// Copyright 2020 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Trusted vault protos to communicate with backend written in proto3 to avoid
// subtle differences between enum fields.
syntax = "proto3";
option java_multiple_files = true;
option java_package = "org.chromium.components.trusted_vault.proto";
option optimize_for = LITE_RUNTIME;
package trusted_vault_pb;
message SharedMemberKey {
int32 epoch = 1;
bytes wrapped_key = 2;
bytes member_proof = 3;
}
message RotationProof {
int32 new_epoch = 1;
bytes rotation_proof = 2;
}
message SecurityDomainDetails {
message SyncDetails {
bool degraded_recoverability = 1;
}
SyncDetails sync_details = 1;
}
message SecurityDomain {
string name = 1;
int32 current_epoch = 2;
SecurityDomainDetails security_domain_details = 3;
}
message Timestamp {
// Represents seconds of UTC time since Unix epoch
// 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
// 9999-12-31T23:59:59Z inclusive.
int64 seconds = 1;
// Non-negative fractions of a second at nanosecond resolution. Negative
// second values with fractions must still have non-negative nanos values
// that count forward in time. Must be from 0 to 999,999,999
// inclusive.
int32 nanos = 2;
}
message PhysicalDeviceMetadata {
enum DeviceType {
DEVICE_TYPE_UNKNOWN = 0;
DEVICE_TYPE_ANDROID = 1;
DEVICE_TYPE_IOS = 2;
DEVICE_TYPE_CHROMEOS = 3;
DEVICE_TYPE_WINDOWS = 4;
DEVICE_TYPE_MAC_OS = 5;
DEVICE_TYPE_LINUX = 6;
}
// The device type for physical device members.
DeviceType device_type = 1;
}
message LskfMetadata {
Timestamp expiration_time = 1;
}
message GooglePasswordManagerPinMetadata {
Timestamp expiration_time = 1;
bytes encrypted_pin_hash = 2;
}
message SecurityDomainMember {
string name = 1;
bytes public_key = 2;
message SecurityDomainMembership {
string security_domain = 1;
repeated SharedMemberKey keys = 3;
repeated RotationProof rotation_proofs = 4;
}
repeated SecurityDomainMembership memberships = 3;
enum MemberType {
MEMBER_TYPE_UNSPECIFIED = 0;
MEMBER_TYPE_PHYSICAL_DEVICE = 1;
MEMBER_TYPE_LOCKSCREEN_KNOWLEDGE_FACTOR = 2;
MEMBER_TYPE_ICLOUD_KEYCHAIN = 4;
MEMBER_TYPE_GOOGLE_PASSWORD_MANAGER_PIN = 5;
}
MemberType member_type = 4;
message MemberMetadata {
bool usable_for_retrieval = 1;
oneof member_metadata_variant {
PhysicalDeviceMetadata physical_device_metadata = 3;
LskfMetadata lskf_metadata = 4;
GooglePasswordManagerPinMetadata google_password_manager_pin_metadata = 5;
}
}
MemberMetadata member_metadata = 6;
}
message JoinSecurityDomainsRequest {
SecurityDomain security_domain = 1;
SecurityDomainMember security_domain_member = 2;
repeated SharedMemberKey shared_member_key = 3;
int32 member_type_hint = 4;
bytes current_public_key_to_replace = 5;
}
message JoinSecurityDomainsResponse {
SecurityDomain security_domain = 1;
}
message JoinSecurityDomainsErrorDetail {
JoinSecurityDomainsResponse already_exists_response = 1;
}
message ListSecurityDomainMembersResponse {
repeated SecurityDomainMember security_domain_members = 1;
string next_page_token = 2;
}
// There is no way to google.protobuf.Any directly in this codebase, so this
// proto just replicates it.
message Proto3Any {
string type_url = 1;
bytes value = 2;
}
// Forked version of google.rpc.Status.
message RPCStatus {
repeated Proto3Any details = 3;
}
Codebase Browser
chromium