Google is committed to advancing racial equity for Black communities. See how.

ResultData

abstract class ResultData
kotlin.Any
   ↳ androidx.security.identity.ResultData

An object that contains the result of retrieving data from a credential. This is used to return data requested from a IdentityCredential.

Summary

Constants
static Int

Requested entry wasn't in the request message.

static Int

Requested entry was not requested.

static Int

The requested entry was not retrieved because it was configured without any access control profile.

static Int

Requested entry does not exist.

static Int

Value was successfully retrieved.

static Int

The requested entry was not retrieved because reader authentication wasn't performed.

static Int

The requested entry was not retrieved because user authentication wasn't performed.

Public methods
abstract ByteArray

Returns a CBOR structure containing the retrieved data.

abstract ByteArray?

Returns a digital signature over the DeviceAuthenticationBytes CBOR specified in getAuthenticatedData(), to prove to the reader that the data is from a trusted credential.

abstract ByteArray?
getEntry(@NonNull namespaceName: String, @NonNull name: String)

Gets the raw CBOR data for the value of an entry.

open Boolean
getEntryBoolean(@NonNull namespaceName: String, @NonNull name: String)

Gets the value of an entry.

open ByteArray?
getEntryBytestring(@NonNull namespaceName: String, @NonNull name: String)

Gets the value of an entry.

open Calendar?
getEntryCalendar(@NonNull namespaceName: String, @NonNull name: String)

Gets the value of an entry.

open Long
getEntryInteger(@NonNull namespaceName: String, @NonNull name: String)

Gets the value of an entry.

abstract MutableCollection<String!>?
getEntryNames(@NonNull namespaceName: String)

Get the names of all entries.

open String?
getEntryString(@NonNull namespaceName: String, @NonNull name: String)

Gets the value of an entry.

abstract ByteArray?

Returns a message authentication code over the DeviceAuthenticationBytes CBOR specified in getAuthenticatedData(), to prove to the reader that the data is from a trusted credential.

abstract MutableCollection<String!>

Gets the names of namespaces with retrieved entries.

abstract MutableCollection<String!>?
getRetrievedEntryNames(@NonNull namespaceName: String)

Get the names of all entries that was successfully retrieved.

abstract ByteArray

Returns the static authentication data associated with the dynamic authentication key used to sign or MAC the data returned by getAuthenticatedData().

abstract Int
getStatus(@NonNull namespaceName: String, @NonNull name: String)

Gets the status of an entry.

Constants

STATUS_NOT_IN_REQUEST_MESSAGE

static val STATUS_NOT_IN_REQUEST_MESSAGE: Int

Requested entry wasn't in the request message.

Value: 3

STATUS_NOT_REQUESTED

static val STATUS_NOT_REQUESTED: Int

Requested entry was not requested.

Value: 2

STATUS_NO_ACCESS_CONTROL_PROFILES

static val STATUS_NO_ACCESS_CONTROL_PROFILES: Int

The requested entry was not retrieved because it was configured without any access control profile.

Value: 6

STATUS_NO_SUCH_ENTRY

static val STATUS_NO_SUCH_ENTRY: Int

Requested entry does not exist.

Value: 1

STATUS_OK

static val STATUS_OK: Int

Value was successfully retrieved.

Value: 0

STATUS_READER_AUTHENTICATION_FAILED

static val STATUS_READER_AUTHENTICATION_FAILED: Int

The requested entry was not retrieved because reader authentication wasn't performed.

Value: 5

STATUS_USER_AUTHENTICATION_FAILED

static val STATUS_USER_AUTHENTICATION_FAILED: Int

The requested entry was not retrieved because user authentication wasn't performed.

Value: 4

Public methods

getAuthenticatedData

@NonNull abstract fun getAuthenticatedData(): ByteArray

Returns a CBOR structure containing the retrieved data.

This structure - along with the session transcript - may be cryptographically authenticated to prove to the reader that the data is from a trusted credential and getMessageAuthenticationCode() can be used to get a MAC.

The CBOR structure which is cryptographically authenticated is the DeviceAuthenticationBytes structure according to the following CDDL schema:

DeviceAuthentication = [
          "DeviceAuthentication",
          SessionTranscript,
          DocType,
          DeviceNameSpacesBytes
        ]
     
        DocType = tstr
        SessionTranscript = any
        DeviceNameSpacesBytes = #6.24(bstr .cbor DeviceNameSpaces)
        DeviceAuthenticationBytes = #6.24(bstr .cbor DeviceAuthentication)
      

where

DeviceNameSpaces = {
          * NameSpace => DeviceSignedItems
        }
     
        DeviceSignedItems = {
          + DataItemName => DataItemValue
        }
     
        NameSpace = tstr
        DataItemName = tstr
        DataItemValue = any
      

The returned data is the binary encoding of the DeviceNameSpaces structure as defined above.

Return
ByteArray The bytes of the DeviceNameSpaces CBOR structure.

getEcdsaSignature

@Nullable abstract fun getEcdsaSignature(): ByteArray?

Returns a digital signature over the DeviceAuthenticationBytes CBOR specified in getAuthenticatedData(), to prove to the reader that the data is from a trusted credential. The signature will be made with one of the provisioned dynamic authentication keys. At most one of getMessageAuthenticationCode() or getEcdsaSignature() is implemented.

Return
ByteArray? null if not implemented, otherwise a COSE_Sign1 structure with the payload set to the data returned by getAuthenticatedData().

getEntry

@Nullable abstract fun getEntry(
    @NonNull namespaceName: String,
    @NonNull name: String
): ByteArray?

