1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4// 5// Sync protocol datatype extension for nigori keys. 6 7// Update proto_value_conversions{.h,.cc,_unittest.cc} if you change 8// any fields in this file. 9 10syntax = "proto2"; 11 12option optimize_for = LITE_RUNTIME; 13option retain_unknown_fields = true; 14 15package sync_pb; 16 17import "encryption.proto"; 18 19message NigoriKey { 20 optional string name = 1; 21 optional bytes user_key = 2; 22 optional bytes encryption_key = 3; 23 optional bytes mac_key = 4; 24} 25 26message NigoriKeyBag { 27 repeated NigoriKey key = 2; 28} 29 30// Properties of nigori sync object. 31message NigoriSpecifics { 32 optional EncryptedData encryption_keybag = 1; 33 // Once keystore migration is performed, we have to freeze the keybag so that 34 // older clients (that don't support keystore encryption) do not attempt to 35 // update the keybag. 36 // Previously |using_explicit_passphrase|. 37 optional bool keybag_is_frozen = 2; 38 39 // Obsolete encryption fields. These were deprecated due to legacy versions 40 // that understand their usage but did not perform encryption properly. 41 // optional bool deprecated_encrypt_bookmarks = 3; 42 // optional bool deprecated_encrypt_preferences = 4; 43 // optional bool deprecated_encrypt_autofill_profile = 5; 44 // optional bool deprecated_encrypt_autofill = 6; 45 // optional bool deprecated_encrypt_themes = 7; 46 // optional bool deprecated_encrypt_typed_urls = 8; 47 // optional bool deprecated_encrypt_extensions = 9; 48 // optional bool deprecated_encrypt_sessions = 10; 49 // optional bool deprecated_encrypt_apps = 11; 50 // optional bool deprecated_encrypt_search_engines = 12; 51 52 // Booleans corresponding to whether a datatype should be encrypted. 53 // Passwords are always encrypted, so we don't need a field here. 54 // History delete directives need to be consumable by the server, and 55 // thus can't be encrypted. 56 // Synced Notifications need to be consumed by the server (the read flag) 57 // and thus can't be encrypted. 58 // Synced Notification App Info is set by the server, and thus cannot be 59 // encrypted. 60 optional bool encrypt_bookmarks = 13; 61 optional bool encrypt_preferences = 14; 62 optional bool encrypt_autofill_profile = 15; 63 optional bool encrypt_autofill = 16; 64 optional bool encrypt_themes = 17; 65 optional bool encrypt_typed_urls = 18; 66 optional bool encrypt_extensions = 19; 67 optional bool encrypt_sessions = 20; 68 optional bool encrypt_apps = 21; 69 optional bool encrypt_search_engines = 22; 70 71 // Deprecated on clients where tab sync is enabled by default. 72 // optional bool sync_tabs = 23; 73 74 // If true, all current and future datatypes will be encrypted. 75 optional bool encrypt_everything = 24; 76 77 optional bool encrypt_extension_settings = 25; 78 optional bool encrypt_app_notifications = 26; 79 optional bool encrypt_app_settings = 27; 80 81 // User device information. Contains information about each device that has a 82 // sync-enabled Chrome browser connected to the user account. 83 // This has been moved to the DeviceInfo message. 84 // repeated DeviceInformation deprecated_device_information = 28; 85 86 // Enable syncing favicons as part of tab sync. 87 optional bool sync_tab_favicons = 29; 88 89 // The state of the passphrase required to decrypt |encryption_keybag|. 90 enum PassphraseType { 91 // Gaia-based encryption passphrase. Deprecated. 92 IMPLICIT_PASSPHRASE = 1; 93 // Keystore key encryption passphrase. Uses |keystore_bootstrap| to 94 // decrypt |encryption_keybag|. 95 KEYSTORE_PASSPHRASE = 2; 96 // Previous Gaia-based passphrase frozen and treated as a custom passphrase. 97 FROZEN_IMPLICIT_PASSPHRASE = 3; 98 // User provided custom passphrase. 99 CUSTOM_PASSPHRASE = 4; 100 } 101 optional PassphraseType passphrase_type = 30 102 [default = IMPLICIT_PASSPHRASE]; 103 104 // The keystore decryptor token blob. Encrypted with the keystore key, and 105 // contains the encryption key used to decrypt |encryption_keybag|. 106 // Only set if passphrase_state == KEYSTORE_PASSPHRASE. 107 optional EncryptedData keystore_decryptor_token = 31; 108 109 // The time (in epoch milliseconds) at which the keystore migration was 110 // performed. 111 optional int64 keystore_migration_time = 32; 112 113 // The time (in epoch milliseconds) at which a custom passphrase was set. 114 // Note: this field may not be set if the custom passphrase was applied before 115 // this field was introduced. 116 optional int64 custom_passphrase_time = 33; 117 118 // Boolean corresponding to whether custom spelling dictionary should be 119 // encrypted. 120 optional bool encrypt_dictionary = 34; 121 122 // Boolean corresponding to Whether to encrypt favicons data or not. 123 optional bool encrypt_favicon_images = 35; 124 optional bool encrypt_favicon_tracking = 36; 125 126 // Boolean corresponding to whether articles should be encrypted. 127 optional bool encrypt_articles = 37; 128 129 // Boolean corresponding to whether app list items should be encrypted. 130 optional bool encrypt_app_list = 38; 131} 132 133