kjwt-hardware-backed-processor/co.touchlab.kjwt.hardware/SecureKeyFactory

SecureKeyFactory

actual object SecureKeyFactory(source)
expect object SecureKeyFactory(source)

Platform-agnostic factory for creating hardware-backed signing keys.

Provides a single entry point for generating keys backed by the platform's secure hardware element from shared (common) code, without needing to reference platform-specific types. The underlying implementation delegates to the appropriate platform key store:

  • Android: AndroidKeyStoreSigningKey backed by the Android Keystore (TEE or StrongBox).

  • Apple (iOS/macOS): AppleKeychainSigningKey backed by the Keychain or Secure Enclave.

actual object SecureKeyFactory(source)

Functions

Link copied to clipboard
actual fun getOrCreateSecureSigningKey(keyId: String?, algorithm: SigningAlgorithm, keySizeInBits: Int, secureHardwarePreference: SecureHardwarePreference): JwsProcessor
expect fun getOrCreateSecureSigningKey(keyId: String? = null, algorithm: SigningAlgorithm = SigningAlgorithm.ES256, keySizeInBits: Int = 2048, secureHardwarePreference: SecureHardwarePreference = SecureHardwarePreference.Preferred): JwsProcessor

Returns a JwsProcessor backed by a hardware-bound signing key, creating the key if it does not already exist.

actual fun getOrCreateSecureSigningKey(keyId: String?, algorithm: SigningAlgorithm, keySizeInBits: Int, secureHardwarePreference: SecureHardwarePreference): JwsProcessor
Generated by Dokka
© 2026 Touchlab