Summary: Constants | Methods | Inherited Methods

IdentityCredentialStore

Kotlin |Java

public abstract class IdentityCredentialStore
extends Object

java.lang.Object
↳	android.security.identity.IdentityCredentialStore

An interface to a secure store for user identity documents.

This interface is deliberately fairly general and abstract. To the extent possible, specification of the message formats and semantics of communication with credential verification devices and issuing authorities (IAs) is out of scope. It provides the interface with secure storage but a credential-specific Android application will be required to implement the presentation and verification protocols and processes appropriate for the specific credential type.

Multiple credentials can be created. Each credential comprises:

A document type, which is a string.
A set of namespaces, which serve to disambiguate value names. It is recommended that namespaces be structured as reverse domain names so that IANA effectively serves as the namespace registrar.
For each namespace, a set of name/value pairs, each with an associated set of access control profile IDs. Names are strings and values are typed and can be any value supported by CBOR.
A set of access control profiles, each with a profile ID and a specification of the conditions which satisfy the profile's requirements.
An asymmetric key pair which is used to authenticate the credential to the Issuing Authority, called the CredentialKey.
A set of zero or more named reader authentication public keys, which are used to authenticate an authorized reader to the credential.
A set of named signing keys, which are used to sign collections of values and session transcripts.

Implementing support for user identity documents in secure storage requires dedicated hardware-backed support and may not always be available.

Two different credential stores exist - the default store and the direct access store. Most often credentials will be accessed through the default store but that requires that the Android device be powered up and fully functional. It is desirable to allow identity credential usage when the Android device's battery is too low to boot the Android operating system, so direct access to the secure hardware via NFC may allow data retrieval, if the secure hardware chooses to implement it.

Credentials provisioned to the direct access store should always use reader authentication to protect data elements. The reason for this is user authentication or user approval of data release is not possible when the device is off.

Summary

Constants
`int`	`CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256` Specifies that the cipher suite that will be used to secure communications between the reader is: ECDHE with HKDF-SHA-256 for key agreement.

Constants

int

CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256

Specifies that the cipher suite that will be used to secure communications between the reader is:

ECDHE with HKDF-SHA-256 for key agreement.

Public methods
`abstract WritableIdentityCredential`	`createCredential(String credentialName, String docType)` Creates a new credential.
`abstract byte[]`	`deleteCredentialByName(String credentialName)` Delete a named credential.
`abstract IdentityCredential`	`getCredentialByName(String credentialName, int cipherSuite)` Retrieve a named credential.
`static IdentityCredentialStore`	`getDirectAccessInstance(Context context)` Gets the `IdentityCredentialStore` for direct access.
`static IdentityCredentialStore`	`getInstance(Context context)` Gets the default `IdentityCredentialStore`.
`abstract String[]`	`getSupportedDocTypes()` Gets a list of supported document types.

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeout, int nanos)` Causes the current thread to wait until another thread invokes the `notify()` method or the `notifyAll()` method for this object, or some other thread interrupts the current thread, or a certain amount of real time has elapsed.
`final void`	`wait(long timeout)` Causes the current thread to wait until either another thread invokes the `notify()` method or the `notifyAll()` method for this object, or a specified amount of time has elapsed.
`final void`	`wait()` Causes the current thread to wait until another thread invokes the `notify()` method or the `notifyAll()` method for this object.

Constants

CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256

Added in Android R

public static final int CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256

Specifies that the cipher suite that will be used to secure communications between the reader is:

ECDHE with HKDF-SHA-256 for key agreement.
AES-256 with GCM block mode for authenticated encryption (nonces are incremented by one for every message).
ECDSA with SHA-256 for signing (used for signing session transcripts to defeat man-in-the-middle attacks), signing keys are not ephemeral. See IdentityCredential for details on reader and prover signing keys.

At present this is the only supported cipher suite.

Constant Value: 1 (0x00000001)

Public methods

createCredential

Added in Android R

public abstract WritableIdentityCredential createCredential (String credentialName, 
                String docType)

Creates a new credential.

Parameters
`credentialName`	`String`: The name used to identify the credential. This value cannot be `null`.
`docType`	`String`: The document type for the credential. This value cannot be `null`.

Returns
`WritableIdentityCredential`	A @{link WritableIdentityCredential} that can be used to create a new credential. This value cannot be `null`.

Throws
`AlreadyPersonalizedException`	if a credential with the given name already exists.
`DocTypeNotSupportedException`	if the given document type isn't supported by the store.

deleteCredentialByName

Added in Android R

public abstract byte[] deleteCredentialByName (String credentialName)

Delete a named credential.

This method returns a COSE_Sign1 data structure signed by the CredentialKey with payload set to ProofOfDeletion as defined below:

     ProofOfDeletion = [
          "ProofOfDeletion",            ; tstr
          tstr,                         ; DocType
          bool                          ; true if this is a test credential, should
                                        ; always be false.
      ]

Parameters
`credentialName`	`String`: the name of the credential to delete. This value cannot be `null`.

Returns
`byte[]`	`null` if the credential was not found, the COSE_Sign1 data structure above if the credential was found and deleted.

getCredentialByName

Added in Android R

public abstract IdentityCredential getCredentialByName (String credentialName, 
                int cipherSuite)

Retrieve a named credential.

Parameters
`credentialName`	`String`: the name of the credential to retrieve. This value cannot be `null`.
`cipherSuite`	`int`: the cipher suite to use for communicating with the verifier. Value is `CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256`

Returns
`IdentityCredential`	The named credential, or null if not found.

Throws
`CipherSuiteNotSupportedException`

getDirectAccessInstance

Added in Android R

public static IdentityCredentialStore getDirectAccessInstance (Context context)

Gets the IdentityCredentialStore for direct access.

Direct access requires specialized NFC hardware and may not be supported on all devices even if default store is available. Credentials provisioned to the direct access store should always use reader authentication to protect data elements.

Parameters
`context`	`Context`: the application context. This value cannot be `null`.

Returns
`IdentityCredentialStore`	the `IdentityCredentialStore` or `null` if direct access is not supported on this device.

getInstance

Added in Android R

public static IdentityCredentialStore getInstance (Context context)

Gets the default IdentityCredentialStore.

Parameters
`context`	`Context`: the application context. This value cannot be `null`.

Returns
`IdentityCredentialStore`	the `IdentityCredentialStore` or `null` if the device doesn't have hardware-backed support for secure storage of user identity documents.

getSupportedDocTypes

Added in Android R

public abstract String[] getSupportedDocTypes ()

Gets a list of supported document types.

Only the direct-access store may restrict the kind of document types that can be used for credentials. The default store always supports any document type.

Returns
`String[]`	The supported document types or the empty array if any document type is supported. This value cannot be `null`.