OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // Common sync protocol for encrypted data. | 5 // Common sync protocol for encrypted data. |
6 | 6 |
7 // Update proto_value_conversions{.h,.cc,_unittest.cc} if you change | 7 // Update proto_value_conversions{.h,.cc,_unittest.cc} if you change |
8 // any fields in this file. | 8 // any fields in this file. |
9 | 9 |
10 syntax = "proto2"; | 10 syntax = "proto2"; |
11 | 11 |
12 option optimize_for = LITE_RUNTIME; | |
13 option retain_unknown_fields = true; | |
14 | |
15 package sync_pb; | 12 package sync_pb; |
16 | 13 |
17 // Encrypted sync data consists of two parts: a key name and a blob. Key name is | 14 // Encrypted sync data consists of two parts: a key name and a blob. Key name is |
18 // the name of the key that was used to encrypt blob and blob is encrypted data | 15 // the name of the key that was used to encrypt blob and blob is encrypted data |
19 // itself. | 16 // itself. |
20 // | 17 // |
21 // The reason we need to keep track of the key name is that a sync user can | 18 // The reason we need to keep track of the key name is that a sync user can |
22 // change their passphrase (and thus their encryption key) at any time. When | 19 // change their passphrase (and thus their encryption key) at any time. When |
23 // that happens, we make a best effort to reencrypt all nodes with the new | 20 // that happens, we make a best effort to reencrypt all nodes with the new |
24 // passphrase, but since we don't have transactions on the server-side, we | 21 // passphrase, but since we don't have transactions on the server-side, we |
25 // cannot guarantee that every node will be reencrypted. As a workaround, we | 22 // cannot guarantee that every node will be reencrypted. As a workaround, we |
26 // keep track of all keys, assign each key a name (by using that key to encrypt | 23 // keep track of all keys, assign each key a name (by using that key to encrypt |
27 // a well known string) and keep track of which key was used to encrypt each | 24 // a well known string) and keep track of which key was used to encrypt each |
28 // node. | 25 // node. |
29 message EncryptedData { | 26 message EncryptedData { |
30 optional string key_name = 1; | 27 optional string key_name = 1; |
31 optional string blob = 2; | 28 optional string blob = 2; |
32 }; | 29 }; |
OLD | NEW |