Change sign/hash algorithm field in StartCsrResponse DM message

Bug: 1045895
Change-Id: Ide014c5da95fe20847ea226ca9590e8884026ba6
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2038694Reviewed-by: Askar Aitzhan <askaraitzhan@google.com>
Reviewed-by: Pavol Marko <pmarko@chromium.org>
Commit-Queue: Michael Ershov <miersh@google.com>
Cr-Commit-Position: refs/heads/master@{#738586}

components/policy/proto/device_management_backend.proto

@@ -2708,13 +2708,21 @@ message ChildStatusReportResponse {
   optional string error_message = 2;
 }
 
+// Hashing Algorithm for Client Certificate Provisioning Flow.
+enum HashingAlgorithm {
+  // DO NOT USE
+  HASHING_ALGORITHM_UNSPECIFIED = 0;
+
+  SHA1 = 1;
+  SHA256 = 2;
+}
+
 // Signing Algorithm for Client Certificate Provisioning Flow.
 enum SigningAlgorithm {
   // DO NOT USE
   SIGNING_ALGORITHM_UNSPECIFIED = 0;
 
-  SHA1_WITH_RSA = 1;
-  SHA256_WITH_RSA = 2;
+  RSA_PKCS1_v1_5 = 1;
 }
 
 // Client Certificate Provisioning Flow, Stage 1: Start a CSR request.
@@ -2730,6 +2738,9 @@ message StartCsrResponse {
   // The verified access challenge.
   optional bytes va_challenge = 2;
 
+  // Algorithm to hash data with before signing.
+  optional HashingAlgorithm hashing_algorithm = 5;
+
   // Algorithm to sign data with for CSR creation.
   optional SigningAlgorithm signing_algorithm = 3;