multipaz-android-legacy/com.android.identity.android.legacy/IdentityCredential

IdentityCredential

Class used to read data from a previously provisioned credential. Use getCredentialByName to get a IdentityCredential instance.

Functions

createEphemeralKeyPair

@NonNull

abstract fun ~~createEphemeralKeyPair~~(): KeyPair

Create an ephemeral key pair to use to establish a secure channel with a reader.

decryptMessageFromReader

@NonNull

abstract fun ~~decryptMessageFromReader~~(@NonNull messageCiphertext: Array<Byte>): Array<Byte>

Decrypt a message received from the reader.

delete

@NonNull

open fun delete(@NonNull challenge: Array<Byte>): Array<Byte>

Deletes a credential.

encryptMessageToReader

@NonNull

abstract fun ~~encryptMessageToReader~~(@NonNull messagePlaintext: Array<Byte>): Array<Byte>

Encrypt a message for transmission to the reader.

getAuthenticationDataExpirations

@NonNull

open fun getAuthenticationDataExpirations(): List<Calendar>

Get the expiration times of dynamic authentication keys.

getAuthenticationDataUsageCount

@NonNull

abstract fun getAuthenticationDataUsageCount(): Array<Int>

Get the number of times the dynamic authentication keys have been used.

getAuthKeysNeedingCertification

@NonNull

abstract fun getAuthKeysNeedingCertification(): Collection<X509Certificate>

Gets a collection of dynamic authentication keys that need certification.

getCredentialKeyCertificateChain

@NonNull

abstract fun getCredentialKeyCertificateChain(): Collection<X509Certificate>

Gets the X.509 certificate chain for the CredentialKey which identifies this credential to the issuing authority.

getCryptoObject

@Nullable

abstract fun getCryptoObject(): BiometricPrompt.CryptoObject

Gets a BiometricPrompt.CryptoObject which can be used with this IdentityCredential.

getEntries

@NonNull

abstract fun ~~getEntries~~(@Nullable requestMessage: Array<Byte>, @NonNull entriesToRequest: Map<String, Collection<String>>, @Nullable readerSignature: Array<Byte>): ResultData

Retrieve data entries and associated data from this IdentityCredential.

peekNextAuthenticationKey

@Nullable

open fun peekNextAuthenticationKey(): Array<Byte>

Looks up the next static authentication key to use.

proveOwnership

@NonNull

open fun proveOwnership(@NonNull challenge: Array<Byte>): Array<Byte>

Proves ownership of a credential.

setAllowUsingExhaustedKeys

abstract fun ~~setAllowUsingExhaustedKeys~~(allowUsingExhaustedKeys: Boolean)

Sets whether to allow using an authentication key which use count has been exceeded if no other key is available.

setAllowUsingExpiredKeys

open fun ~~setAllowUsingExpiredKeys~~(allowUsingExpiredKeys: Boolean)

Sets whether to allow using an authentication key which has been expired if no other key is available.

setAvailableAuthenticationKeys

abstract fun ~~setAvailableAuthenticationKeys~~(keyCount: Int, maxUsesPerKey: Int)

Sets the number of dynamic authentication keys the IdentityCredential will maintain, and the number of times each should be used.

open fun setAvailableAuthenticationKeys(keyCount: Int, maxUsesPerKey: Int, minValidTimeMillis: Long)

Sets the number of dynamic authentication keys the IdentityCredential will maintain, the number of times each should be used, and the minimum amount of time it's valid for.

setIncrementKeyUsageCount

open fun ~~setIncrementKeyUsageCount~~(incrementKeyUsageCount: Boolean)

Sets whether the usage count of an authentication key should be increased.

setReaderEphemeralPublicKey

abstract fun ~~setReaderEphemeralPublicKey~~(@NonNull readerEphemeralPublicKey: PublicKey)

Set the ephemeral public key provided by the reader.

setSessionTranscript

abstract fun ~~setSessionTranscript~~(@NonNull sessionTranscript: Array<Byte>)

Set the session transcript.

storeStaticAuthenticationData

abstract fun ~~storeStaticAuthenticationData~~(@NonNull authenticationKey: X509Certificate, @NonNull staticAuthData: Array<Byte>)

open fun storeStaticAuthenticationData(@NonNull authenticationKey: X509Certificate, @NonNull expirationDate: Calendar, @NonNull staticAuthData: Array<Byte>)

Store authentication data associated with a dynamic authentication key.

update

@NonNull

open fun update(@NonNull personalizationData: PersonalizationData): Array<Byte>

Updates the credential with new access control profiles and data items.