// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// Common sync protocol for encrypted data.

// Update proto_value_conversions{.h,.cc,_unittest.cc} if you change
// any fields in this file.

syntax = "proto2";

option optimize_for = LITE_RUNTIME;
option retain_unknown_fields = true;

package sync_pb;

// Encrypted sync data consists of two parts: a key name and a blob. Key name is
// the name of the key that was used to encrypt blob and blob is encrypted data
// itself.
//
// The reason we need to keep track of the key name is that a sync user can
// change their passphrase (and thus their encryption key) at any time. When
// that happens, we make a best effort to reencrypt all nodes with the new
// passphrase, but since we don't have transactions on the server-side, we
// cannot guarantee that every node will be reencrypted. As a workaround, we
// keep track of all keys, assign each key a name (by using that key to encrypt
// a well known string) and keep track of which key was used to encrypt each
// node.
message EncryptedData {
  optional string key_name = 1;
  optional string blob = 2;
};