To make it easier for the newcomers:
This library is deprecated since the release of the androidx library for the BiometricPrompt API.

If you want to combine the BiometricPrompt API with a symmetric key,
then you can have a look at this fully functional Kotlin implementation:
https://github.com/fkirc/secure-zip-notes/

After going through the sample,

I am still curious about what is the use of passing cryptoObject to authenticate api of FingerprintManager.

If we see the code here, it stores the reference to cryptoObject in a field which it uses only at one place : to create the AuthenticationResult when authenticatin succeeds (see here).

Also, apart from this, it uses the cryptoObject's getOpId method to set some sessionId that it passes to authenticate api of IFingerprintService.

What's this OpId? I guess this is the thing that makes all difference, but I've no clue what it is and can't seem to find any documentation :-/

This question has been asked here, here and here but I didn't find a good answer in all the places.

How do I decrypt the string encrypted in this sample, when I use below code I get exception

SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
mCipher.init(Cipher.DECRYPT_MODE, key);
String password = new String(mCipher.doFinal(encryptedStr), "UTF-8"));

java.security.InvalidKeyException: IV required when decrypting. Use IvParameterSpec or AlgorithmParameters to provide it.

Ok, I added IvParameterSpec like below but I get Caller-provided IV not permitted

Encryption - throws exception

mCipher.init(Cipher.ENCRYPT_MODE, key, ivParams);


Decryption - returns null

byte[] iv = new byte[mCipher.getBlockSize()];
random.nextBytes(b);

IvParameterSpec ivParams = new IvParameterSpec(iv);

SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
mCipher.init(Cipher.DECRYPT_MODE, key, ivParams);
byte[] output = mCipher.doFinal();

java.security.InvalidAlgorithmParameterException: Caller-provided IV not permitted when encrypting.

Any suggestions to decrypt the string encrypted using the sample in this example?

I have two questions:

1. If I register a fingerprint using the ADB command on a Nexus 5X emulator, it registers within the sample (well, a modified version). When the emulator is closed and started again, the fingerprint is still registered in the system settings but no longer registers with the sample. Is there cryptographic information that has to be saved and re-used in order for it to work after reboot?
2. The cipher in the sample is initialized and authenticated in encryption mode, it can be used to encrypt data after recognizing a fingerprint. If you initialize a cipher again in decrypt mode, does it have to be passed through the FingerprintManager.authenticate() method again to be fully initialized for decryption? In other words can you switch between encryption and decryption after scanning your finger once?

The sample only shows how to encrypt the data, but what steps should I use to decrypt?

I created a question of stackoverflow, but no luck so far: http://stackoverflow.com/questions/33214469/issue-while-using-android-fingerprint-iv-required-when-decrypting-use-ivparame

I also did check the instructions from issue #10 but it did not work (issue documented on stackoverflow).

Can someone help with this?

I ran this project in my Android AVD (API level 23, with Google API's installed) but the Purchase button is not clickable (see image below).

(I used build-tools v23.0.3 as stated in the pre-requisites)

I'm trying to use this sample in android version less than android M ,
Noticing that there is a class called FingerPrintManagerCompat and FingerPrintManagerCompatAPI23
is this can do the same thing as the FingerPrintManager ?
If Yes , how to use it please (any reference)

thanks in advance ...

Got an exception like this by using the standard approach to authenticate via fingerprint:

   private void generateKey() throws Exception {
        try {
            keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");
            keyStore.load(null);
            keyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
                    .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
                    .setUserAuthenticationRequired(true)
                    .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
                    .build());
            keyGenerator.generateKey();
        } catch (KeyStoreException
                | NoSuchAlgorithmException
                | NoSuchProviderException
                | InvalidAlgorithmParameterException
                | CertificateException
                | IOException exc) {
            exc.printStackTrace();
            throw new Exception(exc);
        }
    }

    private boolean initCipher() {
        try {
            cipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/" + KeyProperties.BLOCK_MODE_CBC + "/" + KeyProperties.ENCRYPTION_PADDING_PKCS7);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new RuntimeException("Failed to get Cipher", e);
        }

        try {
            keyStore.load(null);
            SecretKey key = (SecretKey) keyStore.getKey(KEY_NAME, null);
            cipher.init(Cipher.ENCRYPT_MODE, key);
            return true;
        } catch (KeyPermanentlyInvalidatedException e) {
            return false;
        } catch (KeyStoreException | CertificateException
                | UnrecoverableKeyException | IOException
                | NoSuchAlgorithmException | InvalidKeyException e) {
            throw new RuntimeException("Failed to init Cipher", e);
        }
    }

