MultipazProject

multipaz/org.multipaz.securearea.software/SoftwareSecureArea

SoftwareSecureArea

class SoftwareSecureArea : SecureArea

An implementation of SecureArea in software.

This implementation supports all the curves and algorithms defined by SecureArea and also supports passphrase-protected keys. Key material is stored using the Storage abstraction and passphrase-protected keys are encrypted using AES-GCM with 256-bit keys with the key derived from the passphrase using HKDF.

On JVM and Android this is using Crypto and the algorithms and curves it implements.

Use SoftwareSecureArea.create to create an instance of SoftwareSecureArea.

Types

object Companion

Properties

open override val displayName: String

The name of the Secure Area, suitable for displaying to the end user.

open override val identifier: String

A stable identifier for the Secure Area.

supportedAlgorithms

open override val supportedAlgorithms: List<Algorithm>

The list of algorithms the Secure Area supports.

Functions

open suspend fun batchCreateKey(numKeys: Int, createKeySettings: CreateKeySettings): BatchCreateKeyResult

Creates a batch of new keys.

open suspend override fun createKey(alias: String?, createKeySettings: CreateKeySettings): SoftwareKeyInfo

Creates a new key.

open suspend override fun deleteKey(alias: String)

Deletes a previously created key.

open suspend override fun getKeyInfo(alias: String): SoftwareKeyInfo

Gets information about a key.

getKeyInvalidated

open suspend override fun getKeyInvalidated(alias: String): Boolean

Checks whether the key has been invalidated.

suspend fun getPrivateKey(alias: String, keyUnlockData: KeyUnlockData?): EcPrivateKey

Gets the underlying private key.

open suspend override fun keyAgreement(alias: String, otherKey: EcPublicKey, keyUnlockData: KeyUnlockData?): ByteArray

Performs Key Agreement.

open suspend override fun sign(alias: String, dataToSign: ByteArray, keyUnlockData: KeyUnlockData?): EcSignature

Signs data with a key.