2013-09-06 11:24:28 +02:00
# Security Model
## Basic goals
2013-09-09 14:03:58 +02:00
* Intents invoked by apps that are not registered by Keychain's App API must require user interaction (e.g. click a button in a dialog to actually encrypt!)
2013-09-06 11:24:28 +02:00
## Without Permissions
### Intents
2013-09-09 14:03:58 +02:00
These Intents require user interaction!
2013-09-06 11:24:28 +02:00
All Intents start with ``org.sufficientlysecure.keychain.action.` `
* ``android.intent.action.VIEW` ` connected to .gpg and .asc files: Import Key and Decrypt
* ``android.intent.action.SEND connected to all mime types (text/plain and every binary data like files and images): Encrypt and Decrypt
2013-09-09 14:03:58 +02:00
* ``KEY_IMPORT` ` with extra "keyring_bytes" or Uri in data with file schema
* ``KEY_IMPORT_FROM_QR_CODE` ` without extras
* ``ENCRYPT` ` TODO: explain extras (see source)
2013-09-06 11:24:28 +02:00
* ``ENCRYPT_FILE` `
2013-09-09 14:03:58 +02:00
* ``DECRYPT` ` TODO: explain extras (see source)
2013-09-06 11:24:28 +02:00
* ``DECRYPT_FILE` `
TODO:
2013-09-09 14:03:58 +02:00
- new intent REGISTER_APP?
## App API
