665e48c66",
      "parents": [
        "1d454884468e302e5a6a3f08fb662779b4aa7743"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Wed Mar 11 16:05:16 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Mar 11 16:08:23 2026"
      },
      "message": "[crypto] Log keychain error when wrapped key lookup fails\n\nUpdate the Apple implementation of unexportable keys to explicitly log\nan `errSecItemNotFound` error when a wrapped key cannot be found in the\nkeychain. Previously, the code would return null without recording the\nmissing key in the `WrappedKeyExport` metrics.\n\nThis change improves error observability for DBSC on macOS by ensuring\nthat failed key retrievals are properly tracked.\n\nBug: b:455539044, 491743366\nChange-Id: Ib386611eb469be58f905934fa462f9bb6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7653944\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nAuto-Submit: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1597794}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 62d74b98e98242464e93fd74562ed019a9d8f63d\n"
    },
    {
      "commit": "1d454884468e302e5a6a3f08fb662779b4aa7743",
      "tree": "df3b9a2102a9f3d1dee865cc55e7436dddd1e630",
      "parents": [
        "d801022e56e6ee80cb74d7996985b87786510141"
      ],
      "author": {
        "name": "Anatoli Hancharou",
        "email": "antoli@google.com",
        "time": "Wed Mar 04 10:52:51 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Mar 04 10:55:38 2026"
      },
      "message": "[crypto] Extract SecKeyFromPKCS8 to test helper\n\nMoves the `SecKeyFromPKCS8` helper function from individual test files\ninto `crypto/apple/keychain_util` to make it available as a shared\nutility. This method will be used by upcoming integration tests for\nclient certificate authentication on iOS.\n\nChange-Id: I5316ae837e0cd994531e2ff1e246b471cdbae390\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7617527\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nCommit-Queue: Anatoli Hancharou \u003cantoli@google.com\u003e\nCr-Commit-Position: refs/heads/main@{#1593819}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: b7347a36de9c31acb21e02b1b77b0256eb53435e\n"
    },
    {
      "commit": "d801022e56e6ee80cb74d7996985b87786510141",
      "tree": "58c60fd4b060fce26e37e82ff7407fae0de6689f",
      "parents": [
        "c45feedb9c45d01cbe70682fd7f76a09141fcf2a"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Thu Feb 26 17:39:22 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Feb 26 17:43:40 2026"
      },
      "message": "crypto/aead: add one-shot API\n\nMost clients just do one-shot AEADs so this will be a bit more ergonomic\nfor them. They just call the stateful implementation internally.\n\nBug: 487755328\nChange-Id: I04bf7d06636229e774c46df3d9cb01d26026a2b8\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7609413\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nCommit-Queue: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1590902}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 9ad1480c061c33e11c11de7197bc3c0e7fe74cae\n"
    },
    {
      "commit": "c45feedb9c45d01cbe70682fd7f76a09141fcf2a",
      "tree": "9bc003047bd53b445ef08844459b355d6287e278",
      "parents": [
        "0d6fdec6a7d6c0b91e9ee87123d5e6dcd9542b23"
      ],
      "author": {
        "name": "David Benjamin",
        "email": "davidben@chromium.org",
        "time": "Wed Feb 25 02:12:03 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Feb 25 02:14:31 2026"
      },
      "message": "Unwind wincrypt_shim.h\n\nReplace it with includes of \u003cwincrypt.h\u003e and \u003cwindows.h\u003e. clang-format\nnow understands how to order these includes, so let clang-format figure\nout how to organize them. (This results in some \u003cwindows.h\u003e includes\nmoving to slightly earlier than before.)\n\nFixed: 483973077\nChange-Id: I5d1b25799e0fa529b473aaf7331dc8c41bdb44d5\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7601334\nReviewed-by: Colin Blundell \u003cblundell@chromium.org\u003e\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nReviewed-by: Lei Zhang \u003cthestig@chromium.org\u003e\nReviewed-by: Daniel Cheng \u003cdcheng@chromium.org\u003e\nCommit-Queue: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1589834}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 44a2896769d516a2dea9b59c99c24743a23ef87d\n"
    },
    {
      "commit": "0d6fdec6a7d6c0b91e9ee87123d5e6dcd9542b23",
      "tree": "68c120f87dadfcd7c4316f3bc0a515091cdaa696",
      "parents": [
        "cd0cd74231854ee6c56ae566ffd4d32bf994b8cc"
      ],
      "author": {
        "name": "Maya Warren",
        "email": "mayawarren@google.com",
        "time": "Thu Feb 12 16:11:52 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Feb 12 16:14:52 2026"
      },
      "message": "Cleanup Keychain V1\n\nThis CL completes the macOS Keychain Unification effort by\ndeleting the legacy Keychain V1 implementation. With all dependent\nAPIs migrated to KeychainV2, these files are no longer required.\n\nKey Changes:\n- Deletes the legacy AppleKeychain wrapper\n  (`crypto/apple/keychain.h/cc`).\n- Removes the associated SecItem and Mock Keychain utilities\n  (`keychain_secitem.h`, `mock_keychain.h`).\n- Cleans up the final remaining references in `components/wifi` and\n  `components/os_crypt`.\n\nBug: 441317288\nChange-Id: I57040464ce9b3ed991fbe1bb18003424017d8f4c\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7540447\nCommit-Queue: Maya Warren \u003cmayawarren@google.com\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nReviewed-by: Lei Zhang \u003cthestig@chromium.org\u003e\nReviewed-by: Kenichi Ishibashi \u003cbashi@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1584003}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: e338af7ea7714ad378bbd09a5ca1472f89ae8ac1\n"
    },
    {
      "commit": "cd0cd74231854ee6c56ae566ffd4d32bf994b8cc",
      "tree": "e9646809c9319a0c7e8eb3012a6ed1ecf3e9e471",
      "parents": [
        "c7fc4cc4e045f0aa7ad02f89b454ec8fa4ad9ee8"
      ],
      "author": {
        "name": "jj",
        "email": "jj@imput.net",
        "time": "Tue Feb 10 01:46:18 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Feb 10 01:50:08 2026"
      },
      "message": "Use XDG_DATA_HOME for nssdb path\n\nCurrently, the NSS database is always stored in ~/.pki/nssdb, which does\nnot adhere to the XDG Base Directory specification and clutters the\nuser\u0027s home directory.\n\nThis change updates the path resolution logic for the NSS database to\nsupport XDG paths while maintaining backwards compatibility. The new\ndirectory lookup order is:\n\n1. Use ~/.pki/nssdb if the directory already exists.\n2. Use $XDG_DATA_HOME/pki/nssdb if the environment variable is set.\n3. Otherwise, default to ~/.local/share/pki/nssdb.\n\nFixed: 40666379\nChange-Id: Id0f847e165ec33f3c7602797bb2d47061ef922eb\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7551836\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nAuto-Submit: jj \u003cjj@chromium.org\u003e\nCommit-Queue: jj \u003cjj@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1582175}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 555b21b0cdf458599e81cdfeb41ed86c405a3e23\n"
