Added in API level 33

Builder

class Builder
kotlin.Any
   ↳ android.security.identity.CredentialDataRequest.Builder

A builder for CredentialDataRequest.

Summary

Public constructors

Creates a new builder.

Public methods
CredentialDataRequest

Finishes building a CredentialDataRequest.

CredentialDataRequest.Builder
setAllowUsingExhaustedKeys(allowUsingExhaustedKeys: Boolean)

Sets whether to allow using an authentication key which use count has been exceeded.

CredentialDataRequest.Builder
setAllowUsingExpiredKeys(allowUsingExpiredKeys: Boolean)

Sets whether to allow using an authentication key which is expired.

CredentialDataRequest.Builder

Sets the device-signed entries to request.

CredentialDataRequest.Builder
setIncrementUseCount(incrementUseCount: Boolean)

Sets whether to increment the use-count for the authentication key used.

CredentialDataRequest.Builder

Sets the issuer-signed entries to request.

CredentialDataRequest.Builder
setReaderSignature(readerSignature: ByteArray)

Sets the reader signature.

CredentialDataRequest.Builder
setRequestMessage(requestMessage: ByteArray)

Sets the request message CBOR.

Public constructors

Builder

Added in API level 33
Builder()

Creates a new builder.

Public methods

build

Added in API level 33
fun build(): CredentialDataRequest

Finishes building a CredentialDataRequest.

Return
CredentialDataRequest the CredentialDataRequest object. This value cannot be null.

setAllowUsingExhaustedKeys

Added in API level 33
fun setAllowUsingExhaustedKeys(allowUsingExhaustedKeys: Boolean): CredentialDataRequest.Builder

Sets whether to allow using an authentication key which use count has been exceeded.

This is useful in situations where the application hasn't had a chance to renew authentication keys, for example if the device hasn't been connected to the Internet or if the issuing authority server has been down.

The reason this could be useful is that the privacy risk of reusing an authentication key for a credential presentation could be significantly smaller compared to the inconvenience of not being able to present the credential at all.

By default this is set to true.

Parameters
allowUsingExhaustedKeys Boolean: whether to allow using an authentication key which use count has been exceeded if no other key is available.
Return
CredentialDataRequest.Builder the builder. This value cannot be null.

setAllowUsingExpiredKeys

Added in API level 33
fun setAllowUsingExpiredKeys(allowUsingExpiredKeys: Boolean): CredentialDataRequest.Builder

Sets whether to allow using an authentication key which is expired.

This is useful in situations where the application hasn't had a chance to renew authentication keys, for example if the device hasn't been connected to the Internet or if the issuing authority server has been down.

The reason this could be useful is that many verifiers are likely to accept a credential presentation using an expired authentication key (the credential itself wouldn't be expired) and it's likely better for the holder to be able to do this than not present their credential at all.

By default this is set to false.

Parameters
allowUsingExpiredKeys Boolean: whether to allow using an authentication key which is expired if no other key is available.
Return
CredentialDataRequest.Builder the builder. This value cannot be null.

setDeviceSignedEntriesToRequest

Added in API level 33
fun setDeviceSignedEntriesToRequest(entriesToRequest: MutableMap<String!, MutableCollection<String!>!>): CredentialDataRequest.Builder

Sets the device-signed entries to request.

Parameters
entriesToRequest MutableMap<String!, MutableCollection<String!>!>: the device-signed entries to request. This value cannot be null.
Return
CredentialDataRequest.Builder This value cannot be null.

setIncrementUseCount

Added in API level 33
fun setIncrementUseCount(incrementUseCount: Boolean): CredentialDataRequest.Builder

Sets whether to increment the use-count for the authentication key used.

Not incrementing the use-count for an authentication key is useful in situations where the authentication key is known with certainty to not be leaked. For example, consider an application doing a credential presentation for the sole purpose of displaying the credential data to the user (not for verification).

By default this is set to true.

Parameters
incrementUseCount Boolean: whether to increment the use count of the authentication key used.
Return
CredentialDataRequest.Builder the builder. This value cannot be null.

setIssuerSignedEntriesToRequest

Added in API level 33
fun setIssuerSignedEntriesToRequest(entriesToRequest: MutableMap<String!, MutableCollection<String!>!>): CredentialDataRequest.Builder

Sets the issuer-signed entries to request.

Parameters
entriesToRequest MutableMap<String!, MutableCollection<String!>!>: the issuer-signed entries to request. This value cannot be null.
Return
CredentialDataRequest.Builder the builder. This value cannot be null.

setReaderSignature

Added in API level 33
fun setReaderSignature(readerSignature: ByteArray): CredentialDataRequest.Builder

Sets the reader signature.

This data structure is described in the documentation for the PresentationSession#getCredentialData(String, CredentialDataRequest) method.

Parameters
readerSignature ByteArray: a COSE_Sign1 structure as described above. This value cannot be null.
Return
CredentialDataRequest.Builder the builder. This value cannot be null.

setRequestMessage

Added in API level 33
fun setRequestMessage(requestMessage: ByteArray): CredentialDataRequest.Builder

Sets the request message CBOR.

This data structure is described in the documentation for the PresentationSession#getCredentialData(String, CredentialDataRequest) method.

Parameters
requestMessage ByteArray: the request message CBOR as described above. This value cannot be null.
Return
CredentialDataRequest.Builder the builder. This value cannot be null.