multipaz/org.multipaz.securearea/CreateKeySettings/CreateKeySettings

CreateKeySettings

constructor(algorithm: Algorithm = Algorithm.ESP256, nonce: ByteString = ByteString(), userAuthenticationRequired: Boolean = false, userAuthenticationTimeout: Duration = 0.seconds, validFrom: Instant? = null, validUntil: Instant? = null)

Parameters

algorithm

A fully specified Algorithm, e.g. Algorithm.ESP256.

nonce

a nonce, to prove freshness of the KeyAttestation produced by the SecureArea implementation. Note that not all implementations provide key attestations in which case the nonce is ignored.

userAuthenticationRequired

true if user authentication is required, false otherwise. Some SecureArea implementations may take options to control more precisely what kind of user authentication is required, for example timeouts and whether knowledge factors or inherence factors can be used.

userAuthenticationTimeout

a duration for which the key is authorized after the user successfully authenticates. If 0, authentication is required on every use. Not all SecureArea implementations supports this.

validFrom

point in time before which the key is not valid, if available.

validUntil

point in time after which the key is not valid, if available.