flschweiger

04-16 17:22:15.830    1736-1771/? I/ActivityManager﹕ START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x14000000 pkg=some.package.name cmp=some.package.name/.MainActivity} from uid 10003 on display 0
04-16 17:22:15.866    1422-1962/? D/mot_vr_audio_hw﹕ dsp_recognizer_enabled = true
04-16 17:22:15.866    1416-1416/? D/ADSPD﹕ Client cmd=0x0003, size=4
04-16 17:22:15.875    1422-1962/? E/audio_a2dp_hw﹕ adev_set_parameters: ERROR: set param called even when stream out is null
04-16 17:22:15.881    1422-1422/? D/mot_vr_audio_hw﹕ open_input_stream(): devices = 0x80000004, rate = 8000, channels = 0x10
04-16 17:22:15.881    1422-1422/? D/mot_vr_audio_hw﹕ Created resampler for 16000->8000 Hz
04-16 17:22:15.887    1416-1416/? D/ADSPD﹕ Received from DSP: cmd=0x8003, size=2
04-16 17:22:15.887    1416-1416/? D/ADSPD﹕ Client cmd=0x4003, size=2
04-16 17:22:15.892    1422-2055/? D/mot_vr_audio_hw﹕ received recognition control callback, status 0
04-16 17:22:15.898    1422-5214/? I/AudioFling

flschweiger

# Built application files
*.apk
*.ap_

# Files for the Dalvik VM
*.dex

# Java class files
*.class

flschweiger

// Get the KeyGenerator instance for AES
KeyGenerator keyGenerator = KeyGenerator.getInstance(
    KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");

// Create a KeyGenParameterSpec builder and 
// set the alias and different purposes of the key
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(
    "myAwesomeSecretKey01",
    KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT);

flschweiger

// Get the AndroidKeyStore instance
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");

// Relict of the JCA API - you have to call load even
// if you do not have an input stream you want to load or it'll crash
keyStore.load(null);

// Get the SecretKey from the KeyStore and instantiate a Cipher
SecretKey secretKey = 
    (SecretKey) keyStore.getKey("myAwesomeSecretKey01", null);

flschweiger

// Init the Cipher and decrypt the ciphertext
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
byte[] decryptedBytes = 
    cipher.doFinal(encryptedBytes);

flschweiger

builder
    .setKeySize(256)
    .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
    .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
    .setUserAuthenticationRequired(true)
    .setUserAuthenticationValidityDurationSeconds(30);

flschweiger

try {
    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
    keyStore.load(null);

    SecretKey secretKey = 
        (SecretKey) keyStore.getKey(SecurityConstants.KEY_AES, null);
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");

    // The next line may throw a UserNotAuthenticatedException and
    // we need to prompt the user to authenticate again

flschweiger

private void showAuthenticationScreen() {
    Intent in = mKeyguardManager.createConfirmDeviceCredentialIntent(
                    "Hey there!", "Please...");

    if (in != null) {
        startActivityForResult(in, REQUEST_CODE_CREDENTIALS);
    }
}

flschweiger

@Override
protected void onActivityResult(int requestCode,
  int resultCode, Intent data) {
    if (requestCode == REQUEST_CODE_CREDENTIALS) {
        // Challenge completed, proceed with using cipher
        if (resultCode == RESULT_OK) {
            doSomeDecryptionHere();
        } else {
            // The user canceled or didn’t complete the lock screen
            // operation. Go to error/cancellation flow.

flschweiger

fingerprintManager = (FingerprintManager)
    getSystemService(Context.FINGERPRINT_SERVICE);

fingerprintManager.authenticate(
    @Nullable FingerprintManager.CryptoObject cryptoObject,
    @Nullable CancellationSignal cancelSignal,
    0 /* optional flags - should be 0 */, 
    FingerprintManager.AuthenticationCallback callback, 
    @Nullable Handler handler);