    },
    {
      "commit": "c7fc4cc4e045f0aa7ad02f89b454ec8fa4ad9ee8",
      "tree": "77f5c87036af04eed3a2c811af472dc8fe690ea1",
      "parents": [
        "e4311c1953d5e3b091c80251b42190d54cd6e5b9"
      ],
      "author": {
        "name": "Maya Warren",
        "email": "mayawarren@google.com",
        "time": "Fri Feb 06 19:08:53 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri Feb 06 19:10:38 2026"
      },
      "message": "Unify MacOS Keychains\n\nThis CL is part of the macOS Keychain Unification effort. It migrates\nseveral dependent components—including Keychain Password, OSCrypt, and\nthe Keychain Key Provider—away from the legacy Keychain wrapper\n(KeychainV1) to the modern crypto::apple::KeychainV2 API.\n\nKey Changes:\n- Replaces usages of the legacy AppleKeychain wrapper with KeychainV2 in:\n    - components/os_crypt/sync (OSCrypt)\n    - components/os_crypt/common (KeychainPassword)\n    - components/os_crypt/async (KeychainKeyProvider)\n- Removes redundant KeychainV1-related code from these dependent APIs.\n- Updates associated unit tests to use the modern KeychainV2 fakes/mocks.\n\nThis change is strictly an API-level refactor. The underlying storage\nfor remains entirely unchanged. All data continues to be stored in the\ntraditional file-based keychain.\n\nBug: 441317288\nBypass-Check-License: Files renamed, no license changes.\nChange-Id: I33dc65c8e6932f5e8ad1e1cadf6f2c287efec2f2\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7535754\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nReviewed-by: Lei Zhang \u003cthestig@chromium.org\u003e\nCommit-Queue: Maya Warren \u003cmayawarren@google.com\u003e\nReviewed-by: Avi Drissman \u003cavi@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1580996}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 158a2d2a5432e8b49c3ab60f4665e26742955a23\n"
    },
    {
      "commit": "e4311c1953d5e3b091c80251b42190d54cd6e5b9",
      "tree": "bc4e482588b38378f1364464d966fa511459eebf",
      "parents": [
        "8b9ec7ae9989c426937e5d49f64950230efc85dd"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Wed Feb 04 22:07:31 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Feb 04 22:10:39 2026"
      },
      "message": "aead: tolerate invalid-length keys\n\nBefore r1569902, Aead::Init() would fail a DCHECK if given a key of\ninvalid length, then Seal() and Open() would fail later - some variants\nof Seal() / Open() would CHECK, some would return false / nullopt.\n\nAfter r1569902, the behavior became uniform: Aead::Init() would fail a\nCHECK if given a key of invalid length.\n\nThis introduced field crashes in client code that was passing\ninvalid-length keys, then handling Seal() / Open() failures caused by\nthat later down the line.\n\nThis change makes Aead behave like so:\n* Init() stores whether or not initialization succeeded\n* Seal() and Open() always return their failure values if initialization\n  failed\n\nBug: 478966624\nChange-Id: I24507d9e2bec630f661f0d47a717881306283b72\nValidate-Test-Flakiness: skip\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7538703\nReviewed-by: Will Harris \u003cwfh@chromium.org\u003e\nCommit-Queue: Elly FJ \u003cellyjones@chromium.org\u003e\nAuto-Submit: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1579703}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 4cc2c8fc663b30fcc35c6b3eda2dd3d020157df9\n"
    },
    {
      "commit": "8b9ec7ae9989c426937e5d49f64950230efc85dd",
      "tree": "0f3af174a56a5c03466c167e185bde19f58d9d04",
      "parents": [
        "02daaa35b7131b9d8b68614a3a298657572c1d72"
      ],
      "author": {
        "name": "Sebastien Lalancette",
        "email": "seblalancette@chromium.org",
        "time": "Wed Feb 04 18:51:57 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Feb 04 18:53:44 2026"
      },
      "message": "Verify RSA-PSS Signature for TLS 1.3 Compatibility\n\nGenerate and verify an RSA-PSS signature to catch TPMs that are\nincompatible with TLS 1.3 (due to having a fixed salt length) and\nprevent the provisioning of client certificates with those TPMs.\n\nThis CL builds on top of this previous one:\ncrrev.com/c/7521786\n\nBug: 478227256\nChange-Id: I9a22bd4dbbb5c5b063de18efb87405991b599571\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7540941\nCommit-Queue: Sébastien Lalancette \u003cseblalancette@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1579608}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: e14870b35cacd05c600a7cb0025b28e8d16eeead\n"
    },
    {
      "commit": "02daaa35b7131b9d8b68614a3a298657572c1d72",
      "tree": "bca46d6dc45ccc523afe2f7197588698b08c5812",
      "parents": [
        "ebeec233d94df2e256dce02b755167b5339e6c23"
      ],
      "author": {
        "name": "Will Harris",
        "email": "wfh@chromium.org",
        "time": "Mon Feb 02 18:53:49 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Feb 02 18:56:52 2026"
      },
      "message": "Treat ERROR_NO_SYSTEM_RESOURCES as OOM in ProcessBoundString\n\nThis error can be returned from CryptUnprotectMemory and there isn\u0027t\nanything we can do about it other than crash with an OOM.\n\nThis CL updates the handling to cater for this issue.\n\nBUG\u003d375332157\n\nChange-Id: I2ff2d2211bced3b97c4228732190478e89e4e1e6\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7530749\nCommit-Queue: Will Harris \u003cwfh@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1578248}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 1cf4f74102fb773f49a06c52a2b5177634d472f7\n"
    },
    {
      "commit": "ebeec233d94df2e256dce02b755167b5339e6c23",
      "tree": "df01371a57e423faab966bdcf70abdabd76bdcd8",
      "parents": [
        "f8d64cee5a2cb7c36c7740a47d945c42f567e298"
      ],
      "author": {
        "name": "Sebastien Lalancette",
        "email": "seblalancette@chromium.org",
        "time": "Thu Jan 29 16:11:38 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jan 29 16:14:59 2026"
      },
      "message": "Prevent the usage of RSA TPM keys that are incompatible with TLS 1.3\n\nWhen provisioning client certificates managed by Chrome, make sure to\ntest RSA keys created via a TPM on Windows to verify that they support\ngenerating RSA-PSS signatures with equal salt and digest lengths. This\nwould otherwise lead to have client certificates that would fail mTLS\nconnections by failing to sign a TLS 1.3 payload.\n\nThe new check is added during both key creation and key loading times.\nThe latter allows failing to load a previously-created invalid key,\neffectively forcing the provisioning service to provision a new identity\n(with a compatible key). This will help get users back on tracks, as\nbrowsers with \"broken\" certs will simply fix themselves upon restart.\n\nBug: 478227256\nChange-Id: Ifa3495edffc739474fbc110f857dc1adf0a7ec76\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7521786\nAuto-Submit: Sébastien Lalancette \u003cseblalancette@chromium.org\u003e\nReviewed-by: Monica Salama \u003cmsalama@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1576605}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 8c31d03a91d76ccc71d068e2b08d175d473911a1\n"