Gets the raw CBOR data for the value of an entry. This should only be called on an entry for which the getStatus(String, String) method returns STATUS_OK.

Parameters
namespaceName String: the namespace name of the entry.
name String: the name of the entry to get the value for.
Return
ByteArray? the raw CBOR data or null if no entry with the given name exists.

getEntryBoolean

open fun getEntryBoolean(
    @NonNull namespaceName: String,
    @NonNull name: String
): Boolean

Gets the value of an entry. This should only be called on an entry for which the getStatus(String, String) method returns STATUS_OK.

Parameters
namespaceName String: the namespace name of the entry.
name String: the name of the entry to get the value for.
Return
Boolean a boolean or false if no entry with the given name exists.

getEntryBytestring

@Nullable open fun getEntryBytestring(
    @NonNull namespaceName: String,
    @NonNull name: String
): ByteArray?

Gets the value of an entry. This should only be called on an entry for which the getStatus(String, String) method returns STATUS_OK.

Parameters
namespaceName String: the namespace name of the entry.
name String: the name of the entry to get the value for.
Return
ByteArray? a byte[] or null if no entry with the given name exists.

getEntryCalendar

@Nullable open fun getEntryCalendar(
    @NonNull namespaceName: String,
    @NonNull name: String
): Calendar?

Gets the value of an entry. This should only be called on an entry for which the getStatus(String, String) method returns STATUS_OK.

Parameters
namespaceName String: the namespace name of the entry.
name String: the name of the entry to get the value for.
Return
Calendar? a Calendar or null if no entry with the given name exists.

getEntryInteger

open fun getEntryInteger(
    @NonNull namespaceName: String,
    @NonNull name: String
): Long

Gets the value of an entry. This should only be called on an entry for which the getStatus(String, String) method returns STATUS_OK.

Parameters
namespaceName String: the namespace name of the entry.
name String: the name of the entry to get the value for.
Return
Long a long or 0 if no entry with the given name exists.

getEntryNames

@Nullable abstract fun getEntryNames(@NonNull namespaceName: String): MutableCollection<String!>?

Get the names of all entries. This includes the name of entries that wasn't successfully retrieved.

Parameters
namespaceName String: the namespace name to get entries for.
Return
MutableCollection<String!>? A collection of names or null if there are no entries for the given namespace.

getEntryString

@Nullable open fun getEntryString(
    @NonNull namespaceName: String,
    @NonNull name: String
): String?

Gets the value of an entry. This should only be called on an entry for which the getStatus(String, String) method returns STATUS_OK.

Parameters
namespaceName String: the namespace name of the entry.
name String: the name of the entry to get the value for.
Return
String? a String or null if no entry with the given name exists.

getMessageAuthenticationCode

@Nullable abstract fun getMessageAuthenticationCode(): ByteArray?

Returns a message authentication code over the DeviceAuthenticationBytes CBOR specified in getAuthenticatedData(), to prove to the reader that the data is from a trusted credential.

The MAC proves to the reader that the data is from a trusted credential. This code is produced by using the key agreement and key derivation function from the ciphersuite with the authentication private key and the reader ephemeral public key to compute a shared message authentication code (MAC) key, then using the MAC function from the ciphersuite to compute a MAC of the authenticated data. See section 9.2.3.5 of ISO/IEC 18013-5 for details of this operation.

If the sessionTranscript parameter passed to IdentityCredential#getEntries(byte[], Map, byte[]) was null or the reader ephmeral public key was never set using IdentityCredential#setReaderEphemeralPublicKey(PublicKey), no message authencation code will be produced and this method will return null. At most one of getMessageAuthenticationCode() or getEcdsaSignature() is implemented.

Return
ByteArray? A COSE_Mac0 structure with the message authentication code as described above or null if the conditions specified above are not met.

getNamespaces

@NonNull abstract fun getNamespaces(): MutableCollection<String!>

Gets the names of namespaces with retrieved entries.

Return
MutableCollection<String!> collection of name of namespaces containing retrieved entries. May be empty if no data was retrieved.

getRetrievedEntryNames

@Nullable abstract fun getRetrievedEntryNames(@NonNull namespaceName: String): MutableCollection<String!>?

Get the names of all entries that was successfully retrieved. This only return entries for which getStatus(String, String) will return STATUS_OK.

Parameters
namespaceName String: the namespace name to get entries for.
Return
MutableCollection<String!>? A collection of names or null if there are no entries for the given namespace.

getStaticAuthenticationData

@NonNull abstract fun getStaticAuthenticationData(): ByteArray

Returns the static authentication data associated with the dynamic authentication key used to sign or MAC the data returned by getAuthenticatedData().

Return
ByteArray The static authentication data associated with dynamic authentication key used to MAC the data.

getStatus

abstract fun getStatus(
    @NonNull namespaceName: String,
    @NonNull name: String
): Int

Gets the status of an entry. This returns STATUS_OK if the value was retrieved, STATUS_NO_SUCH_ENTRY if the given entry wasn't retrieved, STATUS_NOT_REQUESTED if it wasn't requested, STATUS_NOT_IN_REQUEST_MESSAGE if the request message was set but the entry wasn't present in the request message, STATUS_USER_AUTHENTICATION_FAILED if the value wasn't retrieved because the necessary user authentication wasn't performed, STATUS_READER_AUTHENTICATION_FAILED if the supplied reader certificate chain didn't match the set of certificates the entry was provisioned with, or STATUS_NO_ACCESS_CONTROL_PROFILES if the entry was configured without any access control profiles.

Parameters
namespaceName String: the namespace name of the entry.
name String: the name of the entry to get the value for.
Return
Int the status indicating whether the value was retrieved and if not, why.