Enum Class KeyProtectionType
- All Implemented Interfaces:
Serializable
,Comparable<KeyProtectionType>
,Constable
The KEY_PROTECTION constants are flags in a bit field represented as a 16 bit long integer. They
describe the method an authenticator uses to protect the private key material for FIDO
registrations. Refer to [UAFAuthnrCommands] for more details on the relevance of keys and key
protection. These constants are reported and queried through the UAF Discovery APIs and used to
form authenticator policies in UAF protocol messages. Each constant has a case-sensitive string
representation (in quotes), which is used in the authoritative metadata for FIDO authenticators.
-
Nested Class Summary
Nested classes/interfaces inherited from class java.lang.Enum
Enum.EnumDesc<E extends Enum<E>>
-
Enum Constant Summary
Enum ConstantDescriptionThis flag SHOULD be set if the authenticator uses hardware-based key management.This flag MUST be set if the authenticator does not store (wrapped) UAuth keys at the client, but relies on a server-provided key handle.This flag SHOULD be set if the authenticator uses a Secure Element [SecureElement] for key management.This flag MUST be set if the authenticator uses software-based key management.This flag SHOULD be set if the authenticator uses the Trusted Execution Environment [TEE] for key management. -
Method Summary
Modifier and TypeMethodDescriptionstatic KeyProtectionType
static KeyProtectionType
fromValue
(short value) getName()
short
getValue()
static KeyProtectionType
Returns the enum constant of this class with the specified name.static KeyProtectionType[]
values()
Returns an array containing the constants of this enum class, in the order they are declared.
-
Enum Constant Details
-
KEY_PROTECTION_SOFTWARE
This flag MUST be set if the authenticator uses software-based key management. Exclusive in authenticator metadata withKEY_PROTECTION_HARDWARE
,KEY_PROTECTION_TEE
,KEY_PROTECTION_SECURE_ELEMENT
.NOTE: The above requirements apply to authenticators; this library DOES NOT enforce them.
-
KEY_PROTECTION_HARDWARE
This flag SHOULD be set if the authenticator uses hardware-based key management. Exclusive in authenticator metadata withKEY_PROTECTION_SOFTWARE
.NOTE: The above requirements apply to authenticators; this library DOES NOT enforce them.
-
KEY_PROTECTION_TEE
This flag SHOULD be set if the authenticator uses the Trusted Execution Environment [TEE] for key management. In authenticator metadata, this flag should be set in conjunction withKEY_PROTECTION_HARDWARE
. Mutually exclusive in authenticator metadata withKEY_PROTECTION_SOFTWARE
,KEY_PROTECTION_SECURE_ELEMENT
.NOTE: The above requirements apply to authenticators; this library DOES NOT enforce them.
-
KEY_PROTECTION_SECURE_ELEMENT
This flag SHOULD be set if the authenticator uses a Secure Element [SecureElement] for key management. In authenticator metadata, this flag should be set in conjunction withKEY_PROTECTION_HARDWARE
. Mutually exclusive in authenticator metadata withKEY_PROTECTION_TEE
,KEY_PROTECTION_SOFTWARE
.NOTE: The above requirements apply to authenticators; this library DOES NOT enforce them.
-
KEY_PROTECTION_REMOTE_HANDLE
This flag MUST be set if the authenticator does not store (wrapped) UAuth keys at the client, but relies on a server-provided key handle. This flag MUST be set in conjunction with one of the other KEY_PROTECTION flags to indicate how the local key handle wrapping key and operations are protected. Servers MAY unset this flag in authenticator policy if they are not prepared to store and return key handles, for example, if they have a requirement to respond indistinguishably to authentication attempts against userIDs that do and do not exist. Refer to [UAFProtocol] for more details.NOTE: The above requirements apply to authenticators; this library DOES NOT enforce them.
-
-
Method Details
-
values
Returns an array containing the constants of this enum class, in the order they are declared.- Returns:
- an array containing the constants of this enum class, in the order they are declared
-
valueOf
Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)- Parameters:
name
- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
IllegalArgumentException
- if this enum class has no constant with the specified nameNullPointerException
- if the argument is null
-
fromValue
- Returns:
- If
value
matches anyKeyProtectionType
constant, returns that constant instance. Otherwise throwsIllegalArgumentException
.
-
fromName
- Returns:
- If
name
matches anyKey
constant, returns that constant instance. Otherwise throwsIllegalArgumentException
.
-
getValue
public short getValue() -
getName
-