2 uid: Tizen.Security.SecureRepository
3 summary: Secure Repository function is provided by key-manager module in Tizen. The key manager provides a secure repository for keys, certificates, and sensitive data related to users and their password-protected APPs. Additionally, it provides secure cryptographic operations for non-exportable keys without revealing the key values to clients.
7 Secure Repository stores keys, certificates, and sensitive user data in a central secure repository. The central secure repository is protected by a password.
10 A client can specify simple access rules when storing data in the key manager:
12 * Extractable or non-extractable
13 - Only for data tagged as extractable, the key manager returns the raw value of the data.
14 - If data is tagged as non-extractable, the key manager does not return its raw value. In that case, the key manager provides secure cryptographic operations for non-exportable keys without revealing the key values to the clients.
16 - All data in the key manager is protected by a user password.
17 - A client can encrypt its data using their own password additionally.
18 - If a client provides a password when storing data, the data is encrypted with the password. This password must be provided when getting the data from the key manager.
20 ### Data Access Control
21 - By default, only the owner of a data can access to the data.
22 - If the owner grants the access to other applications, those applications can read or delete the data from key-manager DB.
23 - When an application is deleted, the data and access control information granted by the application are also removed.
26 - The format of alias is "package_id name" and the name should not contain any white space characters.
27 - If package_id is not provided by a client, the key-manager will add the package_id of the client to the name internally.
28 - The client can specify only its own pacakge id in the alias when storing a key, certificate, or data.
29 - A client should specify the pacakge id of the owner in the alias to retrieve a a key, certificate, or data shared by other applications.
30 - Aliases are returned from the key-manager as the format of package_id name.