multipaz-android-legacy/com.android.identity.android.legacy/IdentityCredentialStore/getKeystoreInstance

getKeystoreInstance

@NonNull
open fun getKeystoreInstance(@NonNull context: Context, @NonNull storageDirectory: File): IdentityCredentialStore

Gets a IdentityCredentialStore implemented via Hardware-Backed Android Keystore. This is also known as the keystore implementation. This implementation guarantees that CredentialKey and all AuthKeys are stored in the Secure Hardware used to back Android Keystore. Additionally, if StrongBox is available it will be used for these kinds of keys.

Additionally, with this implementation credential data is stored in the directory specified by the storageDirectory parameter. The file names and contents of these files are private to this library and the data stored on disk is encrypted using a hardware-backed symmetric key.

The application should choose a path that is not subject to Backup &Restore, for example getNoBackupFilesDir().

Return

an implementation of IdentityCredentialStore implemented on top of Hardware-Backed Android Keystore.

Parameters

context

The context.

storageDirectory

The path where to storage credential data, see above.