EidKit Android SDK/ro.eidkit.sdk.model/CeiIdentityClaim

CeiIdentityClaim

data class CeiIdentityClaim(val identity: IdentityData, val personalData: PersonalData?, val passiveAuthProof: PassiveAuthProof, val activeAuthProof: ActiveAuthProof?, val issuedAt: Long, val cardSerialNumber: String?, val rawDg1: ByteArray? = null, val rawDg2: ByteArray? = null, val rawDg7: ByteArray? = null, val chipAuthProof: ChipAuthProof? = null)

A self-contained, backend-verifiable identity claim produced from a single card session.

Combines identity data with cryptographic proof material from passive and active authentication. A backend can verify this claim without re-reading the card.

Note: This type carries raw proof material. The serialization format (JWT, CBOR, or other envelope) for transmitting claims to a backend is deferred to the identity provider milestone and will be added without breaking this type's structure.

A CeiIdentityClaim is only produced when PassiveAuthStatus is PassiveAuthStatus.Valid.

Constructors

Link copied to clipboard
constructor(identity: IdentityData, personalData: PersonalData?, passiveAuthProof: PassiveAuthProof, activeAuthProof: ActiveAuthProof?, issuedAt: Long, cardSerialNumber: String?, rawDg1: ByteArray? = null, rawDg2: ByteArray? = null, rawDg7: ByteArray? = null, chipAuthProof: ChipAuthProof? = null)

Properties

Link copied to clipboard
val activeAuthProof: ActiveAuthProof?

Cryptographic proof that the chip is genuine — present only if active auth was requested and succeeded

Link copied to clipboard
val cardSerialNumber: String?

Card serial number extracted from the CE81 certificate subject (SERIALNUMBER attribute)

Link copied to clipboard
val chipAuthProof: ChipAuthProof? = null

Chip Authentication proof (BSI TR-03110 CA) — present only if chip auth was requested and succeeded

Link copied to clipboard
val identity: IdentityData

Core identity fields from the EDATA applet

Link copied to clipboard
val issuedAt: Long

Unix epoch milliseconds when this claim was created on-device

Link copied to clipboard
val passiveAuthProof: PassiveAuthProof

Cryptographic proof that the data was signed by the Romanian state

Link copied to clipboard
val personalData: PersonalData?

Extended personal data — present only if personal data was requested

Link copied to clipboard
val rawDg1: ByteArray? = null

Raw ICAO DG1 bytes (MRZ format) — contains CNP in tag 0x84, hashed in SOD

Link copied to clipboard
val rawDg2: ByteArray? = null

Raw DG2 bytes (ICAO photo container) — hashed in SOD; non-null only when photo was requested

Link copied to clipboard
val rawDg7: ByteArray? = null

Raw DG7 bytes (ICAO signature image container) — hashed in SOD; non-null only when signature image was requested