| // Copyright 2014 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| syntax = "proto2"; |
| |
| option optimize_for = LITE_RUNTIME; |
| |
| package enterprise_management; |
| |
| // Contains a signing key and its signature. |
| message PolicySigningKey { |
| // The key used to verify policy blobs sent down from the server. |
| optional bytes signing_key = 1; |
| |
| // The signature for this signing key (verified using a hard-coded key |
| // stored in the Chrome binary). This is essentially a certificate (key |
| // signed with another well-known key that establishes a trust root). |
| optional bytes signing_key_signature = 2; |
| |
| // This is the hard-coded verification key used to generate/verify the |
| // signing_key_signature. We track this in the cache data so we know which |
| // verification key to use when validating the cached policy (important when |
| // doing key rotation). |
| optional bytes verification_key = 3; |
| } |