java - BiometricPrompt.AuthenticationResult 中的 CryptoObject 始终为 null

Question

我正在使用生物特征身份验证对话框，但我的 cryptoObject 始终为空。我有一个片段，但我也直接从活动中尝试过。

这是我的代码，

私人处理程序 biometricPromptHandler = new Handler();

private Executor executor = command -> biometricPromptHandler.post(command);
private void showBiometricPrompt( String title, String description,
                                 BiometricsCompatCallback compatCallback) {

    BiometricPrompt.PromptInfo promptInfo =
            new BiometricPrompt.PromptInfo.Builder()
                    .setTitle(title)
                    .setSubtitle(description)
                    .setNegativeButtonText("Cancel")
                    .build();

    BiometricPrompt biometricPrompt = new BiometricPrompt((FragmentActivity) context,
            executor, new BiometricPrompt.AuthenticationCallback() {
        @Override
        public void onAuthenticationError(int errorCode,
                                          @NonNull CharSequence errString) {
            super.onAuthenticationError(errorCode, errString);
            compatCallback.onAuthenticationError(errorCode, errString);
            Log.d("onAuthenticationError", ": ");
        }

        @Override
        public void onAuthenticationSucceeded(
                @NonNull BiometricPrompt.AuthenticationResult result) {
            super.onAuthenticationSucceeded(result);
            Log.d("result", ": "+(result.getCryptoObject()));
            BiometricPrompt.CryptoObject authenticatedCryptoObject =
                    result.getCryptoObject();
            Log.d("onAuthentionSucceeded", ": "+(authenticatedCryptoObject==null));
            if (authenticatedCryptoObject != null) {
                 cipher = authenticatedCryptoObject.getCipher();
                Log.d("onAuthentionSucceeded", ": ");
                compatCallback.onAuthenticationSuccessful(cipher);
            }else {
                Log.d("cipher", "onAuthenticationSucceeded: ");
            }

        }

        @Override
        public void onAuthenticationFailed() {
            Log.d("onAuthenticationFailed", ": ");
            super.onAuthenticationFailed();
            compatCallback.onAuthenticationFailed();
        }
    });


        biometricPrompt.authenticate(promptInfo);



}

有人知道我做错了什么吗？

Answer 1

您需要在authenticate方法的第二个参数中提供 Cipher ，否则它将始终返回null。

利用

authenticate(PromptInfo info, CryptoObject crypto)

代替

authenticate(PromptInfo info)

查看本教程和此存储库中的示例项目。你可以使用这样的东西：

BiometricPrompt.CryptoObject cryptoObject = new BiometricPrompt.CryptoObject(getEncryptCipher(createKey()));
biometricPrompt.authenticate(promptInfo, cryptoObject);

使用（取决于你想要的加密）：

private SecretKey createKey() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
    String algorithm = KeyProperties.KEY_ALGORITHM_AES;
    String provider = "AndroidKeyStore";
    KeyGenerator keyGenerator = KeyGenerator.getInstance(algorithm, provider);
    KeyGenParameterSpec keyGenParameterSpec = new KeyGenParameterSpec.Builder("MY_KEY", KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
            .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
            .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
            .setUserAuthenticationRequired(true)
            .build();

    keyGenerator.init(keyGenParameterSpec);
    return keyGenerator.generateKey();
}

private Cipher getEncryptCipher(Key key) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException {
    String algorithm = KeyProperties.KEY_ALGORITHM_AES;
    String blockMode = KeyProperties.BLOCK_MODE_CBC;
    String padding = KeyProperties.ENCRYPTION_PADDING_PKCS7;
    Cipher cipher = Cipher.getInstance(algorithm+"/"+blockMode+"/"+padding);
    cipher.init(Cipher.ENCRYPT_MODE, key);
    return cipher;
}

Answer 2

要获取CryptoObjectfrom ，您必须在调用时AuthenticationResult首先传入 a ，如下所示：CryptoObjectauthenticate()

// this example uses a Cipher but your code can use signature or mac
biometricPrompt.authenticate(promptInfo, BiometricPrompt.CryptoObject(cipher))

如果您在调用时没有传递 CryptoObject，authenticate()那么 API 就没有返回给您。

看看这篇博文。