    },
    {
      "commit": "f8d64cee5a2cb7c36c7740a47d945c42f567e298",
      "tree": "a494933ff07d64c0adce8146137a983596d984a1",
      "parents": [
        "7515ada4c7b901b63c6c926ac59adf7b1f40c3b3"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Thu Jan 22 18:56:09 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jan 22 18:58:47 2026"
      },
      "message": "[dbsc] Refactor unexportable key deletion to use signing key objects\n\nRefactor the StatefulUnexportableKeyProvider interface to support\ndeleting keys using their signing key objects instead of just their\nwrapped representations.\n\nSpecifically, this change:\n- Renames the old DeleteSigningKeysSlowly (taking wrapped keys) to\n  DeleteWrappedKeysSlowly.\n- Introduces a new DeleteSigningKeysSlowly that accepts a span of\n  StatefulUnexportableSigningKey objects.\n- Updates UnexportableKeyServiceImpl and UnexportableKeyTaskManager\n  to leverage the new method, passing the full key context.\n\nThis refactoring allows for more precise key deletion on Apple\nplatforms. On macOS, the keychain lookup now uses both the application\nlabel (from the wrapped key) and the application tag (from the signing\nkey metadata) to ensure the correct key is removed. This addresses an\nissue where multiple keys might share the same wrapped representation\nbut have different tags.\n\nBug: 476925548\nChange-Id: I187e9f8a23f5365750a95e59f44d22866a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7502476\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Daniel Rubery \u003cdrubery@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Slobodan Pejic \u003cslobodan@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1573179}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 421a039d18e7b03f0134937d9320b267604a080f\n"
    },
    {
      "commit": "7515ada4c7b901b63c6c926ac59adf7b1f40c3b3",
      "tree": "2f7397a5f98563d4e508c0a00e920e60552f1ed6",
      "parents": [
        "b75d1cc545eecddba323f5dcac959fcbc2e6667a"
      ],
      "author": {
        "name": "Julie Jeongeun Kim",
        "email": "jkim@igalia.com",
        "time": "Thu Jan 22 04:46:26 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jan 22 04:48:33 2026"
      },
      "message": "[tvos] Fix the build breaks in //crypto on tvOS\n\nThis excludes LocalAuthentication.framework when building the content\nshell on tvOS, as it is not available on that platform.\n\nBug: 432304211\nChange-Id: Idfb813cb5beff608516a3fec727d11124222ab5e\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7501775\nReviewed-by: Dave Tapuska \u003cdtapuska@chromium.org\u003e\nReviewed-by: Tom Sepez \u003ctsepez@chromium.org\u003e\nCommit-Queue: Julie Jeongeun Kim \u003cjkim@igalia.com\u003e\nCr-Commit-Position: refs/heads/main@{#1572741}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 09e1cd4ac8b23bd405c39aae91c3336b2323d1f8\n"
    },
    {
      "commit": "b75d1cc545eecddba323f5dcac959fcbc2e6667a",
      "tree": "427f1f22fde9262e3c62d1a2872e09d118337ce9",
      "parents": [
        "0e93b55ed7f9a6eecd60795080990a8dabaae2be"
      ],
      "author": {
        "name": "Gyuyoung Kim",
        "email": "gyuyoung@igalia.com",
        "time": "Sat Jan 17 05:36:56 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Sat Jan 17 05:39:25 2026"
      },
      "message": "[iOS Blink][tvOS] Fix build break by adding crypto:test_support dependency\n\nAfter https://crrev.com/c/7414587 enabled\ncrypto/apple/unexportable_key_mac.mm on iOS,\nauthenticator_impl_unittest.cc requires headers from\n//crypto:test_support. This dependency was missing, causing build\nfailures on iOS Blink and tvOS. Also, unexportable_key_apple.mm uses\nLAContext, which is not available on tvOS. Thus, this CL disables the\nfiles on tvOS.\n\nBug: 432304211\nChange-Id: Id22d270c61c9007c4998fd7435fa8072bdf78ca8\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7487613\nReviewed-by: Tom Sepez \u003ctsepez@chromium.org\u003e\nReviewed-by: Dave Tapuska \u003cdtapuska@chromium.org\u003e\nCommit-Queue: Gyuyoung Kim \u003cgyuyoung@igalia.com\u003e\nCr-Commit-Position: refs/heads/main@{#1570746}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 7a77fe52e7fbc676291a32292e11f9204086588b\n"
    },
    {
      "commit": "0e93b55ed7f9a6eecd60795080990a8dabaae2be",
      "tree": "46e0faf6c08f3ee041dba0a0ba82b59876fd2786",
      "parents": [
        "79deeb9ecf123b2b04c36fee441b948d2a7dc36b"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Thu Jan 15 19:11:40 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jan 15 19:13:32 2026"
      },
      "message": "crypto/aead: store AEAD context for reuse\n\nThis is more efficient (we don\u0027t rerun the AES key schedule every\nSeal/Open op) and means that we don\u0027t need to store a raw_ptr to a\ncaller-owned key, which simplifies this class\u0027s lifetime invariants.\n\nThis change also adds a two-arg constructor:\n\n  Aead(kind, key)\n\nwhich removes the need to call Aead::Init() separately with a key, and\nmarks the one-arg Aead constructor and Init() as deprecated, since\nthere\u0027s never a reason to construct an Aead instance before its key is\navailable.\n\nBug: 475891208\nChange-Id: I3159643f27b36ebc99f39075837517c6898cf4b6\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7477298\nCommit-Queue: Elly FJ \u003cellyjones@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1569902}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 9989ab0140a33ecc7ccd8ec0d7dcd0605c212e82\n"
    },
    {
      "commit": "79deeb9ecf123b2b04c36fee441b948d2a7dc36b",
      "tree": "117b7f7fe02b0d296f72c47cd1a8d02b1092412c",
      "parents": [
        "dfc9e3ae1ce6d381b589d4c015bdc0d4ff5c22c6"
      ],
      "author": {
        "name": "Anatoli Hancharou",
        "email": "antoli@google.com",
        "time": "Thu Jan 15 18:10:24 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jan 15 18:12:42 2026"
      },
      "message": "Enable support of crypto/apple/unexportable_key_mac.mm on iOS\n\nThis patch enables the compilation of `unexportable_key_mac` on iOS,\nallowing access to hardware-backed keys via the `UnexportableKey`\ninterface. The files and corresponding classes are renamed to correctly\nreflect the extended support of different Apple platforms. This change\nalso enables unit tests for unexportable key on iOS. The key will be\nused by the\ncomponents/enterprise/client_certificates/core/unexportable_private_key_factory.cc\nas described in the DD.\n\nDD: go/cbe-cep-client-certs-bling-dd\nBug: 432304211\nBypass-Check-License: files were renamed\nChange-Id: I1ea11f5caacb204c9e4854e7980b4505fb162dc0\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7414587\nReviewed-by: Charlie Harrison \u003ccsharrison@chromium.org\u003e\nReviewed-by: Aliaksei Bahdzevich \u003cthelex@google.com\u003e\nCommit-Queue: Anatoli Hancharou \u003cantoli@google.com\u003e\nCr-Commit-Position: refs/heads/main@{#1569845}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: f768cb466b3c594a8b55175be114908f80786719\n"
