multipaz-android-legacy/com.android.identity.android.legacy/Utility/encodeStaticAuthData

encodeStaticAuthData

@NonNull
open fun encodeStaticAuthData(@NonNull issuerSignedMapping: Map<String, List<Array<Byte>>>, @NonNull encodedIssuerAuth: Array<Byte>): Array<Byte>

Helper to encode digest-id mapping and issuerAuth CBOR into a single byte array.

The resulting byte array can be stored as staticAuthData using storeStaticAuthenticationData and returned using getStaticAuthenticationData at presentation time.

Use decodeStaticAuthData for the reverse operation.

The returned data are the bytes of CBOR with the following CDDL: 

    StaticAuthData = {
        "digestIdMapping": DigestIdMapping,
        "issuerAuth" : IssuerAuth
    }

    DigestIdMapping = {
        NameSpace => [ + IssuerSignedItemBytes ]
    }

    ; Defined in ISO 18013-5
    ;
    NameSpace = String
    DataElementIdentifier = String
    DigestID = uint
    IssuerAuth = COSE_Sign1 ; The payload is MobileSecurityObjectBytes

    IssuerSignedItemBytes = #6.24(bstr .cbor IssuerSignedItem)

    IssuerSignedItem = {
      "digestID" : uint,                           ; Digest ID for issuer data auth
      "random" : bstr,                             ; Random value for issuer data auth
      "elementIdentifier" : DataElementIdentifier, ; Data element identifier
      "elementValue" : NULL                        ; Placeholder for Data element value
    }
Content copied to clipboard

Note that the the byte[] arrays returned in the list of map values are the bytes of IssuerSignedItem, not IssuerSignedItemBytes.

Return

the bytes of the CBOR described above.

Parameters

issuerSignedMapping

A mapping from namespaces into a list of the bytes of IssuerSignedItem (not tagged). The elementValue key must be present and set to the NULL value.

encodedIssuerAuth

The bytes of COSE_Sign1 signed by the issuing authority and where the payload is set to bytes of MobileSecurityObjectBytes.