// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

// Proto definitions supporting the Chrome Root Store.
// This file should be manually kept in sync with the corresponding google3
// file.

syntax = "proto3";

package chrome_root_store;

// These structures are currently very simple, but more fields may be added in
// future to support extra metadata about each trust anchor.

message TrustAnchor {
  // The human-editable textproto version of the root store references roots in
  // a separate file by SHA-256 hash for convenience. It is converted to the DER
  // representation as part of the build process.
  oneof certificate {
    bytes der = 1;
    string sha256_hex = 2;
  }

  // OID should be expressed as dotted-decimal text (e.g. "1.3.159.1.17.1")
  repeated string ev_policy_oids = 3;
}

// Message storing a complete Chrome Root Store.
message RootStore {
  repeated TrustAnchor trust_anchors = 1;

  // Major version # of the Chrome Root Store. It is assumed that if
  // root_store_1.version_major > root_store_2.version_major, then root_store_1
  // is newer and should be preferred over root_store_2.
  int64 version_major = 2;
}