    },
    {
      "commit": "dfc9e3ae1ce6d381b589d4c015bdc0d4ff5c22c6",
      "tree": "880876ab265f2264cd9030e1bb54bb4e0a652f2c",
      "parents": [
        "04b844d639b9868c2e214ad2dff9c635f00f531c"
      ],
      "author": {
        "name": "Joe Downing",
        "email": "joedow@google.com",
        "time": "Wed Jan 14 23:42:05 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jan 14 23:44:23 2026"
      },
      "message": "Fixing a typo in Aead class impl\n\nWhile reading through this code I noticed that the private\nAead::Open function was operating on \u0027plaintext\u0027 which seemed to be a\ntypo as I think it should actually be \u0027ciphertext\u0027 since the function\nis decrypting content, not encrypting plaintext.\n\nBug: NO_BUG\nChange-Id: I8e4b7bc313d6437236eb8d4327ef9fc9801a8e24\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7476077\nCommit-Queue: Joe Downing \u003cjoedow@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1569389}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 17ad315fbea7b8a8c782589cba53b5ba71241156\n"
    },
    {
      "commit": "04b844d639b9868c2e214ad2dff9c635f00f531c",
      "tree": "0c1a77e750fc47e0e8278f5fdfbd2b392619fc1b",
      "parents": [
        "99fa327435481403df07c475c7c90380b3ddb06d"
      ],
      "author": {
        "name": "David Bienvenu",
        "email": "davidbienvenu@chromium.org",
        "time": "Wed Jan 14 19:36:32 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jan 14 19:38:51 2026"
      },
      "message": "Fix UNSAFE_TODOs in  winrt_storage_util.cc\n\nMake CreateIBufferFromData take a span, and make GetPointerToBufferData\nreturn a span, and fix all the call sites.\n\nBug: 42271176\nChange-Id: I67c83f0a2078fbf8c482dd4a76687f7c0b978dba\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7376792\nReviewed-by: Tom Sepez \u003ctsepez@chromium.org\u003e\nCommit-Queue: David Bienvenu \u003cdavidbienvenu@chromium.org\u003e\nReviewed-by: Matt Reynolds \u003cmattreynolds@chromium.org\u003e\nReviewed-by: Takashi Toyoshima \u003ctoyoshim@chromium.org\u003e\nReviewed-by: Robert Liao \u003crobliao@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1569200}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: e4201a28397a3f897b5cad65b30a29095b201292\n"
    },
    {
      "commit": "99fa327435481403df07c475c7c90380b3ddb06d",
      "tree": "ac13a1c4d4c710556aa8d295416196493e73deb8",
      "parents": [
        "d01adf020bea39eeeecef838af25e33dcc8cf69f"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Wed Jan 14 18:40:01 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jan 14 18:42:27 2026"
      },
      "message": "[dbsc] Remove DeleteSigningKeySlowly\n\nThis method is redundant because `DeleteSigningKeysSlowly` can handle\nboth single and multiple keys. Removing the singular version simplifies\nthe `StatefulUnexportableKeyProvider` interface.\n\nThis CL removes `DeleteSigningKeySlowly` and updates all existing call\nsites to use `DeleteSigningKeysSlowly` with a single-element initializer\nlist. Unit tests and mocks are updated to reflect this API change.\n\nChange-Id: I3936bf1bd5e1b30e5780de203bf351e661b25275\nBug: 455538832\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7409291\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Slobodan Pejic \u003cslobodan@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1569187}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: ed5561b91ae47ea23f4c5cbe750a71970ec721b9\n"
    },
    {
      "commit": "d01adf020bea39eeeecef838af25e33dcc8cf69f",
      "tree": "228e78738ba0b165d3c7b4499f4290cf8d000d80",
      "parents": [
        "0335e72a9da78a802e5230fb1072928f61870561"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Wed Jan 14 10:30:31 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jan 14 10:32:19 2026"
      },
      "message": "[dbsc] Add batch key deletion to UnexportableKeyService\n\nImplement `DeleteKeysSlowlyAsync` in `UnexportableKeyService` and its\nbackend implementations to allow deleting multiple keys in a single\noperation. Update the Mojo interface, task manager, and metrics to\nsupport this new capability.\n\nIn the macOS implementation, `DeleteSigningKeysSlowly` queries for all\nkeys matching the configuration and filters them by the provided wrapped\nkeys before deletion. This approach ensures correct behavior when\napplication tags are used as prefixes.\n\nRefactor `UnexportableKeyServiceImpl` to extract key map cleanup logic\ninto a new `DeleteKeyFromMaps` helper method.\n\nBug: 455539044\nChange-Id: Ib42c80507a88b6a054cd78dcd5d6efe9ac35ffbb\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7269484\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1568999}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 7ec6152d812e45d4bd472e9997c5054a5aaa1118\n"
    },
    {
      "commit": "0335e72a9da78a802e5230fb1072928f61870561",
      "tree": "0ff838d8912e0ee68db8ce1e9f1289042c3594e1",
      "parents": [
        "06ebfeedbb04736b6fd76eb45eb2a2984e2be82e"
      ],
      "author": {
        "name": "Joe Downing",
        "email": "joedow@google.com",
        "time": "Tue Jan 13 23:55:50 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jan 13 23:58:34 2026"
      },
      "message": "Add a helper function to generate a shared secret for ECDH P384\n\nThis CL adds a helper function to generate a shared secret when\nusing ECDH P384 using the same underlying code as the existing\nEcdhP256 helper function.\n\nBug: NO_BUG\nChange-Id: I8b3a2022420f603e577fb96db18dd4c5c0bcc671\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7454822\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCommit-Queue: Joe Downing \u003cjoedow@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1568782}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 918ee605eed737ad5a119a8763cfe112c4f88e36\n"
    },
    {
      "commit": "06ebfeedbb04736b6fd76eb45eb2a2984e2be82e",
      "tree": "5c542212e3b57eb74086243eac01201c7391643f",
      "parents": [
        "43903f178a64ef2848a6e0bb7c9651dfbad1b49d"
      ],
      "author": {
        "name": "Maya Warren",
        "email": "mayawarren@google.com",
        "time": "Tue Jan 13 21:18:27 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jan 13 21:21:31 2026"
      },
      "message": "Add Keychain V1 functionality to KeychainV2\n\nThis is the first step in removing the Keychain V1 API.\n\nThis change:\n\n1. Moves functions `FindGenericPassword` and `AddGenericPassword` into\nkeychainV2 and updates their functionality to use the SecItem wrappers\nin keychainV2.\n\n2. Adds FindGenericPassword and AddGenericPassword to fake_keychain so\nthat this functions can be mocked correctly in test.\n\nBug: 441317288\nChange-Id: Ife322fb23f24c1eb9f457bc96e359220f1b95f9d\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7404806\nReviewed-by: Avi Drissman \u003cavi@chromium.org\u003e\nCommit-Queue: Maya Warren \u003cmayawarren@google.com\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1568672}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 614a8ffdbf538ac483934c50711cd8fcc878c728\n"
