我正在处理与指纹相关的项目,需要处理指纹目录更改。我使用secrete key生成setUserAuthenticationRequired(true)选项来检查指纹变化。一旦注册了新指纹,或者一旦注册了指纹,就不可避免地使密钥无效。尝试使用这些密钥初始化加密操作将导致KeyPermanentlyInvalidatedException。
我发现它可以在Galaxy s7上运行,但它并没有在s7边缘上工作。在s7边缘,添加新指纹时仍然会验证密钥。
以下是我的代码,它来自Google FingerprintDialog示例应用程序,您之前是否看到此问题并有任何解决方案?谢谢!
/**
* Creates a symmetric key in the Android Key Store which can only be used after the user has
* authenticated with fingerprint.
*/
public void createKey() {
try {
mKeyStore.load(null);
mKeyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT |
KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
// Require the user to authenticate with a fingerprint to authorize every use
// of the key
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.build());
mKeyGenerator.generateKey();
} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
| CertificateException | IOException e) {
throw new RuntimeException(e);
}
}
/**
* Initialize the {@link Cipher} instance with the created key in the {@link #createKey()}
* method.
*/
private boolean initCipher() {
try {
mKeyStore.load(null);
SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
mCipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (KeyPermanentlyInvalidatedException e) { //It should throw this exception when adding a new fingerprint, but on s7 edge, it doesn't throw
return false;
} catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException
| NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException("Failed to init Cipher", e);
}
}
型号:SM-G935W8, Android版本:6.0.1, Kenel版本:3.18.14-8421152, 内部版本号:MMB29K。 G935W8VLU1APG1, Android安全补丁级别:2016年7月1日
答案 0 :(得分:2)
此问题已由三星的操作系统更新修复:Kenel版本:3.18.14-9105000,内部版本号:MMB29K。 G935W8VLU2APG1,Android安全补丁级别:2016年9月1日