diff options
| author | Dominik Schürmann <dominik@dominikschuermann.de> | 2013-09-06 11:24:28 +0200 |
|---|---|---|
| committer | Dominik Schürmann <dominik@dominikschuermann.de> | 2013-09-06 11:24:28 +0200 |
| commit | dc6a709b7a8f3b80039c7de40050b9f2f3f42dd2 (patch) | |
| tree | e7cf0397d24d51cca4475fe776f613cd35c0f892 /OLD_API.md | |
| parent | c97c57d34ea1994312ad7e409042ec55cf27c1d2 (diff) | |
| download | open-keychain-dc6a709b7a8f3b80039c7de40050b9f2f3f42dd2.tar.gz open-keychain-dc6a709b7a8f3b80039c7de40050b9f2f3f42dd2.tar.bz2 open-keychain-dc6a709b7a8f3b80039c7de40050b9f2f3f42dd2.zip | |
Disable parts of the old API
Diffstat (limited to 'OLD_API.md')
| -rw-r--r-- | OLD_API.md | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/OLD_API.md b/OLD_API.md new file mode 100644 index 000000000..1a9bab0a7 --- /dev/null +++ b/OLD_API.md @@ -0,0 +1,68 @@ +This is the old API. Currently disabled! + +# Security Model + +## Basic goals + +* Intents without permissions should only work based on user interaction (e.g. click a button in a dialog) + +Android primitives to exchange data: Intent, Intent with return values, Send (also an Intent), Content Provider, AIDL + +## Possible Permissions + +* ACCESS_API: Encrypt/Sign/Decrypt/Create keys without user interaction (intents, remote service), Read key information (not the actual keys)(content provider) +* ACCESS_KEYS: get and import actual public and secret keys (remote service) + + +## Without Permissions + +### Intents +All Intents start with org.sufficientlysecure.keychain.action. + +* android.intent.action.VIEW connected to .gpg and .asc files: Import Key and Decrypt +* android.intent.action.SEND connected to all mime types (text/plain and every binary data like files and images): Encrypt and Decrypt +* IMPORT +* IMPORT_FROM_FILE +* IMPORT_FROM_QR_CODE +* IMPORT_FROM_NFC +* SHARE_KEYRING +* SHARE_KEYRING_WITH_QR_CODE +* SHARE_KEYRING_WITH_NFC +* EDIT_KEYRING +* SELECT_PUBLIC_KEYRINGS +* SELECT_SECRET_KEYRING +* ENCRYPT +* ENCRYPT_FILE +* DECRYPT +* DECRYPT_FILE + +## With permission ACCESS_API + +### Intents + +* CREATE_KEYRING +* ENCRYPT_AND_RETURN +* ENCRYPT_STREAM_AND_RETURN +* GENERATE_SIGNATURE_AND_RETURN +* DECRYPT_AND_RETURN +* DECRYPT_STREAM_AND_RETURN + +### Broadcast Receiver +On change of database the following broadcast is send. +* DATABASE_CHANGE + +### Content Provider + +* The whole content provider requires a permission (only read) +* Don't give out blobs (keys can be accessed by ACCESS_KEYS via remote service) +* Make an internal and external content provider (or pathes with <path-permission>) +* Look at android:grantUriPermissions especially for ApgServiceBlobProvider +* Only give out android:readPermission + +### ApgApiService (Remote Service) +AIDL service + +## With permission ACCESS_KEYS + +### ApgKeyService (Remote Service) +AIDL service to access actual private keyring objects
\ No newline at end of file |