Skip to content

Instantly share code, notes, and snippets.

@Tanapruk

Tanapruk/FingerPrintValidation.java

Last active January 19, 2017 10:41
Show Gist options
  • Save Tanapruk/1154011542739c223c0cf59997867b15 to your computer and use it in GitHub Desktop.
Save Tanapruk/1154011542739c223c0cf59997867b15 to your computer and use it in GitHub Desktop.
Download ZIP
Fingerprint scanner API
Raw
FingerPrintValidation.java
/**
*init service to check whether the phone use any security
*/
KeyguardManager keyguardManager = getSystemService(KeyguardManager.class);
/**
* if no keyguard then you cannot use fingerprint scanner.
*/
if (!keyguardManager.isKeyguardSecure()) {
// Show a message that the user hasn't set up a fingerprint or lock screen.
Toast.makeText(this,
"Secure lock screen hasn't set up.\n"
+ "Go to 'Settings -> Security -> Fingerprint' to set up a fingerprint",
Toast.LENGTH_LONG).show();
purchaseButton.setEnabled(false);
return;
}
/**
*If user use keyguardManager then check whether user register his/her finger as a login validator
*/
FingerprintManager fingerprintManager = getSystemService(FingerprintManager.class);
if (!fingerprintManager.hasEnrolledFingerprints()) {
purchaseButton.setEnabled(false);
// This happens when no fingerprints are registered.
Toast.makeText(this,
"Go to 'Settings -> Security -> Fingerprint' and register at least one fingerprint",
Toast.LENGTH_LONG).show();
return;
}
Raw
GenerateEncryptedKeyAndRetrieveKeyFromDatabase.md

###Important Classes

  • KeyStore as the name suggests it retrives key from storage.
  • KeyGenerator generate unique key through KeyGenParameterSpec.Builder
  • Cipher an alogorithm to encrypt and decrypt key from the KeyGenerator

###Usage Initialize related objects. KeyStore and KeyGenerator will be used together. Create a cipher object and specific encryption algorithm. ####1. Initialization

KeyStore mKeyStore = KeyStore.getInstance("AndroidKeyStore");
KeyGenerator mKeyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");
private final String KEY_CIPHER_ALGORITHM_MODE = String.format("%s/%s/%s", KeyProperties.KEY_ALGORITHM_AES, KeyProperties.BLOCK_MODE_CBC, KeyProperties.ENCRYPTION_PADDING_PKCS7);
Cipher mCipher = Cipher.getInstance(KEY_CIPHER_ALGORITHM_MODE);

####2. Generate Key Load KeyStore and generate key with a specific spec through KeyGenParameterSpec.Builder. Since fingerprint is available only on api 24+ so we check it with the builder.

//load first param with no specific parameter.
mKeyStore.load(null)

//generate key with specific spec through KeyGenParameterSpec.Builder
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(
      "default_key",
      KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
      .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
      // Require the user to authenticate with a fingerprint to authorize every use
      // of the key
      .setUserAuthenticationRequired(true)
      .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7);
// This is a workaround to avoid crashes on devices whose API level is < 24
// because KeyGenParameterSpec.Builder#setInvalidatedByBiometricEnrollment is only
// visible on API level +24.
// Ideally there should be a compat library for KeyGenParameterSpec.Builder but
// which isn't available yet.
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
    builder.setInvalidatedByBiometricEnrollment(true);
}
mKeyGenerator.init(builder.build());
mKeyGenerator.generateKey();

####3. Encryption Use mKeyStore to get a SecretKey and encrypt the keyusing mCipher

mKeyStore.load(null);
SecretKey key = (SecretKey) mKeyStore.getKey("default_key", null);
mCipher.init(Cipher.ENCRYPT_MODE, key);

####4.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment