<img src="https://avatars1.githubusercontent.

<img src="https://avatars2.githubusercontent.com

<img src="https://avatars2.githubusercontent.co

<img src="https://avatars1.githubusercontent.co

<img src="https://avatars1.githubusercontent

<img src="https://avatars2.githubusercontent.com/u

fail to detect new fingerprint enrolled about security-samples HOT 8 CLOSED

android commented on July 24, 2024 1

fail to detect new fingerprint enrolled

from security-samples.

Comments (8)

Morteza-Rastgoo commented on July 24, 2024 2

When a new fingerprint is enrolled, with running initCipher, I expect to get KeyPermanentlyInvalidatedException but it returns true. what am I missing and how to fix this to get to know when a new fingerprint is added?

from security-samples.

codingjeremy commented on July 24, 2024 1

Comment by fkie4ibm
Thursday Nov 22, 2018 at 01:47 GMT

I can get all finger id in integers.

private void getFingerprintInfo(Context context)
{
try {
FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
Method method = FingerprintManager.class.getDeclaredMethod("getEnrolledFingerprints");
Object obj = method.invoke(fingerprintManager);

    if (obj != null) {
        Class<?> clazz = Class.forName("android.hardware.fingerprint.Fingerprint");
        Method getFingerId = clazz.getDeclaredMethod("getFingerId");

        for (int i = 0; i < ((List) obj).size(); i++)
        {
            Object item = ((List) obj).get(i);
            if(item != null)
            {
                System.out.println("fkie4. fingerId: " + getFingerId.invoke(item));
            }
        }
    }
} catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException | ClassNotFoundException e) {
    e.printStackTrace();
}

}
please refer to this: https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/hardware/fingerprint/Fingerprint.java

there is a public method getFingerId( ), but it is not available for us to call because it has "@UnsupportedAppUsage".

so you need to use reflection to call the method. after you get a list of fingerprint id, you can encrypt them and store in sharedPreference.

Finger id is the id of the fingerprints stored in setting

After you get all finger ids, you can determine if user has added/deleted a fingerprint.

No need to count on the KeyPermanentlyInvalidatedException. It is not thrown in Android 8.0

Google didn't do such a good job....

from security-samples.

codingjeremy commented on July 24, 2024

Comment by thagikura
Monday Sep 05, 2016 at 12:54 GMT

Hi,

Let me confirm, the expected behavior of enrolling a new fingerprint for the app is asking you the password with a checkbox saying use fingerprint in future.

So when you do like following:

Enroll a fingerprint 1
Open the app
Purchase the item with the fingerprint, then succeed. (Keep the app open)
Enroll another fingerprint 2
Purchase the item in the app
The app asks you the password

When I tried the app in my end, it worked correctly.
Could you confirm the behavior and let me know if it still doesn't work?

from security-samples.

codingjeremy commented on July 24, 2024

Comment by jiazhao2048
Tuesday Sep 06, 2016 at 04:12 GMT

Thanks for reply.

You can reproduce the bug I found in this way

Enroll a fingerprint 1
Open the app
Purchase the item with the fingerprint, then succeed.
** Kill the app ( it means you exit the app totally )
Enroll another fingerprint 2
Purchase the item in the app with fingerprint2, then succeed.

I read the source code and found the reason.

The creatKey( ) function is called in MainActivity->onCreate() method. Thus when the app relaunch the key is regenerated and the app can't detect the change of the fingerprint.

I creat a variate to keep the status the app's first launch and use it to decise call createKey() or not. It works as expected.

from security-samples.

codingjeremy commented on July 24, 2024

Comment by jiazhao2048
Tuesday Sep 06, 2016 at 04:47 GMT

By the way I also found that the app won't require me to input the password when I delete an exsitent fingerprint.

Enroll fingerprint1
Enroll fingerprint2
launch the app and I can purchase with fingerprint1/fingerprint2 as expect
keep the app open and delete the fingerprint2
purchase item with fingerprint1 successfully
fail to purchase item with fingerprint2

I'm curious about how the app works. As I known the creatKey( ) is called at first time the app launch . How the key store in the app?

Do I ask a bad question?
Can you give me some useful information?

from security-samples.

codingjeremy commented on July 24, 2024

Comment by coobing17
Thursday Apr 05, 2018 at 04:24 GMT

"I creat a variate to keep the status the app's first launch and use it to decise call createKey() or not. It works as expected."

can you tell me your variate code... @jiazhao2048

from security-samples.

codingjeremy commented on July 24, 2024

Comment by IsracardTeam
Tuesday Apr 10, 2018 at 12:53 GMT

@bill-yudhistira @jiazhao2048 did you find a solution for this ?

from security-samples.

codingjeremy commented on July 24, 2024

Comment by ddeath
Monday Dec 03, 2018 at 13:59 GMT

@thagikura I tried it with your flow and it did not ask for a password. I was using phone with android 7.

from security-samples.

fail to detect new fingerprint enrolled about security-samples HOT 8 CLOSED

Comments (8)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent