identity/com.midnight.kuira.core.identity.passkey/PasskeyManager

PasskeyManager

class PasskeyManager(config: PasskeyConfig)

Manages passkey creation and authentication via Android CredentialManager.

This is Mode 1 (client mode) — the app calls the system CredentialManager, and Google Password Manager (or another provider) generates and holds the P-256 private key. We never see the private key. We get the public key from the attestation response.

The passkey is the root of the sigil's identity facet.

Note: Both createPasskey and authenticate require an Activity context because the CredentialManager shows system UI (biometric prompt, account selector).

Constructors

Link copied to clipboard
constructor(config: PasskeyConfig)

Types

Link copied to clipboard
object Companion

Functions

Link copied to clipboard
suspend fun authenticate(activity: Activity, challenge: ByteArray): PasskeyAssertionResult

Authenticates with an existing passkey (assertion ceremony).

Link copied to clipboard
suspend fun authenticateWithPrf(activity: Activity, challenge: ByteArray, prfSalt: ByteArray, prfSaltSecond: ByteArray? = null): PrfAssertionResult

Authenticates with PRF extension — produces a deterministic secret from the passkey.

Link copied to clipboard
suspend fun createPasskey(activity: Activity, userId: ByteArray, userName: String, prfSalt: ByteArray? = null, prfSaltSecond: ByteArray? = null): PasskeyRegistrationResult

Creates a new passkey (registration ceremony).