* See the License for the specific language governing permissions and
* limitations under the License.
*/
+
+
#ifndef __TIZEN_CORE_KEY_MANAGER_DOC_H__
#define __TIZEN_CORE_KEY_MANAGER_DOC_H__
+
+
/**
* @ingroup CAPI_SECURITY_FRAMEWORK
* @defgroup CAPI_KEY_MANAGER_MODULE Key Manager
- * @brief The key manager provides a secure repository protected by a user’s passwords for keys, certificates, and sensitive data of users and/or their APPs. Additionally, the key manager provides secure cryptographic operations for non-exportable keys without revealing key values to clients.
- *
+ * @brief The key manager provides a secure repository protected by Tizen platform for keys, certificates, and sensitive data of users and/or their APPs.
+ * Additionally, the key manager provides secure cryptographic operations for non-exportable keys without revealing key values to clients.
+ * Since Tizen 5.0 on chosen system images, module may use ARM TrustZone technology and may rely on particular TEE (Trusted Execution Environment) implementation.
* @section CAPI_KEY_MANAGER_MODULE_OVERVIEW Overview
* <table>
* <tr><th>API</th><th>Description</th></tr>
* <tr>
* <td> @ref CAPI_KEY_MANAGER_CLIENT_MODULE</td>
- * <td> Provides APIs accessing on the secure repository and additional secure cryptographic operations.</td>
+ * <td> Provides APIs for accessing the secure repository and additional secure cryptographic operations.</td>
* </tr>
* <tr>
* <td> @ref CAPI_KEY_MANAGER_TYPES_MODULE</td>
- * <td> Defines a data types used in this APIs and provides utility methods handling them.</td>
+ * <td> Defines data types used in these APIs and provides utility methods handling them.</td>
* </tr>
* </table>
- *
- * It provides a secure repository for keys, certificates, and sensitive data of users and/or their APPs which are protected by a user’s passwords.
+ * It provides a secure repository for keys, certificates, and sensitive data of users and/or their APPs which are protected by Tizen platform.
* Additionally, it provides secure cryptographic operations for non-exportable keys without revealing key values to clients.
*
* @image html capi_key_manager_overview_diagram.png
- *
* The key manager provides 2 types of API.
- * - secure repository APIs : These APIs provides storing, retrieving, and removing functions for keys, certificates, and data.
- * - secure crypto APIs : These APIs provides additional cryptographic operations(create asymmetric key pair, sign/verify signature, verify certificate)
- *
+ * - secure repository APIs: These APIs provides storing, retrieving, and removing functions for keys, certificates, and data.
+ * - secure crypto APIs: These APIs provides additional cryptographic operations (create asymmetric key pair, sign/verify signature, verify certificate).
* Data Store Policy:
- * A client can specify a simple access rules when storing a data in Key Manager.
- * - Restricted/Non-Restricted:
- * Data stored in Key Manager can be access on only by its owner if the data is tagged as restricted.
- * For data tagged as non-restricted, all clients can access on the data.
+ * A client can specify simple access rules when storing data in Key Manager.
* - Exportable/Non-Exportable:
* Only for data tagged as exportable, Key Manager returns the raw value of the data.
- * If data is tagged as non-exportable, Key Manager doesn’t return its raw value. For that case, Key Manager provides secure cryptographic operations for non-exportable keys without revealing key values to clients.
+ * If data is tagged as non-exportable, Key Manager does not return its raw value.
+ * In that case, Key Manager provides secure cryptographic operations for non-exportable keys without revealing key values to clients.
* - Per Key Password:
- * All data in Key Manager is protected by a user’s password.
+ * All data in Key Manager is protected by Tizen platform.
* Besides, a client can encrypt its data using its own password additionally.
- * If a client provides a password when storing a data, the data will be encrypted with the password. This password should be provided when get the data from Key Manager.
- *
- * User Login/Logout and Data Protection
- * - When a user logs in, logs out or changes his/her password, Key Manager should know about it.
- * Privileged APPs such as ockScreen APP or Setting APP can notify to key manager using these control APIs.
- * - When a user logs in, the key manager decrypts the user's DKEK(with which a user's data file is encrypted) with a user password.
- * So during the login period, any client can access its data which is protected by a user's password.
- * "user key" in API means DKEK.
- * - When a user logs out, the key manager removes the user's DKEK from memory.
- * Therefore, any clients cannot access to any data.
- * - When a user change his/her password, the key manager re-encrypted the user's DKEK with a new password.
- *
+ * If a client provides a password when storing a data, the data will be encrypted with the password.
+ * This password should be provided when getting the data from Key Manager.
+ * Data Access Control
+ * - By default, only the owner of a data can access to the data.
+ * - If the owner grants the access to other applications, those applications can read or delete the data from key-manager DB.
+ * - When an application is deleted, the data and access control information granted by the application are also removed.
+ * Alias Format
+ * - The format of alias is "package_id name".
+ * - If package_id is not provided by a client, the key-manager will add the package_id of the client to the name internally.
+ * - The client can specify only its own package id in the alias when storing a key, certificate, or data.
+ * - A client should specify the package id of the owner in the alias to retrieve a a key, certificate, or data shared by other applications.
+ * - Aliases are returned as the format of "package_id name" from the key-manager.
+ * Supported features
+ * Since Tizen 5.0 on chosen images, the realization of module functionality can be implemented using ARM TrustZone technology.
+ * Differences in standards governing TrustZone implementation and previous software-based implementation cause following differences in module operation:
+ * - When using TrustZone-based backend, GCM modes with 32 and 64 bit tag lengths are not supported.
+ * Global Platform TEE specification treats these configurations as unsafe and not supported.
+ * - When using TrustZone-based backend, passing big amounts of data (encryption/decryption) to the module has additional size restriction.
+ * Now it depends on the TEEC_CONFIG_SHAREDMEM_MAX_SIZE definition, specific for given TEE implementation, minus size of key-information needed to be passed to TEE.
+ * Minimum supported value for passing data to the module is at 500 kB.
*/
+
#endif /* __TIZEN_CORE_KEY_MANAGER_DOC_H__ */
projects / platform / core / security / key-manager.git / blobdiff