Android 添加指纹检测新手指
Android fingerprint detect new finger added
在我的应用程序中 he/she 验证手指后,如何检测用户是否将新指纹添加到 Android 设置?
即iOS 有一个叫做 (evaluatedPolicyDomainState) 的东西来检测指纹目录中的变化 Android 中的替代方案是什么?
出于安全原因,在这种情况下需要提示密码
您无法从您的应用添加新指纹。
在您的应用程序中,您只能访问 Auth Fingerprint Method,该方法通过 keyStore 检查已注册的指纹。
来自 setUserAuthenticationRequired 的文档:
The key will become irreversibly invalidated once the secure lock screen is disabled (reconfigured to None, Swipe or other mode which does not authenticate the user) or when the secure lock screen is forcibly reset (e.g., by a Device Administrator). Additionally, if the key requires that user authentication takes place for every use of the key, it is also irreversibly invalidated once a new fingerprint is enrolled or once no more fingerprints are enrolled, unless setInvalidatedByBiometricEnrollment(boolean) is used to allow validity after enrollment. Attempts to initialize cryptographic operations using such keys will throw KeyPermanentlyInvalidatedException.
因此,要检查自您创建指纹关联密钥后是否已注册任何新指纹,只需使用该密钥创建密码并尝试 init 密码。如果已注册任何新指纹,init 调用应触发 KeyPermanentlyInvalidatedException.
我可以得到所有整数的手指 ID。
private void getFingerprintInfo(Context context)
{
try {
FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
Method method = FingerprintManager.class.getDeclaredMethod("getEnrolledFingerprints");
Object obj = method.invoke(fingerprintManager);
if (obj != null) {
Class<?> clazz = Class.forName("android.hardware.fingerprint.Fingerprint");
Method getFingerId = clazz.getDeclaredMethod("getFingerId");
for (int i = 0; i < ((List) obj).size(); i++)
{
Object item = ((List) obj).get(i);
if(item != null)
{
System.out.println("fkie4. fingerId: " + getFingerId.invoke(item));
}
}
}
} catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException | ClassNotFoundException e) {
e.printStackTrace();
}
}
有一个 public 方法 getFingerId( ),但我们无法调用它,因为它有“@UnsupportedAppUsage”。
所以需要使用反射来调用方法。获取指纹ID列表后,您可以将它们加密并存储在sharedPreference中。
Finger id为setting中保存的指纹的id
获得所有手指 ID 后,您可以确定用户是否有 added/deleted 指纹。
无需依赖 KeyPermanentlyInvalidatedException。 Android 8.0
中没有抛出
祝你好运!!!...
不相信google做的这么差
/**
* Generate NIST P-256 EC Key pair for signing and verification
*
* @param keyName
* @param invalidatedByBiometricEnrollment
* @return
* @throws Exception
*/
@TargetApi(Build.VERSION_CODES.P)
private KeyPair generateKeyPair(String keyName, boolean invalidatedByBiometricEnrollment) throws Exception {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore");
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(keyName,
KeyProperties.PURPOSE_SIGN)
.setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"))
.setDigests(KeyProperties.DIGEST_SHA256,
KeyProperties.DIGEST_SHA384,
KeyProperties.DIGEST_SHA512)
// Require the user to authenticate with a biometric to authorize every use of the key
.setUserAuthenticationRequired(true)
.setInvalidatedByBiometricEnrollment(invalidatedByBiometricEnrollment);
keyPairGenerator.initialize(builder.build());
return keyPairGenerator.generateKeyPair();
}
在我的应用程序中 he/she 验证手指后,如何检测用户是否将新指纹添加到 Android 设置?
即iOS 有一个叫做 (evaluatedPolicyDomainState) 的东西来检测指纹目录中的变化 Android 中的替代方案是什么?
出于安全原因,在这种情况下需要提示密码
您无法从您的应用添加新指纹。
在您的应用程序中,您只能访问 Auth Fingerprint Method,该方法通过 keyStore 检查已注册的指纹。
来自 setUserAuthenticationRequired 的文档:
The key will become irreversibly invalidated once the secure lock screen is disabled (reconfigured to None, Swipe or other mode which does not authenticate the user) or when the secure lock screen is forcibly reset (e.g., by a Device Administrator). Additionally, if the key requires that user authentication takes place for every use of the key, it is also irreversibly invalidated once a new fingerprint is enrolled or once no more fingerprints are enrolled, unless
setInvalidatedByBiometricEnrollment(boolean)is used to allow validity after enrollment. Attempts to initialize cryptographic operations using such keys will throw KeyPermanentlyInvalidatedException.
因此,要检查自您创建指纹关联密钥后是否已注册任何新指纹,只需使用该密钥创建密码并尝试 init 密码。如果已注册任何新指纹,init 调用应触发 KeyPermanentlyInvalidatedException.
我可以得到所有整数的手指 ID。
private void getFingerprintInfo(Context context)
{
try {
FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
Method method = FingerprintManager.class.getDeclaredMethod("getEnrolledFingerprints");
Object obj = method.invoke(fingerprintManager);
if (obj != null) {
Class<?> clazz = Class.forName("android.hardware.fingerprint.Fingerprint");
Method getFingerId = clazz.getDeclaredMethod("getFingerId");
for (int i = 0; i < ((List) obj).size(); i++)
{
Object item = ((List) obj).get(i);
if(item != null)
{
System.out.println("fkie4. fingerId: " + getFingerId.invoke(item));
}
}
}
} catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException | ClassNotFoundException e) {
e.printStackTrace();
}
}
有一个 public 方法 getFingerId( ),但我们无法调用它,因为它有“@UnsupportedAppUsage”。
所以需要使用反射来调用方法。获取指纹ID列表后,您可以将它们加密并存储在sharedPreference中。
Finger id为setting中保存的指纹的id
获得所有手指 ID 后,您可以确定用户是否有 added/deleted 指纹。
无需依赖 KeyPermanentlyInvalidatedException。 Android 8.0
中没有抛出祝你好运!!!...
不相信google做的这么差
/**
* Generate NIST P-256 EC Key pair for signing and verification
*
* @param keyName
* @param invalidatedByBiometricEnrollment
* @return
* @throws Exception
*/
@TargetApi(Build.VERSION_CODES.P)
private KeyPair generateKeyPair(String keyName, boolean invalidatedByBiometricEnrollment) throws Exception {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore");
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(keyName,
KeyProperties.PURPOSE_SIGN)
.setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"))
.setDigests(KeyProperties.DIGEST_SHA256,
KeyProperties.DIGEST_SHA384,
KeyProperties.DIGEST_SHA512)
// Require the user to authenticate with a biometric to authorize every use of the key
.setUserAuthenticationRequired(true)
.setInvalidatedByBiometricEnrollment(invalidatedByBiometricEnrollment);
keyPairGenerator.initialize(builder.build());
return keyPairGenerator.generateKeyPair();
}