blob: 16fedabfa5e2d713d975690e36fe995e07a1e9a5 [file] [log] [blame]
// Copyright (c) 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// Provides wire protocol for signed password changes from
// the cloud for Chrome OS accounts subject to remote management.
//
// The data in this file will be shared in Chrome, Chrome OS (cryptohome),
// and on servers. Ensure all parties are aware when making changes.
syntax = "proto2";
option optimize_for = LITE_RUNTIME;
package ac.chrome.managedaccounts.account;
// The secret currently assumes a password-equivalent key and a
// revision, to avoid rollbacks. This secret should be serialized
// and signed by a pre-negotiated key to authorize updates from the
// server to the host OS.
message Secret {
optional int64 revision = 1;
optional bytes secret = 2;
// In the future, a type field will be added to allow encrypted secrets
// and different secret types.
}
// This is an example format if this were sent on the wire.
// It is assumed that neither Secret or SignedSecret will ever be sent
// on the wire, but only reconstructed from source data.
message SignedSecret {
optional bytes serialized_secret = 1;
optional bytes signature = 2;
}