Credentials cannot be updated or modified after creation; any changes require deletion and * re-creation. * * Use {@link IdentityCredentialStore#createCredential(String, String)} to create a new credential. */ public abstract class WritableIdentityCredential { /** * @hide */ protected WritableIdentityCredential() {} /** * Generates and returns an X.509 certificate chain for the CredentialKey which identifies this * credential to the issuing authority. The certificate contains an * Android Keystore * attestation extension which describes the key and the security hardware in which it lives. * *
Additionally, the attestation extension will contain the tag Tag::IDENTITY_CREDENTIAL_KEY * which indicates it is an Identity Credential key (which can only sign/MAC very specific * messages) and not an Android Keystore key (which can be used to sign/MAC anything). * *
The issuer MUST carefully examine this certificate chain including (but not * limited to) checking that the root certificate is well-known, the tag * Tag::IDENTITY_CREDENTIAL_KEY present, the passed in challenge is present, the tag * Tag::ATTESTATION_APPLICATION_ID is set to the expected Android application, the device * has verified boot enabled, each certificate in the chain is signed by its successor, * none of the certificates have been revoked, and so on. * *
It is not strictly necessary to use this method to provision a credential if the issuing
* authority doesn't care about the nature of the security hardware. If called, however, this
* method must be called before {@link #personalize(PersonalizationData)}.
*
* @param challenge is a non-empty byte array whose contents should be unique, fresh and
* provided by the issuing authority. The value provided is embedded in the
* attestation extension and enables the issuing authority to verify that the
* attestation certificate is fresh. Implementations are required to support
* challenges at least 32 bytes of length.
* @return the X.509 certificate for this credential's CredentialKey.
*/
public abstract @NonNull Collection This method returns a COSE_Sign1 data structure signed by the CredentialKey with payload
* set to {@code ProofOfProvisioning} as defined below.
*
* This data structure provides a guarantee to the issuer about the data which may be
* returned in the CBOR returned by
* {@link ResultData#getAuthenticatedData()} during a credential
* presentation.
*
* @param personalizationData The data to provision, including access control profiles
* and data elements and their values, grouped into namespaces.
* @return A COSE_Sign1 data structure, see above.
*/
public abstract @NonNull byte[] personalize(
@NonNull PersonalizationData personalizationData);
}
* ProofOfProvisioning = [
* "ProofOfProvisioning", ; tstr
* tstr, ; DocType
* [ * AccessControlProfile ],
* ProvisionedData,
* bool ; true if this is a test credential, should
* ; always be false.
* ]
*
* AccessControlProfile = {
* "id": uint,
* ? "readerCertificate" : bstr,
* ? (
* "userAuthenticationRequired" : bool,
* "timeoutMillis" : uint,
* )
* }
*
* ProvisionedData = {
* * Namespace => [ + Entry ]
* },
*
* Namespace = tstr
*
* Entry = {
* "name" : tstr,
* "value" : any,
* "accessControlProfiles" : [ * uint ],
* }
*
*
*