generate
Generate a device key for provisioning a new mobile credential.
The key generated uses the NIST P-256 curve and leverages the android key store for cryptographic operation execution. In all cases the generated key will be generated with the ability to produce digital signatures using the ECDSA algorithm, making it usable with the signature device authentication method as specified in ISO 18013-5. If the application consuming the SDK is running on a device using API level 31 (build code 'S') or greater, the generated key will also have the ability to perform key agreement making it usable with the ECDH agreed MAC device authentication method.
This function requires user authentication if the user has not been authenticated within the last 30 seconds. If a suitable user authentication mechanism is not setup on the device OR authentication fails for some reason, suitable errors will be thrown.
If the popOptions parameter is supplied a proof-of-posession (PoP) using the device private key is returned as a part of GeneratedDeviceKeyResult. The PoP itself takes the form of a JSON Web Token as per IETF RFC 7519.
Return
Information on the generated device key represented as GeneratedDeviceKeyResult which includes the public key and optionally a proof-of-posession (pop) of the associated private key
Parameters
Android activity used to perform user authentication
OPTIONAL If supplied specifies how to generate a proof-of-posession (PoP) of the device private key, if not supplied no JWT is generated
Throws
If the SDK API is called before the SDK is initialised.
If the user has not set up authentication.
If the user cancels the authentication process.
If biometric authentication is locked out.
For general authentication failures.
If deviceKey generation fails.
If user key has been compromised.