    },
    {
      "commit": "43903f178a64ef2848a6e0bb7c9651dfbad1b49d",
      "tree": "7d05774a28cb336ccd1b455621e5d5cfc7876555",
      "parents": [
        "cc9ad2cc753938b291bc25af9b0ba5a5f4900519"
      ],
      "author": {
        "name": "Victor Hugo Vianna Silva",
        "email": "victorvianna@google.com",
        "time": "Tue Jan 13 16:35:21 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Jan 13 16:37:20 2026"
      },
      "message": "Migrate base::Contains() to std::ranges::contains() in crypto\n\nbase::Contains() is an alias to std::ranges::contains() since\ncrrev.com/c/7415207, so this CL has no behavior change.\n\nBug: 470391351\nChange-Id: I3117f1798550f62a12d148a19b37079485d7ed68\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7459682\nCommit-Queue: David Benjamin \u003cdavidben@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nAuto-Submit: Victor Vianna \u003cvictorvianna@google.com\u003e\nCr-Commit-Position: refs/heads/main@{#1568442}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 7470ddf76976fec43078be775a792009702cf01b\n"
    },
    {
      "commit": "cc9ad2cc753938b291bc25af9b0ba5a5f4900519",
      "tree": "a65a294b227028379da78c177f11a302ff86d0c1",
      "parents": [
        "793e01242deb48c7372a22468b9cd15e9a45c2c9"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Fri Jan 09 15:25:47 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Fri Jan 09 15:28:40 2026"
      },
      "message": "[dbsc] Log Secure Enclave key deletion errors\n\nThis patch adds metrics to track failures when deleting keys backed by\nthe Secure Enclave on macOS.\n\nIt introduces the `TPMOperation::kKeyDeletion` enum value and adds a\ncorresponding variant to the\n`Crypto.SecureEnclaveOperation.Mac.{Operation}.Error` histogram.\n\nThe implementation in `crypto/apple/unexportable_key_mac.mm` is updated\nto log errors in the following scenarios:\n* When the keychain `ItemDelete` operation fails in\n    `DeleteSecureEnclaveKey`.\n* When querying for keys fails during `DeleteKey` or `DeleteAllKeys`.\n\nAdditionally, the `LogKeychainOperationError` helper functions are moved\nto the top of the file to ensure they are defined before use in the\ndeletion methods.\n\nBug: 455539044\nChange-Id: I9dd2b831cffb054c084e7c43556649dd43ad63bd\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7401573\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1566929}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: a6c114ba9d4d537d2220fc58fa898613ac96846d\n"
    },
    {
      "commit": "793e01242deb48c7372a22468b9cd15e9a45c2c9",
      "tree": "125019bebf210144e40d521911b1e32016abde46",
      "parents": [
        "2aea5f377be397294d949b2821e4b2064f97fadc"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Thu Jan 08 18:33:10 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jan 08 18:36:02 2026"
      },
      "message": "[dbsc] Support prefix matching in DeleteSigningKeySlowly\n\nRefactor `UnexportableKeyProviderMac` to use shared helper functions for\nquerying and filtering keychain items. This introduces `FindUnexportableKeys`\nand `FilterKeysByApplicationTag` to centralize keychain interactions.\n\nUpdate `DeleteSigningKeySlowly` to use these helpers, enabling it to\nidentify and delete keys based on an application tag prefix rather than\nrequiring an exact match. This aligns the deletion behavior with\nretrieval methods, which already supported prefix matching.\n\nUpdate `FromWrappedSigningKeySlowly`, `GetAllSigningKeysSlowly`, and\n`DeleteAllSigningKeysSlowly` to utilize the new infrastructure,\nreducing code duplication and simplifying maintenance.\n\nBug: 455539044\nChange-Id: I35a459e5f436701cd12c83b0fdc9deee6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7367118\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1566412}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 45163bd44b5c70cc893d9a1ae04469462898be91\n"
    },
    {
      "commit": "2aea5f377be397294d949b2821e4b2064f97fadc",
      "tree": "391de96733b199066a59e9edb57d9fcd6460f5be",
      "parents": [
        "d5d935977d47eb3d585eb9b2034f5b6326d5592e"
      ],
      "author": {
        "name": "Victor Hugo Vianna Silva",
        "email": "victorvianna@google.com",
        "time": "Thu Jan 08 16:39:29 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Jan 08 16:42:02 2026"
      },
      "message": "Migrate various base::Contains() to contains() in crypto\n\nBug: 470391351\nChange-Id: I69d2f3d86dc917014d1a5664659b2766a4a382c4\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7362193\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: David Benjamin \u003cdavidben@chromium.org\u003e\nAuto-Submit: Victor Vianna \u003cvictorvianna@google.com\u003e\nCr-Commit-Position: refs/heads/main@{#1566332}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: c3bb666941fd83e308fa68e0df72641341f3b0a3\n"
    },
    {
      "commit": "d5d935977d47eb3d585eb9b2034f5b6326d5592e",
      "tree": "ef5d3cef2d6de26a1ecc7dc8e32520befed75cc6",
      "parents": [
        "3726c72e3833f902e0fa737d2a405530afb4a8d9"
      ],
      "author": {
        "name": "Ernest Nguyen Hung",
        "email": "ernn@google.com",
        "time": "Wed Jan 07 10:14:16 2026"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Wed Jan 07 10:17:44 2026"
      },
      "message": "[crypto] Record `Crypto.TPMOperation.Win` uma on select alg errors\n\n`UnexportableKeyProviderWin::SelectAlgorithm` currently doesn\u0027t log any\nhistograms on errors making it hard to debug. It adds additional\nhistogram recording on select algorithm errors.\n\nBug: 470032205\nChange-Id: I5aef175bf9330b55aea50f3544766165e6e7d314\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7296230\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: Ernest Nguyen Hung \u003cernn@google.com\u003e\nCr-Commit-Position: refs/heads/main@{#1565517}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 33fdf75161dfa94f567eb839999c121b341f82fc\n"
    },
    {
      "commit": "3726c72e3833f902e0fa737d2a405530afb4a8d9",
      "tree": "edf4305757a1b8d83144fc4f607a6ed39e0394d6",
      "parents": [
        "2b6e5f82d5f0cac64b8de776c9ba07bfbe32f046"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Dec 15 19:54:37 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Dec 15 20:05:45 2025"
      },
