1// Copyright (c) 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4// 5// Provides wire protocol for signed password changes from 6// the cloud for Chrome OS accounts subject to remote management. 7// 8// The data in this file will be shared in Chrome, Chrome OS (cryptohome), 9// and on servers. Ensure all parties are aware when making changes. 10 11syntax = "proto2"; 12 13option optimize_for = LITE_RUNTIME; 14 15package ac.chrome.managedaccounts.account; 16 17// The secret currently assumes a password-equivalent key and a 18// revision, to avoid rollbacks. This secret should be serialized 19// and signed by a pre-negotiated key to authorize updates from the 20// server to the host OS. 21message Secret { 22 optional int64 revision = 1; 23 optional bytes secret = 2; 24 // In the future, a type field will be added to allow encrypted secrets 25 // and different secret types. 26} 27 28// This is an example format if this were sent on the wire. 29// It is assumed that neither Secret or SignedSecret will ever be sent 30// on the wire, but only reconstructed from source data. 31message SignedSecret { 32 optional bytes serialized_secret = 1; 33 optional bytes signature = 2; 34} 35