kiosk-ops-sdk/com.sarastarquant.kioskops.sdk.crypto/KeyRotationPolicy

KeyRotationPolicy

data class KeyRotationPolicy(val maxKeyAgeDays: Int = 365, val autoRotateEnabled: Boolean = false, val retainOldKeysForDays: Int = 90, val maxKeyVersions: Int = 5)

Policy for encryption key rotation.

Key rotation helps limit the exposure window if a key is compromised and is required by many compliance frameworks (SOC 2, FedRAMP, etc.).

Constructors

Link copied to clipboard
constructor(maxKeyAgeDays: Int = 365, autoRotateEnabled: Boolean = false, retainOldKeysForDays: Int = 90, maxKeyVersions: Int = 5)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val autoRotateEnabled: Boolean

When true, the SDK will automatically rotate keys when they exceed maxKeyAgeDays. When false, rotation is manual via VersionedCryptoProvider.rotateKey.

Link copied to clipboard
val maxKeyAgeDays: Int

Maximum age of a key before rotation is recommended. After this period, VersionedCryptoProvider.shouldRotate returns true. Set to 0 to disable age-based rotation checks.

Link copied to clipboard
val maxKeyVersions: Int

Maximum number of key versions to retain. Oldest versions beyond this limit are deleted. Set to 0 for unlimited.

Link copied to clipboard
val retainOldKeysForDays: Int

Number of days to retain old key versions for backward-compatible decryption. After this period, old keys may be deleted and data encrypted with them becomes unreadable.

Generated by Dokka
© 2026 Copyright