Disable parts of the old API

2013-09-06 11:24:28 +02:00
parent c97c57d34e
commit dc6a709b7a
7 changed files with 201 additions and 148 deletions
--- a/API.md
+++ b/API.md
@@ -0,0 +1,34 @@
+# Security Model
+
+## Basic goals
+
+* Intents without permissions should only work based on user interaction (e.g. click a button in a dialog)
+
+Android primitives to exchange data: Intent, Intent with return values, Send (also an Intent), Content Provider, AIDL
+
+## Without Permissions
+
+### Intents
+All Intents start with ``org.sufficientlysecure.keychain.action.``
+
+* ``android.intent.action.VIEW`` connected to .gpg and .asc files: Import Key and Decrypt
+* ``android.intent.action.SEND connected to all mime types (text/plain and every binary data like files and images): Encrypt and Decrypt
+* ``IMPORT``
+* ``IMPORT_FROM_FILE``
+* ``IMPORT_FROM_QR_CODE``
+* ``IMPORT_FROM_NFC``
+* ``SHARE_KEYRING``
+* ``SHARE_KEYRING_WITH_QR_CODE``
+* ``SHARE_KEYRING_WITH_NFC``
+* ``EDIT_KEYRING``
+* ``SELECT_PUBLIC_KEYRINGS``
+* ``SELECT_SECRET_KEYRING``
+* ``ENCRYPT``
+* ``ENCRYPT_FILE``
+* ``DECRYPT``
+* ``DECRYPT_FILE``
+
+TODO:
+- remove IMPORT, SHARE intents, simplify ENCRYPT and DECRYPT intents (include _FILE derivates like done in SEND based on file type)
+- EDIT_KEYRING and CREATE_KEYRING, should be available via for registered apps
+- new intent REGISTER_APP?