| // Copyright 2020 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| // Trusted vault protos to communicate with backend written in proto3 to avoid |
| // subtle differences between enum fields. |
| syntax = "proto3"; |
| |
| option java_multiple_files = true; |
| option java_package = "org.chromium.components.trusted_vault.proto"; |
| |
| option optimize_for = LITE_RUNTIME; |
| |
| package trusted_vault_pb; |
| |
| message SharedMemberKey { |
| int32 epoch = 1; |
| bytes wrapped_key = 2; |
| bytes member_proof = 3; |
| } |
| |
| message RotationProof { |
| int32 new_epoch = 1; |
| bytes rotation_proof = 2; |
| } |
| |
| message SecurityDomainDetails { |
| message SyncDetails { |
| bool degraded_recoverability = 1; |
| } |
| |
| SyncDetails sync_details = 1; |
| } |
| |
| message SecurityDomain { |
| string name = 1; |
| int32 current_epoch = 2; |
| SecurityDomainDetails security_domain_details = 3; |
| } |
| |
| message Timestamp { |
| // Represents seconds of UTC time since Unix epoch |
| // 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to |
| // 9999-12-31T23:59:59Z inclusive. |
| int64 seconds = 1; |
| // Non-negative fractions of a second at nanosecond resolution. Negative |
| // second values with fractions must still have non-negative nanos values |
| // that count forward in time. Must be from 0 to 999,999,999 |
| // inclusive. |
| int32 nanos = 2; |
| } |
| |
| message PhysicalDeviceMetadata { |
| enum DeviceType { |
| DEVICE_TYPE_UNKNOWN = 0; |
| DEVICE_TYPE_ANDROID = 1; |
| DEVICE_TYPE_IOS = 2; |
| DEVICE_TYPE_CHROMEOS = 3; |
| DEVICE_TYPE_WINDOWS = 4; |
| DEVICE_TYPE_MAC_OS = 5; |
| DEVICE_TYPE_LINUX = 6; |
| } |
| |
| // The device type for physical device members. |
| DeviceType device_type = 1; |
| } |
| |
| message LskfMetadata { |
| Timestamp expiration_time = 1; |
| } |
| |
| message GooglePasswordManagerPinMetadata { |
| Timestamp expiration_time = 1; |
| bytes encrypted_pin_hash = 2; |
| } |
| |
| message SecurityDomainMember { |
| string name = 1; |
| bytes public_key = 2; |
| |
| message SecurityDomainMembership { |
| string security_domain = 1; |
| repeated SharedMemberKey keys = 3; |
| repeated RotationProof rotation_proofs = 4; |
| } |
| |
| repeated SecurityDomainMembership memberships = 3; |
| |
| enum MemberType { |
| MEMBER_TYPE_UNSPECIFIED = 0; |
| MEMBER_TYPE_PHYSICAL_DEVICE = 1; |
| MEMBER_TYPE_LOCKSCREEN_KNOWLEDGE_FACTOR = 2; |
| MEMBER_TYPE_ICLOUD_KEYCHAIN = 4; |
| MEMBER_TYPE_GOOGLE_PASSWORD_MANAGER_PIN = 5; |
| } |
| |
| MemberType member_type = 4; |
| |
| message MemberMetadata { |
| bool usable_for_retrieval = 1; |
| oneof member_metadata_variant { |
| PhysicalDeviceMetadata physical_device_metadata = 3; |
| LskfMetadata lskf_metadata = 4; |
| GooglePasswordManagerPinMetadata google_password_manager_pin_metadata = 5; |
| } |
| } |
| MemberMetadata member_metadata = 6; |
| } |
| |
| message JoinSecurityDomainsRequest { |
| SecurityDomain security_domain = 1; |
| SecurityDomainMember security_domain_member = 2; |
| repeated SharedMemberKey shared_member_key = 3; |
| int32 member_type_hint = 4; |
| bytes current_public_key_to_replace = 5; |
| } |
| |
| message JoinSecurityDomainsResponse { |
| SecurityDomain security_domain = 1; |
| } |
| |
| message JoinSecurityDomainsErrorDetail { |
| JoinSecurityDomainsResponse already_exists_response = 1; |
| } |
| |
| message ListSecurityDomainMembersResponse { |
| repeated SecurityDomainMember security_domain_members = 1; |
| string next_page_token = 2; |
| } |
| |
| // There is no way to google.protobuf.Any directly in this codebase, so this |
| // proto just replicates it. |
| message Proto3Any { |
| string type_url = 1; |
| bytes value = 2; |
| } |
| |
| // Forked version of google.rpc.Status. |
| message RPCStatus { |
| repeated Proto3Any details = 3; |
| } |
