ConfigurationValidationFailed

Thrown when the configuration payload failed validation (e.g., signature mismatch or invalid structure).

This error occurs when the configuration validation fails for the downloaded pinning configuration. This indicates either a security issue or a configuration problem with the credentials.

Common Causes

• Credential mismatch: Public key doesn't match the signature

• Corrupted payload: Network issues corrupted the downloaded configuration

• Tampering: Potential man-in-the-middle attack on configuration

• Service issues: Problems with TrustPin service signing

• Clock skew: Timestamp validation failures due to incorrect system time

Security Implications

• High severity: Configuration integrity compromised

• Potential attack: Configuration may have been tampered with

• Service disruption: Cannot proceed with pinning validation

• Trust breakdown: Fundamental security validation failed

Resolution Steps

1. Verify credentials: Ensure public key matches TrustPin dashboard

2. Check system time: Verify device clock is accurate

3. Test connectivity: Ensure clean network path to TrustPin service

4. Retry operation: Attempt fresh configuration download

5. Contact support: If persistent, contact TrustPin support

Diagnostic Information

try {
    trustPin.setup(/* credentials */)
 } catch (e: TrustPinError.ConfigurationValidationFailed) {
     println("Configuration validation failed - check credentials and network")
     // Log additional context:
     // - System time
     // - Network conditions
     // - Credential sources
 }

Prevention

• Credential management: Securely store and manage public keys

• Time synchronization: Ensure accurate system time via NTP

• Network monitoring: Monitor for network interference

• Validation testing: Regularly test credential validation

See also