aboutsummaryrefslogtreecommitdiffstats
path: root/OLD_API.md
diff options
context:
space:
mode:
Diffstat (limited to 'OLD_API.md')
-rw-r--r--OLD_API.md68
1 files changed, 68 insertions, 0 deletions
diff --git a/OLD_API.md b/OLD_API.md
new file mode 100644
index 000000000..1a9bab0a7
--- /dev/null
+++ b/OLD_API.md
@@ -0,0 +1,68 @@
+This is the old API. Currently disabled!
+
+# Security Model
+
+## Basic goals
+
+* Intents without permissions should only work based on user interaction (e.g. click a button in a dialog)
+
+Android primitives to exchange data: Intent, Intent with return values, Send (also an Intent), Content Provider, AIDL
+
+## Possible Permissions
+
+* ACCESS_API: Encrypt/Sign/Decrypt/Create keys without user interaction (intents, remote service), Read key information (not the actual keys)(content provider)
+* ACCESS_KEYS: get and import actual public and secret keys (remote service)
+
+
+## Without Permissions
+
+### Intents
+All Intents start with org.sufficientlysecure.keychain.action.
+
+* android.intent.action.VIEW connected to .gpg and .asc files: Import Key and Decrypt
+* android.intent.action.SEND connected to all mime types (text/plain and every binary data like files and images): Encrypt and Decrypt
+* IMPORT
+* IMPORT_FROM_FILE
+* IMPORT_FROM_QR_CODE
+* IMPORT_FROM_NFC
+* SHARE_KEYRING
+* SHARE_KEYRING_WITH_QR_CODE
+* SHARE_KEYRING_WITH_NFC
+* EDIT_KEYRING
+* SELECT_PUBLIC_KEYRINGS
+* SELECT_SECRET_KEYRING
+* ENCRYPT
+* ENCRYPT_FILE
+* DECRYPT
+* DECRYPT_FILE
+
+## With permission ACCESS_API
+
+### Intents
+
+* CREATE_KEYRING
+* ENCRYPT_AND_RETURN
+* ENCRYPT_STREAM_AND_RETURN
+* GENERATE_SIGNATURE_AND_RETURN
+* DECRYPT_AND_RETURN
+* DECRYPT_STREAM_AND_RETURN
+
+### Broadcast Receiver
+On change of database the following broadcast is send.
+* DATABASE_CHANGE
+
+### Content Provider
+
+* The whole content provider requires a permission (only read)
+* Don't give out blobs (keys can be accessed by ACCESS_KEYS via remote service)
+* Make an internal and external content provider (or pathes with <path-permission>)
+* Look at android:grantUriPermissions especially for ApgServiceBlobProvider
+* Only give out android:readPermission
+
+### ApgApiService (Remote Service)
+AIDL service
+
+## With permission ACCESS_KEYS
+
+### ApgKeyService (Remote Service)
+AIDL service to access actual private keyring objects \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 15:05:21 +0000