From be4e3a10b008dfb33caf593b6e68bb7018c2a41c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Fri, 14 Dec 2012 18:22:03 +0100 Subject: AIDL API changes --- README.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'README.md') diff --git a/README.md b/README.md index ec38a7e09..86be161c6 100644 --- a/README.md +++ b/README.md @@ -62,11 +62,15 @@ See http://docs.oseems.com/general/application/eclipse/fix-gc-overhead-limit-exc ## Basic goals -* Never (even with permissions) give out actual PGPSecretKey/PGPSecretKeyRing blobs * Intents without permissions should only work based on user interaction (e.g. click a button in a dialog) Android primitives to exchange data: Intent, Intent with return values, Send (also an Intent), Content Provider, AIDL +## Permission + +* ACCESS_API: Encrypt/Sign/Decrypt/Create keys without user interaction (intents, remote service), Read key information (not the actual keys)(content provider) +* ACCESS_KEYS: get and import actual public and secret keys (remote service) + ## Intents ### Without permission @@ -92,16 +96,13 @@ Android primitives to exchange data: Intent, Intent with return values, Send (al ## Content Provider * The whole content provider requires a permission (only read) -* Don't give out blobs +* Don't give out blobs (keys can be accessed by ACCESS_KEYS via remote service) * Make an internal and external content provider (or pathes with ) * Look at android:grantUriPermissions especially for ApgServiceBlobProvider * Only give out android:readPermission -## Remote Service - -* The whole service requires the permission ACCESS_API - -## Resulting permission +## ApgApiService (Remote Service) +* ACCESS_API -* READ_KEY_DATABASE: Read key information (not the actual keys)(content provider) -* ACCESS_API: Encrypt/Sign/Decrypt/Create keys without user interaction (intents, remote service) \ No newline at end of file +## ApgKeyService (Remote Service) +* ACCESS_KEYS \ No newline at end of file -- cgit v1.2.3