multipaz-android-legacy/com.android.identity.android.legacy/PresentationSession/getCredentialData

getCredentialData

@Nullable
abstract fun getCredentialData(@NonNull credentialName: String, @NonNull request: CredentialDataRequest): CredentialDataResult

Retrieves data from a named credential in the current presentation session.

If an access control check fails for one of the requested entries or if the entry doesn't exist, the entry is simply not returned. The application can detect this by using the getStatus method on each of the requested entries.

The application should not make any assumptions on whether user authentication is needed. Instead, the application should request the data elements values first and then examine the returned CredentialDataResult. If STATUS_USER_AUTHENTICATION_FAILED is returned the application should call getCryptoObject and use the returned androidx.biometric.BiometricPrompt.CryptoObject with a androidx.biometric.BiometricPrompt. Upon successful authentication the application may call getCredentialData again.

It is permissible to call this method multiple times using the same credential name. If this is done the same auth-key will be used.

If the reader signature is set in the request parameter (via the setReaderSignature method) it must contain the bytes of a COSE_Sign1 structure as defined in RFC 8152. For the payload nil shall be used and the detached payload is the ReaderAuthenticationBytes CBOR described below. 

    ReaderAuthentication = [
      "ReaderAuthentication",
      SessionTranscript,
      ItemsRequestBytes
    ]

    ItemsRequestBytes = #6.24(bstr .cbor ItemsRequest)

    ReaderAuthenticationBytes = #6.24(bstr .cbor ReaderAuthentication)
Content copied to clipboard

where ItemsRequestBytes are the bytes of the request message set in the request parameter (via the setRequestMessage method).

The public key corresponding to the key used to make the signature, can be found in the x5chain unprotected header element of the COSE_Sign1 structure (as as described in draft-ietf-cose-x509-08). There will be at least one certificate in said element and there may be more (and if so, each certificate must be signed by its successor).

Data elements protected by reader authentication are returned if, and only if, requestMessage is signed by the top-most certificate in the reader's certificate chain, and the data element is configured with an AccessControlProfile configured with an X.509 certificate for a key which appear in the certificate chain.

Note that the request message CBOR is used only for enforcing reader authentication, it's not used for determining which entries this API will return. The application is expected to have parsed the request message and filtered it according to user preference and/or consent.

Return

If the credential wasn't found, returns null. Otherwise a CredentialDataResult object containing entry data organized by namespace and a cryptographically authenticated representation of the same data, bound to the current session.

Parameters

credentialName

the name of the credential to retrieve.

request

the data to retrieve from the credential

Throws

if authentication keys were never provisioned for the credential or if they are expired or exhausted their use-count.

if the requestMessage is malformed.

if the reader signature is invalid, or it doesn't contain a certificate chain, or if the signature failed to validate.

if the ephemeral public key was not found in the session transcript.

if the credential has been invalidated