[Security Events] Add chrome sync specifics proto for security events.
This is the first part (cl) for adding a new record only sync data type for recording security events.
This CL adds the Chrome Sync Specifics proto. In the next CL the Sync Data type will be wired.
Bug: 919489
Change-Id: I542f5cae27568927e614f793edfaf374058ea70a
Reviewed-on: https://chromium-review.googlesource.com/c/1455998
Commit-Queue: Markus Heintz <[email protected]>
Reviewed-by: Varun Khaneja <[email protected]>
Reviewed-by: Marc Treib <[email protected]>
Cr-Commit-Position: refs/heads/master@{#629929}diff --git a/components/sync/protocol/gaia_password_reuse.proto b/components/sync/protocol/gaia_password_reuse.proto
new file mode 100644
index 0000000..78919e9e
--- /dev/null
+++ b/components/sync/protocol/gaia_password_reuse.proto
@@ -0,0 +1,116 @@
+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+//
+// Security Events used for recording security related events.
+
+// If you change or add any fields in this file, update proto_visitors.h and
+// potentially proto_enum_conversions.{h, cc}.
+
+syntax = "proto2";
+
+option optimize_for = LITE_RUNTIME;
+
+package sync_pb;
+
+// User reused their GAIA password on another website.
+message GaiaPasswordReuse {
+ // Logged when we detect a password re-use event on a non-GAIA site.
+ // If the user hasn’t enabled SafeBrowsing, this will be the last event.
+ message PasswordReuseDetected {
+ message SafeBrowsingStatus {
+ // Is SafeBrowsing enabled?
+ optional bool enabled = 1;
+ // If SafeBrowsing is enabled, is the user opted-in to extended
+ // reporting or Scout?
+ enum ReportingPopulation {
+ REPORTING_POPULATION_UNSPECIFIED = 0;
+ NONE = 1;
+ EXTENDED_REPORTING = 2;
+ SCOUT = 3;
+ }
+ optional ReportingPopulation safe_browsing_reporting_population = 2;
+ }
+ optional SafeBrowsingStatus status = 1;
+ }
+ optional PasswordReuseDetected reuse_detected = 1;
+
+ message PasswordReuseLookup {
+ enum LookupResult {
+ UNSPECIFIED = 0;
+ // URL did match the password reuse whitelist.
+ // No further action required related to this re-use event.
+ WHITELIST_HIT = 1;
+ // The URL exists in the client’s cache.
+ // No further action required related to this re-use event.
+ // This event also logs the ReputationVerdict.
+ CACHE_HIT = 2;
+ // A valid response received from the SafeBrowsing service.
+ // This event also logs the ReputationVerdict.
+ REQUEST_SUCCESS = 3;
+ // Unable to get a valid response from the SafeBrowsing service.
+ REQUEST_FAILURE = 4;
+ // We won't be able to compute reputation for the URL e.g. local IP
+ // address, localhost, not-yet-assigned by ICANN gTLD, etc.
+ URL_UNSUPPORTED = 5;
+ // URL did match enterprise whitelist.
+ // No further action required related to this re-use event.
+ ENTERPRISE_WHITELIST_HIT = 6;
+ // Password reuse lookup is turned off by enterprise policy.
+ // No further action required related to this re-use event.
+ TURNED_OFF_BY_POLICY = 7;
+ }
+ optional LookupResult lookup_result = 1;
+
+ // The following two are only present for CACHE_HIT and REQUEST_SUCCESS.
+ // The verdict received from the Reputation service. This is set only
+ // if the user has SafeBrowsing enabled and we fetch the verdict from the
+ // cache or by sending a verdict request.
+ enum ReputationVerdict {
+ VERDICT_UNSPECIFIED = 0;
+ SAFE = 1;
+ LOW_REPUTATION = 2;
+ PHISHING = 3;
+ }
+ optional ReputationVerdict verdict = 2;
+ // PhishGuard token that identifies the verdict on the server.
+ optional bytes verdict_token = 3;
+ }
+ // Logged when we try to detect whether the password was reused on a
+ // Phishing or a Low-reputation site.
+ optional PasswordReuseLookup reuse_lookup = 2;
+
+ // Logged when the user interacts with the warning UI shown to encourage
+ // password change if the site is Phishing or Low-reputation.
+ message PasswordReuseDialogInteraction {
+ enum InteractionResult {
+ UNSPECIFIED = 0;
+ // The user took the action suggested by the warning prompt.
+ WARNING_ACTION_TAKEN = 1;
+ // The user clicked ignore in the warning prompt.
+ WARNING_ACTION_IGNORED = 2;
+ // The warning UI was ignored, i.e. not interacted with by the user.
+ // This could happen if the user navigates away from the page.
+ WARNING_UI_IGNORED = 3;
+ // The user clicked "Change Password" on chrome://settings page.
+ WARNING_ACTION_TAKEN_ON_SETTINGS = 4;
+ }
+ optional InteractionResult interaction_result = 1;
+ }
+ optional PasswordReuseDialogInteraction dialog_interaction = 3;
+
+ // TODO(markusheintz): Remove
+ // DEPRECATED: DO NOT USE!
+ // Logged when the user logs into Google, and at least once per 28d.
+ message PasswordCaptured {
+ enum EventTrigger {
+ UNSPECIFIED = 0;
+ // Event added because user logged in.
+ USER_LOGGED_IN = 1;
+ // Event added because 28d timer fired.
+ EXPIRED_28D_TIMER = 2;
+ }
+ optional EventTrigger event_trigger = 1;
+ }
+ optional PasswordCaptured password_captured = 4;
+}