      "message": "[dbsc] Implement DeleteAllSigningKeys on Mac\n\nImplements `DeleteAllSigningKeysSlowly` in `UnexportableKeyProviderMac`.\nThe implementation queries the macOS Keychain for all EC keys within\nthe provider\u0027s access group.\n\nIt iterates through the results and filters them based on the\napplication tag. If the provider has a configured application tag, it\nperforms a prefix match. This allows a provider representing a broader\nscope to delete keys belonging to sub-scopes (e.g., a provider with tag\n\"com.example\" can delete keys tagged \"com.example.foo\").\n\nReturns the number of keys successfully deleted.\n\nBug: 455539044\nChange-Id: Ifa49846af42ce869c29593d7127b590b6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7215949\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1558902}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: eb84b25e39bc19958c1d483e18d96865b09f28c0\n"
    },
    {
      "commit": "2b6e5f82d5f0cac64b8de776c9ba07bfbe32f046",
      "tree": "17cefd734784420aa4a2b2d36c2fbae0b2a6ecc6",
      "parents": [
        "08919b1578214d7a4c00d4ca93d764f8e31393f6"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Dec 15 19:53:39 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Dec 15 19:56:35 2025"
      },
      "message": "[dbsc] Add GetCreationTime to StatefulUnexportableSigningKey.\n\nThis change introduces a new method `GetCreationTime()` to the\n`StatefulUnexportableSigningKey` interface, allowing retrieval of the\ncreation time of a key.\n\nOn macOS, this time is read from the `kSecAttrCreationDate` attribute\nin the Keychain. The `UnexportableKeyService` and its Mojo proxy are\nupdated to expose this new property. Placeholder implementations are\nadded for other platforms and fakes.\n\nAn example usecase of this method is to perform safe garbage collection.\nDeletion operions can check the key\u0027s creation time to ensure no recent\nkeys will be deleted.\n\nBug: 455539044\nChange-Id: Idfa4c75bafa7b8c7fbd593fc5fea84087bc3a0c2\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7239132\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1558901}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 386685e3e67588d34a3e361f2da4f271bd82cd01\n"
    },
    {
      "commit": "08919b1578214d7a4c00d4ca93d764f8e31393f6",
      "tree": "83a0ac2666fd6b16348046fb5ac06ff9be0d12cc",
      "parents": [
        "67db053f37774dc5e74ba640905e77876428182b"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Dec 15 19:53:23 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Dec 15 19:56:17 2025"
      },
      "message": "[dbsc] Introduce StatefulUnexportableSigningKey and GetKeyTag\n\nThis change adds a new interface StatefulUnexportableSigningKey which\nextends UnexportableSigningKey with a GetKeyTag() method. This method\nreturns a platform-specific tag associated with the key.\n\nThe UnexportableKeyService interface is updated to include a GetKeyTag()\nmethod, which is implemented by downcasting to\nStatefulUnexportableSigningKey where supported. The Mojo interface and\nits proxy are also updated to pass the key tag.\n\nCurrently, only the macOS Secure Enclave implementation provides a\nnon-empty key tag, derived from the application tag. Other platforms\nreturn an empty string or indicate that the operation is not supported.\n\nBug: 455539044\nChange-Id: I7f59920e33f8c50d31fb2e35c6d226e93a0d07d6\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7221131\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1558900}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: be32c0a59d26036a8de566df86724057ef1f6c98\n"
    },
    {
      "commit": "67db053f37774dc5e74ba640905e77876428182b",
      "tree": "b5f76ca1b9140cca5ac9f1831ff7e2320c6a6e0b",
      "parents": [
        "ca4b9fa0157219cea1774e8a5b3b9a5e883c72b6"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Mon Dec 15 19:30:57 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Dec 15 19:33:10 2025"
      },
      "message": "[dbsc] Repair unexportable keys from other profiles\n\nUpdate `UnexportableKeyProviderMac::FromWrappedSigningKeySlowly` to\nsearch for all keychain items matching a wrapped key\u0027s label, instead\nof restricting the query to the current application tag.\n\nWhen a key is found under a different application tag but is missing\nfor the current provider, create a new keychain entry by copying the\nexisting item and updating its application tag. This ensures keys can\nbe shared or recovered across different profiles.\n\nChange-Id: I71b86401347414ea3659686d43e779153ce1b258\nBug: 455539044\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7239127\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1558876}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: c389a6436ce96e1d95ba43fb1493523017a81dd0\n"
    },
    {
      "commit": "ca4b9fa0157219cea1774e8a5b3b9a5e883c72b6",
      "tree": "d9656e3a5e610ea1f3911e8e9166b6be232825b7",
      "parents": [
        "2ff07777ff499aa8aa983fca5a061f3c436f3f11"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Mon Dec 15 16:46:56 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Dec 15 16:49:46 2025"
      },
      "message": "crypto: remove old HMAC API\n\nIt is deprecated and its last clients are now gone. Yay!\n\nFixed: 453961766\nChange-Id: Ie558c3173cbef59ded36260436c791a83ed82947\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7254696\nCommit-Queue: Elly FJ \u003cellyjones@chromium.org\u003e\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1558761}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 06d7910fe8afca146c00314ed2ab064b2f17b304\n"
    },
    {
      "commit": "2ff07777ff499aa8aa983fca5a061f3c436f3f11",
      "tree": "0b99c2ad91ff4bef20f2a4847c72ec5de341be0e",
      "parents": [
        "afd524f984677359bd697037fb199a9f39bd709e"
      ],
      "author": {
        "name": "Nina Satragno",
        "email": "nsatragno@chromium.org",
        "time": "Tue Dec 09 17:25:27 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Dec 09 17:27:31 2025"
      },
      "message": "[crypto] Clean up kIsHardwareBackedFixEnabled\n\nClean up kIsHardwareBackedFixEnabled. It\u0027s been enabled long enough.\n\nBug: 416731926\nChange-Id: I8f542b3338eb742d7c195d777bbdc033298b281e\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7238634\nAuto-Submit: Nina Satragno \u003cnsatragno@chromium.org\u003e\nCommit-Queue: Sébastien Lalancette \u003cseblalancette@chromium.org\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nReviewed-by: Sébastien Lalancette \u003cseblalancette@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1556205}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 0933e7d9b9fdac923fd5851366e715b6f1e53bcf\n"
    },
    {
      "commit": "afd524f984677359bd697037fb199a9f39bd709e",
      "tree": "6a76c0e50fe1fad434491ab4fc9f4ad3af4cce80",
      "parents": [
        "738d3997a922c026992f5a28419b4aa3629b7413"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Tue Dec 09 08:18:49 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Dec 09 08:25:40 2025"
      },
