OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // Common sync protocol for encrypted data. | 5 // Common sync protocol for encrypted data. |
6 | 6 |
7 // Update proto_value_conversions{.h,.cc,_unittest.cc} if you change | 7 // Update proto_value_conversions{.h,.cc,_unittest.cc} if you change |
8 // any fields in this file. | 8 // any fields in this file. |
9 | 9 |
10 syntax = "proto2"; | 10 syntax = "proto2"; |
11 | 11 |
| 12 option optimize_for = LITE_RUNTIME; |
| 13 option retain_unknown_fields = true; |
| 14 |
12 package sync_pb; | 15 package sync_pb; |
13 | 16 |
14 // Encrypted sync data consists of two parts: a key name and a blob. Key name is | 17 // Encrypted sync data consists of two parts: a key name and a blob. Key name is |
15 // the name of the key that was used to encrypt blob and blob is encrypted data | 18 // the name of the key that was used to encrypt blob and blob is encrypted data |
16 // itself. | 19 // itself. |
17 // | 20 // |
18 // The reason we need to keep track of the key name is that a sync user can | 21 // The reason we need to keep track of the key name is that a sync user can |
19 // change their passphrase (and thus their encryption key) at any time. When | 22 // change their passphrase (and thus their encryption key) at any time. When |
20 // that happens, we make a best effort to reencrypt all nodes with the new | 23 // that happens, we make a best effort to reencrypt all nodes with the new |
21 // passphrase, but since we don't have transactions on the server-side, we | 24 // passphrase, but since we don't have transactions on the server-side, we |
22 // cannot guarantee that every node will be reencrypted. As a workaround, we | 25 // cannot guarantee that every node will be reencrypted. As a workaround, we |
23 // keep track of all keys, assign each key a name (by using that key to encrypt | 26 // keep track of all keys, assign each key a name (by using that key to encrypt |
24 // a well known string) and keep track of which key was used to encrypt each | 27 // a well known string) and keep track of which key was used to encrypt each |
25 // node. | 28 // node. |
26 message EncryptedData { | 29 message EncryptedData { |
27 optional string key_name = 1; | 30 optional string key_name = 1; |
28 optional string blob = 2; | 31 optional string blob = 2; |
29 }; | 32 }; |
OLD | NEW |