EidKit Android SDK/ro.eidkit.sdk.config/CertSource

CertSource

sealed class CertSource

Source for the Country Signing CA (CSCA) certificate used in passive and active authentication chain verification.

The default is Bundled, which uses the csca_romania.der certificate shipped inside the SDK. Override this if you operate a private PKI, need to pin a specific certificate version, or want to fetch the latest cert from a remote endpoint.

Inheritors

Types

Link copied to clipboard
data object Bundled : CertSource

Use the CSCA certificate bundled inside the SDK (assets/certsro/csca_romania.der). This is the Romanian MAI root certificate. The SDK will be updated when MAI rotates it.

Link copied to clipboard
data class Custom(val derBytes: ByteArray) : CertSource

Use a caller-supplied DER-encoded X.509 CSCA certificate. Useful for testing, private PKI environments, or pinning a specific cert version.

Link copied to clipboard
data class Remote(val url: String) : CertSource

Fetch the CSCA certificate from a remote URL. The SDK fetches it once per process lifetime and caches it in memory. If the fetch fails, the session fails with ro.eidkit.sdk.error.CeiError.ConfigurationError.