使用 Google 指纹 API 时,Samsung Galaxy S7 Edge 无法检测到指纹目录更改
Samsung Galaxy S7 Edge can't detect fingerprint catalog change when using Google Fingerprint API
我正在做一个指纹相关的项目,需要处理指纹目录的变更。我使用通过 setUserAuthenticationRequired(true) 选项生成的密钥来检查指纹更改。一旦注册了新指纹或不再注册指纹,密钥就应该不可逆转地失效,并且尝试使用此类密钥初始化加密操作将抛出 KeyPermanentlyInvalidatedException。
我发现它适用于 Galaxy s7,但不适用于 s7 edge。在s7 edge上,添加新指纹时仍然会验证密钥。
下面是我的代码,它来自 google FingerprintDialog 示例应用程序,您以前是否遇到过这个问题并有任何解决方案?谢谢!
/**
* Creates a symmetric key in the Android Key Store which can only be used after the user has
* authenticated with fingerprint.
*/
public void createKey() {
try {
mKeyStore.load(null);
mKeyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT |
KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
// Require the user to authenticate with a fingerprint to authorize every use
// of the key
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.build());
mKeyGenerator.generateKey();
} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
| CertificateException | IOException e) {
throw new RuntimeException(e);
}
}
/**
* Initialize the {@link Cipher} instance with the created key in the {@link #createKey()}
* method.
*/
private boolean initCipher() {
try {
mKeyStore.load(null);
SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
mCipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (KeyPermanentlyInvalidatedException e) { //It should throw this exception when adding a new fingerprint, but on s7 edge, it doesn't throw
return false;
} catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException
| NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException("Failed to init Cipher", e);
}
}
型号:SM-G935W8,
Android版本:6.0.1,
内核版本:3.18.14-8421152,
内部版本号:MMB29K。 G935W8VLU1APG1,
Android 安全补丁级别:2016 年 7 月 1 日
此问题已由三星的 OS 更新修复:Kenel 版本:3.18.14-9105000,内部版本号:MMB29K。 G935W8VLU2APG1,Android 安全补丁级别:2016 年 9 月 1 日
我正在做一个指纹相关的项目,需要处理指纹目录的变更。我使用通过 setUserAuthenticationRequired(true) 选项生成的密钥来检查指纹更改。一旦注册了新指纹或不再注册指纹,密钥就应该不可逆转地失效,并且尝试使用此类密钥初始化加密操作将抛出 KeyPermanentlyInvalidatedException。
我发现它适用于 Galaxy s7,但不适用于 s7 edge。在s7 edge上,添加新指纹时仍然会验证密钥。
下面是我的代码,它来自 google FingerprintDialog 示例应用程序,您以前是否遇到过这个问题并有任何解决方案?谢谢!
/**
* Creates a symmetric key in the Android Key Store which can only be used after the user has
* authenticated with fingerprint.
*/
public void createKey() {
try {
mKeyStore.load(null);
mKeyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT |
KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
// Require the user to authenticate with a fingerprint to authorize every use
// of the key
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.build());
mKeyGenerator.generateKey();
} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
| CertificateException | IOException e) {
throw new RuntimeException(e);
}
}
/**
* Initialize the {@link Cipher} instance with the created key in the {@link #createKey()}
* method.
*/
private boolean initCipher() {
try {
mKeyStore.load(null);
SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
mCipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (KeyPermanentlyInvalidatedException e) { //It should throw this exception when adding a new fingerprint, but on s7 edge, it doesn't throw
return false;
} catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException
| NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException("Failed to init Cipher", e);
}
}
型号:SM-G935W8, Android版本:6.0.1, 内核版本:3.18.14-8421152, 内部版本号:MMB29K。 G935W8VLU1APG1, Android 安全补丁级别:2016 年 7 月 1 日
此问题已由三星的 OS 更新修复:Kenel 版本:3.18.14-9105000,内部版本号:MMB29K。 G935W8VLU2APG1,Android 安全补丁级别:2016 年 9 月 1 日