binding/com.pingidentity.device.binding.authenticator/Attestation/Default

Default

class Default(challenge: ByteArray) : Attestation

Hardware-backed attestation with cryptographic challenge verification.

This attestation type requires hardware-backed key generation and provides cryptographic proof that keys are stored in a trusted execution environment. The attestation includes a challenge to ensure freshness and prevent replay attacks.

Characteristics:

  • Requires hardware security module (HSM) or secure enclave

  • Provides cryptographic proof of key security properties

  • Includes anti-replay protection via challenge verification

  • Highest security assurance available

Example:

val challenge = getServerChallenge() // From authentication server
val attestation = Attestation.Default(challenge)
val authenticator = BiometricAuthenticator()
val result = authenticator.register(context, attestation)
Content copied to clipboard

Parameters

challenge

Cryptographic challenge provided by the relying party. This challenge is included in the attestation statement to prove the freshness of the attestation and prevent replay attacks. Must be cryptographically random.

Throws

if challenge is empty or invalid

Constructors

Link copied to clipboard
constructor(challenge: ByteArray)