ID of the saved mobile credential.
The following sequence of verification steps is performed, as per ISO/IEC 18013-5:2021:
Device Key Validation:
Ensures the device key cryptographic curve is supported by the SDK.
Issuer Data Authentication:
Executes the issuer's data authentication procedure defined in section 9.3.1 of ISO/IEC 18013-5:2021:
- MSO Header Validation: Validates the certificate found in the MSO (Mobile Security Object) header.
- Signer Certificate Verification: Verifies the Signer Certificate (as specified in Section 9.3.3 and Table B.3 of ISO/IEC 18013-5:2021).
- IssuerAuth Digital Signature Verification: Verifies the digital signature of the IssuerAuth structure.
- Verify Value Digest: Ensures the integrity and correctness of the value digest.
- ValidityInfo Structure Validation: Ensures all elements in the ValidityInfo structure meet the defined standards.
DocType-Specific Validation:
Performs additional validation steps specific to the credential's docType.
for mDLs this includes:
- Confirms the mDL signer's certificate maximum validity period is within limits (up to 457 days).
- Ensures the mDL signer certificate has the correct ExtKeyUsage (ISO/IEC 18013-5:2021 B.1.4).
- Confirms the mDL signer certificate set its key usage for digital signatures exclusively.
- Verifies the mDL signer certificate was issued from the correct location.
Add a mobile credential to storage.