diff options
| author | Will Drewry <wad@chromium.org> | 2014-03-19 10:59:26 -0500 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-03-21 21:35:02 +0000 |
| commit | 462926986f0c0195a5ca821edb337fea9f6e139e (patch) | |
| tree | a2c4f9084951c415801dec6d37d5d57bcb1378c2 /dbus/cryptohome | |
| parent | 5172585803b6ecb53d1aefca7ecdea68ca876640 (diff) | |
| download | system_api-462926986f0c0195a5ca821edb337fea9f6e139e.tar.gz | |
signed_secret.proto: define a pb used for easy marshalling
A Secret is used to contain the subset of KeyData that will
be authorized by a signing server. This protocol buffer will
not be persisted, but it is meant to be rebuilt by each user
from separately supplied data.
TEST=compiles, works in cl:191010 unittests
BUG=chromium:316189
Change-Id: I83830968781d9787a4e9b8fae9e2e444006b0e89
Reviewed-on: https://chromium-review.googlesource.com/190534
Reviewed-by: Will Drewry <wad@chromium.org>
Tested-by: Will Drewry <wad@chromium.org>
Commit-Queue: Will Drewry <wad@chromium.org>
Diffstat (limited to 'dbus/cryptohome')
| -rw-r--r-- | dbus/cryptohome/signed_secret.proto | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/dbus/cryptohome/signed_secret.proto b/dbus/cryptohome/signed_secret.proto new file mode 100644 index 0000000..6d85c4f --- /dev/null +++ b/dbus/cryptohome/signed_secret.proto @@ -0,0 +1,32 @@ +// Copyright (c) 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. +// +// Provides wire protocol for signed password changes from +// the cloud for Chrome OS accounts subject to remote management. +// +// The data in this file will be shared in Chrome, Chrome OS (cryptohome), +// and on servers. Ensure all parties are aware when making changes. + +option optimize_for = LITE_RUNTIME; + +package ac.chrome.managedaccounts.account; + +// The secret currently assumes a password-equivalent key and a +// revision, to avoid rollbacks. This secret should be serialized +// and signed by a pre-negotiated key to authorize updates from the +// server to the host OS. +message Secret { + optional int64 revision = 1; + optional bytes secret = 2; + // In the future, a type field will be added to allow encrypted secrets + // and different secret types. +} + +// This is an example format if this were sent on the wire. +// It is assumed that neither Secret or SignedSecret will ever be sent +// on the wire, but only reconstructed from source data. +message SignedSecret { + optional bytes serialized_secret = 1; + optional bytes signature = 2; +} |