      "message": "[dbsc] Enable prefix matching for application tags on macOS\n\nModify `GetAllSigningKeysSlowly` to support prefix matching for\napplication tags, rather than enforcing exact matches via the Keychain\nquery.\n\nPreviously, the query included `kSecAttrApplicationTag`, which\nrestricted results to exact matches. This change removes that attribute\nfrom the `SecItemCopyMatching` query and instead filters the returned\nresults in software. This allows the retrieval of keys that share a\ncommon prefix, which is required for DBSC key management.\n\nAdd a helper function `GetApplicationTag` to handle application tags\nreturned as either `CFStringRef` (legacy) or `CFDataRef`. Update the\nheader documentation to reflect this platform-specific behavior.\n\nBug: 455539044\nChange-Id: I1b4be291d294cefece792eab884efc726a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7224056\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1555945}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 9539fbb843ac3f1375d3cb6f760035cd605c1eed\n"
    },
    {
      "commit": "738d3997a922c026992f5a28419b4aa3629b7413",
      "tree": "48e00c439601a5f982286dc59efa94f73f38b5f8",
      "parents": [
        "f728f694ad6f2fb97f03d5d6c09ad94fb04f40c4"
      ],
      "author": {
        "name": "Lei Zhang",
        "email": "thestig@chromium.org",
        "time": "Mon Dec 08 19:48:38 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Dec 08 19:52:40 2025"
      },
      "message": "Remove a superfluous include from crypto/process_bound_string.h\n\nThis header does not use crypto/features.h. Avoid transitively including\nit in 2000+ TUs.\n\nBug: 40318405\nChange-Id: I13194a893b66cb13ff2c2e08158f07ddeb391d45\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7234709\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCommit-Queue: Lei Zhang \u003cthestig@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1555640}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 942f2e4d066827fca95e51fd80151fc8542bec18\n"
    },
    {
      "commit": "f728f694ad6f2fb97f03d5d6c09ad94fb04f40c4",
      "tree": "3a834ce09185a36e2b9db509a6a35b94bfddaf96",
      "parents": [
        "a48e1c0bef5e8fdcce21196407852c14d1a74ca6"
      ],
      "author": {
        "name": "Antonio Alphonse",
        "email": "alphonsea@google.com",
        "time": "Thu Dec 04 20:59:07 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Dec 04 21:03:06 2025"
      },
      "message": "metrics: base/hash/sha1 -\u003e crypto/obsolete/sha1\n\nLogInfo uses SHA-1 for hashing log data for unsent logs. This is used to\nstore a hash of the log SHA-1 to catch errors from memory corruption\nwithin `unsent_log_store`. This gets written and restored from disk.\nSHA-1 is also being used for setting the kStabilitySavedSystemProfile\nhash within `environment_recorder.cc`.\n\nBecause these could affect retrieving prior user preference data and\nmetrics, this CL migrates to using the crypto/obsolete SHA-1 library.\nMechanical change, no expected behavior change.\n\nBug: 430344933\nChange-Id: Icc224caf4af32162a416c0fb0f62e524b507dbf1\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7159550\nReviewed-by: Giovanni Ortuno Urquidi \u003cortuno@chromium.org\u003e\nReviewed-by: Alexei Svitkine \u003casvitkine@chromium.org\u003e\nCommit-Queue: Antonio Alphonse \u003calphonsea@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1554241}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: fe056840db0f047b59790e1db2b6813fd5e036f0\n"
    },
    {
      "commit": "a48e1c0bef5e8fdcce21196407852c14d1a74ca6",
      "tree": "08e56a4e96c63dcd33aef9d98b8e9ad9007a6803",
      "parents": [
        "d37bccfb8b9418a763cb22dfb25d0471eb8f7d40"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Thu Dec 04 19:59:18 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Dec 04 20:07:36 2025"
      },
      "message": "[dbsc] Implement GetAllSigningKeys on Mac\n\nImplements `UnexportableKeyProviderMac::GetAllSigningKeysSlowly` using\n`SecItemCopyMatching`. This enables the retrieval of all available\nhardware-bound EC keys associated with the provider\u0027s configured\naccess group and application tag.\n\nThe query specifically filters for `kSecAttrKeyTypeECSECPrimeRandom`.\nIf the keychain returns `errSecItemNotFound`, the method returns an\nempty vector instead of treating it as a failure.\n\nBug: 455539044\nChange-Id: I2cda3198957e41de7824d97de66665fc6a6a6964\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7214812\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1554195}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: a506a1432c5fb6472f7d7790fbaa028d3bd292a2\n"
    },
    {
      "commit": "d37bccfb8b9418a763cb22dfb25d0471eb8f7d40",
      "tree": "c757ba649f16c358a98d8751a006273728b60030",
      "parents": [
        "03fb7f7d4edfb029ee462ed03717f1b91d1a2e19"
      ],
      "author": {
        "name": "Antonio Alphonse",
        "email": "alphonsea@google.com",
        "time": "Tue Dec 02 21:29:29 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Dec 02 21:31:53 2025"
      },
      "message": "net/cert: base/hash/sha1 -\u003e crypto/obsolete/sha1\n\nIn trust_store_nss.cc, SHA-1 is used to get the hash of a NSS\nCertificate in order to determine if the cert hash matches with the\nrequested trust object. In trust_store_win.cc, SHA-1 is used on a\ncertificate to determine what type of CertTrust is applied to it, which\nis done by searching for the certificate through three different stores.\nSince these cert stores seem to be stored externally, we should continue\nusing SHA-1, and migrate to using the crypto/obsolete API.\n\nSHA-1 is used to extract the SCTList from an OCSP response, deriving an\nissuer_key to check across using both SHA-256 and SHA-1. This is needed\nsince some issuers may still use SHA-1.\n\nRequired for backward compatibility with existing OCSP, NSS, and Win32\nAPIs. Migrate to the non-deprecated API. Mechanical change, no expected\nbehavior change.\n\nBug: 430344933\nChange-Id: Ic34e1e4c82e793a78a9eae1bd1a8000130bd4acb\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7170085\nCommit-Queue: Antonio Alphonse \u003calphonsea@google.com\u003e\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nReviewed-by: Giovanni Ortuno Urquidi \u003cortuno@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1553058}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: ded14d3cf112d3ae6296ae35ad548520edb761ec\n"
    },
    {
      "commit": "03fb7f7d4edfb029ee462ed03717f1b91d1a2e19",
      "tree": "c88ef752e40084dcd5b24e66a0ab22e11456986d",
      "parents": [
        "a0f3709c6ec880054aee7c22ab48cd8a68494163"
      ],
      "author": {
        "name": "Mark Cogan",
        "email": "marq@chromium.org",
        "time": "Mon Dec 01 18:47:00 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Dec 01 18:50:09 2025"
      },
