1// Copyright 2019 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4//
5// Security Events used for recording security related events.
6
7// If you change or add any fields in this file, update proto_visitors.h and
8// potentially proto_enum_conversions.{h, cc}.
9
10syntax = "proto2";
11
12option java_multiple_files = true;
13option java_package = "org.chromium.components.sync.protocol";
14
15option optimize_for = LITE_RUNTIME;
16
17package sync_pb;
18
19// User reused their GAIA password on another website.
20message GaiaPasswordReuse {
21  // Logged when we detect a password re-use event on a non-GAIA site.
22  // If the user hasn’t enabled SafeBrowsing, this will be the last event.
23  message PasswordReuseDetected {
24    message SafeBrowsingStatus {
25      // Is SafeBrowsing enabled?
26      optional bool enabled = 1;
27      // If SafeBrowsing is enabled, is the user opted-in to extended
28      // reporting or Scout?
29      enum ReportingPopulation {
30        REPORTING_POPULATION_UNSPECIFIED = 0;
31        NONE = 1;
32        EXTENDED_REPORTING = 2;
33        SCOUT = 3;
34      }
35      optional ReportingPopulation safe_browsing_reporting_population = 2;
36    }
37    optional SafeBrowsingStatus status = 1;
38  }
39  optional PasswordReuseDetected reuse_detected = 1;
40
41  message PasswordReuseLookup {
42    enum LookupResult {
43      UNSPECIFIED = 0;
44      // URL did match the password reuse whitelist.
45      // No further action required related to this re-use event.
46      WHITELIST_HIT = 1;
47      // The URL exists in the client’s cache.
48      // No further action required related to this re-use event.
49      // This event also logs the ReputationVerdict.
50      CACHE_HIT = 2;
51      // A valid response received from the SafeBrowsing service.
52      // This event also logs the ReputationVerdict.
53      REQUEST_SUCCESS = 3;
54      // Unable to get a valid response from the SafeBrowsing service.
55      REQUEST_FAILURE = 4;
56      // We won't be able to compute reputation for the URL e.g. local IP
57      // address, localhost, not-yet-assigned by ICANN gTLD, etc.
58      URL_UNSUPPORTED = 5;
59      // URL did match enterprise whitelist.
60      // No further action required related to this re-use event.
61      ENTERPRISE_WHITELIST_HIT = 6;
62      // Password reuse lookup is turned off by enterprise policy.
63      // No further action required related to this re-use event.
64      TURNED_OFF_BY_POLICY = 7;
65    }
66    optional LookupResult lookup_result = 1;
67
68    // The following two are only present for CACHE_HIT and REQUEST_SUCCESS.
69    // The verdict received from the Reputation service. This is set only
70    // if the user has SafeBrowsing enabled and we fetch the verdict from the
71    // cache or by sending a verdict request.
72    enum ReputationVerdict {
73      VERDICT_UNSPECIFIED = 0;
74      SAFE = 1;
75      LOW_REPUTATION = 2;
76      PHISHING = 3;
77    }
78    optional ReputationVerdict verdict = 2;
79    // PhishGuard token that identifies the verdict on the server.
80    optional bytes verdict_token = 3;
81  }
82  // Logged when we try to detect whether the password was reused on a
83  // Phishing or a Low-reputation site.
84  optional PasswordReuseLookup reuse_lookup = 2;
85
86  // Logged when the user interacts with the warning UI shown to encourage
87  // password change if the site is Phishing or Low-reputation.
88  message PasswordReuseDialogInteraction {
89    enum InteractionResult {
90      UNSPECIFIED = 0;
91      // The user took the action suggested by the warning prompt.
92      WARNING_ACTION_TAKEN = 1;
93      // The user clicked ignore in the warning prompt.
94      WARNING_ACTION_IGNORED = 2;
95      // The warning UI was ignored, i.e. not interacted with by the user.
96      // This could happen if the user navigates away from the page.
97      WARNING_UI_IGNORED = 3;
98      // The user clicked "Change Password" on chrome://settings page.
99      WARNING_ACTION_TAKEN_ON_SETTINGS = 4;
100    }
101    optional InteractionResult interaction_result = 1;
102  }
103  optional PasswordReuseDialogInteraction dialog_interaction = 3;
104
105  // TODO(markusheintz): Remove
106  // DEPRECATED: DO NOT USE!
107  // Logged when the user logs into Google, and at least once per 28d.
108  message PasswordCaptured {
109    enum EventTrigger {
110      UNSPECIFIED = 0;
111      // Event added because user logged in.
112      USER_LOGGED_IN = 1;
113      // Event added because 28d timer fired.
114      EXPIRED_28D_TIMER = 2;
115    }
116    optional EventTrigger event_trigger = 1;
117  }
118  optional PasswordCaptured password_captured = 4 [deprecated = true];
119}
120