binding/com.pingidentity.device.binding.authenticator/BiometricAuthenticator/cryptoKey

cryptoKey

open lateinit override var cryptoKey: CryptoKey

Cryptographic key configuration used for generating and managing RSA key pairs.

This property defines the parameters for cryptographic operations including:

  • Key alias: Unique identifier for the key in Android Keystore

  • Key size: RSA key size in bits (typically 2048 or 4096)

  • Algorithm: Cryptographic algorithm specifications

  • Storage location: Hardware vs software keystore preferences

The key configuration is typically set during authenticator initialization and determines how keys are generated, stored, and accessed. Changes to this property after key generation may require re-registration of the device.

Key security properties:

  • Keys are generated in Android Keystore when possible

  • Hardware backing provides tamper resistance

  • Biometric authentication required for key access

  • Automatic invalidation when biometrics change

Example configuration:

authenticator.cryptoKey = CryptoKey().apply {
    keyAlias = "device_auth_key_v1"
    keySize = 2048
    requireUserAuthentication = true
    userAuthenticationValidityDurationSeconds = 0 // Require auth for each use
}
Content copied to clipboard

See also