// Copyright (c) 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// Provides wire protocol for signed password changes from
// the cloud for Chrome OS accounts subject to remote management.
//
// The data in this file will be shared in Chrome, Chrome OS (cryptohome),
// and on servers. Ensure all parties are aware when making changes.

syntax = "proto2";

option optimize_for = LITE_RUNTIME;

package ac.chrome.managedaccounts.account;

// The secret currently assumes a password-equivalent key and a
// revision, to avoid rollbacks.  This secret should be serialized
// and signed by a pre-negotiated key to authorize updates from the
// server to the host OS.
message Secret {
  optional int64 revision = 1;
  optional bytes secret = 2;
  // In the future, a type field will be added to allow encrypted secrets
  // and different secret types.
}

// This is an example format if this were sent on the wire.
// It is assumed that neither Secret or SignedSecret will ever be sent
// on the wire, but only reconstructed from source data.
message SignedSecret {
  optional bytes serialized_secret = 1;
  optional bytes signature = 2;
}