Updated OpenPGP API (markdown)
parent
52cff5b3cb
commit
fa7866a90e
|
@ -159,10 +159,4 @@ Intent result = api.executeApi(data, is, os);
|
||||||
A complete example can be found in the demo application's [``OpenPgpProviderActivity.java``](https://github.com/open-keychain/api-example/blob/master/example-app/src/main/java/org/sufficientlysecure/keychain/demo/OpenPgpProviderActivity.java).
|
A complete example can be found in the demo application's [``OpenPgpProviderActivity.java``](https://github.com/open-keychain/api-example/blob/master/example-app/src/main/java/org/sufficientlysecure/keychain/demo/OpenPgpProviderActivity.java).
|
||||||
|
|
||||||
## Internal Design Decisions
|
## Internal Design Decisions
|
||||||
* The API does not use the Android permission system due to [its problems](http://commonsware.com/blog/2014/02/12/vulnerabilities-custom-permissions.html) ([details](https://github.com/commonsguy/cwac-security/blob/master/PERMS.md)). Instead OpenKeychain stores its own table of granted applications.
|
Go to https://github.com/open-keychain/open-keychain/wiki/API
|
||||||
* The API should be as easy as possible and extendable. Because of this, the AIDL file is kept small and all operations are defined by Intents which can be passed through this interface to the remote service.
|
|
||||||
* The API should be able to work on ``byte[]``, ``Strings``, and files. To implement this, we use ``ParcelFileDescriptors``, which are passed via the AIDL method. ``ParcelFileDescriptors`` are initialized over ``InputStreams``, which can be based on all content types. (Note: ``ParcelFileDescriptors`` can not be part of the Intent, because of constraints in Android OS. They must be part of the AIDL method)
|
|
||||||
* The client app should be able to define where output is written, thus the calling client defines a ``ParcelFileDescriptor`` used to write the output into.
|
|
||||||
* Clients should never be able to actually access the private key object
|
|
||||||
* Clients should only work with private keys explicitly allowed by the user. This is done by API accounts on the side of OpenKeychain. Clients request a specific account based on a unique name and the user can then select the private key for this account. Clients can only decrypt with private keys set for these accounts.
|
|
||||||
* All user interaction should be happening on the right [task stack](http://developer.android.com/guide/components/tasks-and-back-stack.html) and clients should be able to specify by themselves when user interaction should be shown (consider a background encryption task, where a passphrase input is required. The user interaction for passphrase input should be delayed until the user unlocks his/her phone again). This requirement is implemented by returning ``PendingIntents`` to the client application, which are then started by the client at a chosen time. ``PendingIntents`` are also attached to the client app's task stack. Actitivites are never started from OpenKeychain's background service.
|
|
Loading…
Reference in New Issue