      "message": "[iOS] Extend keychain access migration to all use cases.\n\nContext: crrev.com/c/6455066 migrated password storage in\ncrypto/apple/keychain_secitem.mm to kSecAttrAccessibleAfterFirstUnlock\naccessibility from kSecAttrAccessibleWhenUnlocked on iOS, for better\ncompatibility with background app launches.\n\nIt turns out that two other code paths were writing keychain items with\nkSecAttrAccessibleWhenUnlocked accessibility, so this CL adds similar\ncode to migrate them. Common code for this process is factored into\nhelper methods in keychain_util.h/.mm.\n\nChange-Id: I1b17f5a8bfe0826dfe3d2c27be0630a956990a30\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7177648\nReviewed-by: Vasilii Sukhanov \u003cvasilii@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nReviewed-by: Tommy Martino \u003ctmartino@chromium.org\u003e\nCommit-Queue: Mark Cogan \u003cmarq@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1552273}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 085fdc7cb5b5cdf8f51413315b1576be9460aee2\n"
    },
    {
      "commit": "a0f3709c6ec880054aee7c22ab48cd8a68494163",
      "tree": "4a2f3a5be0366561e2b0fcb5f510dd72a2622f8e",
      "parents": [
        "285ada7f3fd687abef364d9c4a30fe0398d940a3"
      ],
      "author": {
        "name": "Lei Zhang",
        "email": "thestig@chromium.org",
        "time": "Tue Nov 25 22:13:57 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Tue Nov 25 22:17:33 2025"
      },
      "message": "Remove superfluous base/feature_list.h includes from various headers\n\nRemove base/feature_list.h includes from headers that do not reference\nbase::FeatureList, BASE_DECLARE_FEATURE, etc. Then do IWYU to fix the\nbuild.\n\nBug: 40318405\nChange-Id: Ic3246984e47519b41ee33b54805dcabe42782b87\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7190133\nReviewed-by: Daniel Cheng \u003cdcheng@chromium.org\u003e\nCommit-Queue: Lei Zhang \u003cthestig@chromium.org\u003e\nOwners-Override: Daniel Cheng \u003cdcheng@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1550068}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: c550253dfa0571d25c979719865e0e3a93d7d0dc\n"
    },
    {
      "commit": "285ada7f3fd687abef364d9c4a30fe0398d940a3",
      "tree": "bed921aa657a8e9622265d52713d2eb56529ee0d",
      "parents": [
        "563cdad4f0333c70785872e87ff50fdee193bcc7"
      ],
      "author": {
        "name": "Antonio Alphonse",
        "email": "alphonsea@google.com",
        "time": "Mon Nov 24 16:12:53 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Mon Nov 24 16:15:27 2025"
      },
      "message": "policy: base/hash/sha1 -\u003e crypto/obsolete/sha1\n\nRequired for backward compatibility with the client_id derived from\n/etc/machine-id, which is used as a filename for storing the DM token.\n\nDM tokens are associated by hashed client IDs, and are stored on-disk.\nChanging the hashing algorithm for the client id may break already\nexisting enrollments or create twin enrollments (that is, enrollments\nwith different client information, but the same DM token). This could\nlead to issues with fetching policies and providing browser status\nreports. Because of this, this change migrates to the non-deprecated\nAPI.\n\nThis should be a mechanical change, with no expected behavior change.\n\nBug: 430344933\nChange-Id: If847524a2c8bf30f5e251d07b77fd79d429cf561\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7142339\nReviewed-by: Giovanni Ortuno Urquidi \u003cortuno@chromium.org\u003e\nCommit-Queue: Antonio Alphonse \u003calphonsea@google.com\u003e\nReviewed-by: Christoph Schwering \u003cschwering@google.com\u003e\nReviewed-by: Igor \u003cigorcov@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1549215}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: d3e0c56cb033478007ac552d71ea0764c1b6e495\n"
    },
    {
      "commit": "563cdad4f0333c70785872e87ff50fdee193bcc7",
      "tree": "f2565a0e774f86016814aac8193902414819e4f7",
      "parents": [
        "372729c30078c39b9daa7836e394f2548cdded20"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Thu Nov 20 20:59:46 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Nov 20 21:01:58 2025"
      },
      "message": "crypto/keypair: rename ToUncompressedForm to ToUncompressedX962Point\n\nThe new name is more precise. No functional change.\n\nFixed: 432219819\nChange-Id: Ie39b5f018eac77523b7da2f7408bd12e3e8a86b8\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7174004\nCommit-Queue: Elly FJ \u003cellyjones@chromium.org\u003e\nReviewed-by: Peter Beverloo \u003cpeter@chromium.org\u003e\nReviewed-by: Martin Kreichgauer \u003cmartinkr@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@chromium.org\u003e\nReviewed-by: Michael Ershov \u003cmiersh@google.com\u003e\nCr-Commit-Position: refs/heads/main@{#1548023}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: ad798170f561f7a05a64d60dd1889766b6b71f0d\n"
    },
    {
      "commit": "372729c30078c39b9daa7836e394f2548cdded20",
      "tree": "b92563b4c66b5f6cdffee16a85758827d8f16523",
      "parents": [
        "e1ced3aa90fa44ea0ada8776023bfa4a20b1733b"
      ],
      "author": {
        "name": "Elly",
        "email": "ellyjones@chromium.org",
        "time": "Thu Nov 20 16:23:51 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Nov 20 16:26:34 2025"
      },
      "message": "crypto/sign: support more RSA signature schemes\n\nSpecifically:\n* PKCS1v1.5-SHA384\n* PKCS1v1.5-SHA512\n* PSS-SHA384\n* PSS-SHA512\n\nEach of these have at least a couple of users in Chromium, and\nsupporting them costs very little extra complexity.\n\nFixed: 434006732\nChange-Id: I2804b63d2ccf54d28d5fb12e67ff014308c74614\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7173689\nReviewed-by: Matt Mueller \u003cmattm@chromium.org\u003e\nCommit-Queue: Elly FJ \u003cellyjones@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1547853}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 08ff8521a9c62391406e7b29dd6ae7bc7fdd1255\n"
    },
    {
      "commit": "e1ced3aa90fa44ea0ada8776023bfa4a20b1733b",
      "tree": "04b393a662f5fe851cba9731a2fa5403e4eb76d7",
      "parents": [
        "63c3fcd00e53a3b6ef3f5ec7ab5cd0910e6f6657"
      ],
      "author": {
        "name": "Jan Wilken Dörrie",
        "email": "jdoerrie@chromium.org",
        "time": "Thu Nov 20 14:24:35 2025"
      },
      "committer": {
        "name": "Copybara-Service",
        "email": "copybara-worker@google.com",
        "time": "Thu Nov 20 14:27:13 2025"
      },
      "message": "[dbsc] Add DeleteAllSigningKeysSlowly to StatefulUnexportableKeyProvider.\n\nThis change introduces a new method, `DeleteAllSigningKeysSlowly`, to\nthe `StatefulUnexportableKeyProvider` interface. This method allows for\nthe deletion of all signing keys matching the provider\u0027s configuration.\nThe macOS implementation is currently a stub, and the mock and fake\nimplementations are updated to include this new method.\n\nBug: 455539044\nChange-Id: I0c7d657e2f91825c83712ae5c58512948e31e05c\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7159235\nCommit-Queue: Jan Wilken Dörrie \u003cjdoerrie@chromium.org\u003e\nReviewed-by: Elly FJ \u003cellyjones@chromium.org\u003e\nReviewed-by: Alex Ilin \u003calexilin@chromium.org\u003e\nCr-Commit-Position: refs/heads/main@{#1547783}\nNOKEYCHECK\u003dTrue\nGitOrigin-RevId: 39ac517416a6790f9f28802ec863ce91ea041fdb\n"
    }
  ],
  "next": "63c3fcd00e53a3b6ef3f5ec7ab5cd0910e6f6657"
}
