Added in API level 33

Summary: Ctors | Methods | Inherited Methods

CredentialDataRequest.Builder

Kotlin |Java

public static final class CredentialDataRequest.Builder
extends Object

java.lang.Object
↳	android.security.identity.CredentialDataRequest.Builder

A builder for CredentialDataRequest.

Summary

Public constructors
`Builder()` Creates a new builder.

Public methods
`CredentialDataRequest`	`build()` Finishes building a `CredentialDataRequest`.
`CredentialDataRequest.Builder`	`setAllowUsingExhaustedKeys(boolean allowUsingExhaustedKeys)` Sets whether to allow using an authentication key which use count has been exceeded.
`CredentialDataRequest.Builder`	`setAllowUsingExpiredKeys(boolean allowUsingExpiredKeys)` Sets whether to allow using an authentication key which is expired.
`CredentialDataRequest.Builder`	`setDeviceSignedEntriesToRequest(Map<String, Collection<String>> entriesToRequest)` Sets the device-signed entries to request.
`CredentialDataRequest.Builder`	`setIncrementUseCount(boolean incrementUseCount)` Sets whether to increment the use-count for the authentication key used.
`CredentialDataRequest.Builder`	`setIssuerSignedEntriesToRequest(Map<String, Collection<String>> entriesToRequest)` Sets the issuer-signed entries to request.
`CredentialDataRequest.Builder`	`setReaderSignature(byte[] readerSignature)` Sets the reader signature.
`CredentialDataRequest.Builder`	`setRequestMessage(byte[] requestMessage)` Sets the request message CBOR.

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeoutMillis, int nanos)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait(long timeoutMillis)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait()` Causes the current thread to wait until it is awakened, typically by being notified or interrupted.

Public constructors

Builder

Added in API level 33

public Builder ()

Creates a new builder.

Public methods

build

Added in API level 33

public CredentialDataRequest build ()

Finishes building a CredentialDataRequest.

Returns
`CredentialDataRequest`	the `CredentialDataRequest` object. This value cannot be `null`.

setAllowUsingExhaustedKeys

Added in API level 33

public CredentialDataRequest.Builder setAllowUsingExhaustedKeys (boolean allowUsingExhaustedKeys)

Sets whether to allow using an authentication key which use count has been exceeded.

This is useful in situations where the application hasn't had a chance to renew authentication keys, for example if the device hasn't been connected to the Internet or if the issuing authority server has been down.

The reason this could be useful is that the privacy risk of reusing an authentication key for a credential presentation could be significantly smaller compared to the inconvenience of not being able to present the credential at all.

By default this is set to true.

Parameters
`allowUsingExhaustedKeys`	`boolean`: whether to allow using an authentication key which use count has been exceeded if no other key is available.

Returns
`CredentialDataRequest.Builder`	the builder. This value cannot be `null`.

setAllowUsingExpiredKeys

Added in API level 33

public CredentialDataRequest.Builder setAllowUsingExpiredKeys (boolean allowUsingExpiredKeys)

Sets whether to allow using an authentication key which is expired.

The reason this could be useful is that many verifiers are likely to accept a credential presentation using an expired authentication key (the credential itself wouldn't be expired) and it's likely better for the holder to be able to do this than not present their credential at all.

By default this is set to false.

Parameters
`allowUsingExpiredKeys`	`boolean`: whether to allow using an authentication key which is expired if no other key is available.

Returns
`CredentialDataRequest.Builder`	the builder. This value cannot be `null`.

setDeviceSignedEntriesToRequest

Added in API level 33

public CredentialDataRequest.Builder setDeviceSignedEntriesToRequest (Map<String, Collection<String>> entriesToRequest)

Sets the device-signed entries to request.

Parameters
`entriesToRequest`	`Map`: the device-signed entries to request. This value cannot be `null`.

Returns
`CredentialDataRequest.Builder`	This value cannot be `null`.

setIncrementUseCount

Added in API level 33

public CredentialDataRequest.Builder setIncrementUseCount (boolean incrementUseCount)

Sets whether to increment the use-count for the authentication key used.

Not incrementing the use-count for an authentication key is useful in situations where the authentication key is known with certainty to not be leaked. For example, consider an application doing a credential presentation for the sole purpose of displaying the credential data to the user (not for verification).

By default this is set to true.

Parameters
`incrementUseCount`	`boolean`: whether to increment the use count of the authentication key used.

Returns
`CredentialDataRequest.Builder`	the builder. This value cannot be `null`.

setIssuerSignedEntriesToRequest

Added in API level 33

public CredentialDataRequest.Builder setIssuerSignedEntriesToRequest (Map<String, Collection<String>> entriesToRequest)

Sets the issuer-signed entries to request.

Parameters
`entriesToRequest`	`Map`: the issuer-signed entries to request. This value cannot be `null`.

Returns
`CredentialDataRequest.Builder`	the builder. This value cannot be `null`.

setReaderSignature

Added in API level 33

public CredentialDataRequest.Builder setReaderSignature (byte[] readerSignature)

Sets the reader signature.

This data structure is described in the documentation for the PresentationSession#getCredentialData(String, CredentialDataRequest) method.

Parameters
`readerSignature`	`byte`: a `COSE_Sign1` structure as described above. This value cannot be `null`.

Returns
`CredentialDataRequest.Builder`	the builder. This value cannot be `null`.

setRequestMessage

Added in API level 33

public CredentialDataRequest.Builder setRequestMessage (byte[] requestMessage)

Sets the request message CBOR.

This data structure is described in the documentation for the PresentationSession#getCredentialData(String, CredentialDataRequest) method.

Parameters
`requestMessage`	`byte`: the request message CBOR as described above. This value cannot be `null`.

Returns
`CredentialDataRequest.Builder`	the builder. This value cannot be `null`.