Caused by java.security.InvalidKeyException: Only SecretKey is supported
       at com.android.org.conscrypt.OpenSSLCipher.checkAndSetEncodedKey(OpenSSLCipher.java:436)
       at com.android.org.conscrypt.OpenSSLCipher.engineInit(OpenSSLCipher.java:261)
       at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:2668)
       at javax.crypto.Cipher.tryCombinations(Cipher.java:2575)
       at javax.crypto.Cipher$SpiAndProviderUpdater.updateAndGetSpiAndProvider(Cipher.java:2480)
       at javax.crypto.Cipher.chooseProvider(Cipher.java:567)
       at javax.crypto.Cipher.init(Cipher.java:831)
       at javax.crypto.Cipher.init(Cipher.java:772)

Mostly users got crashes by 8 and 9 starts getting crashes:

I was testing the sample app at Nexux 5x emulator.
When I restart the app after rebooting the emulator, it crashed.

In android monitor it read:

java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use

That's so weird . I checked the return value of mFingerprintManager.hasEnrolledFingerprints() ,which was true. But the exception still was thrown during the createKey() .

I do have a fingerprint scanner on my Nexus 5x.
I just didn't set my lock screen to use it.
Why can't I have a fingerprint set for use on apps, yet not on the lock screen?

I want to invoke the fingerprint enrolment in the settings if there are no fingerprint enrolled. Is this possible?

Do you have any idea about using that use password component along with fingerprint

This sample is somehow incomplete:

• it creates new symetric key at each start, which actually prohibits decryption of SECRET_MESSAGE anytime later
• what's use of the SECRET_MESSAGE in this sample, when it's just encrypted (with problem above), and result is not saved, not used next time, it's just displayed on screen

I think that basic principles of AndroidKeyStore and FingerprintManager are somehow mixed to show that finger scanning works, but result is strange. All I get is "password entered or your finger recognized".

I'd expect that symetric key is created once if it's already not in keystore.
Then possibly encrypt user-entered password with the key, and save it to a file. Next time when fingerprint is used, decrypt saved encrypted password, and use it same way as if user entered it manually.
So user has choice to use fast path with finger, or slower path by typing password.

Is there any way to authenticate with device password when no fingerprints are present.

Thanks for this sample.
I just have a couple quick questions. What is the best way to try this out?
I don't think the emulator support the fingerprint reader and M Preview is only available on Nexus 5, 6, 9 and Nexus Player which don't have the reader also.
Does this sample work with any external fingerprint reader?
I assume isHardwareDetected returns true only if a build-in reader is available, right?
Thanks!

The fingerprint examples are good but I think it is bad practice to use Dependency Injections in a Google Sample(or any open-source sample). I am assuming most developers are not using DI in their applications or familiar with them (especially new developers). It is also recommended not to use DI frameworks. https://developer.android.com/training/articles/memory.html#DependencyInjection. Although it simplifies the code for the creator, it complicates code for individuals like myself that don't use DI.

块崩溃了 选择跟项目打开 或者里面的application 都不行，漫长的等待还是没结果，我自己写的项目咋都正常呢？

The documentation for Android fingerprint API says "You must implement the user interface for the fingerprint authentication flow on your app, and use the standard Android fingerprint icon in your UI.",
which makes sense, to provide consistent UI across all apps and give users a recognizable cue when they can use the sensor.

However, the LICENSE here says "All image and audio files (including *.png, *.jpg, *.svg, *.mp3, *.wav
and *.ogg) are licensed under the CC-BY-NC license",
which, as I understand, means the icon can't be used in commercial projects.

I find it unusual. Is this just an oversight?

Hello! In this sample project there is comment like this:

Now the protection level of USE_FINGERPRINT permission is normal instead of dangerous.

But it is not true, in my project I am using compilseSdkVersion and targetSdkVersion 25.0.2.
And for example, to check if the device has a fingerprint sensor, i call this method:
if (!mFingerprintManager.isHardwareDetected())
and it says

if (!mFingerprintManager.isHardwareDetected())

I feel this project is very complicated.
I don't think Dagger is necessary for sample project.

Please make this project more simple.

Hi,

I have an app that is developed to run inside the Android Enterprise container (for corporate devices). The fingerprint authentication from this sample works perfectly when the app is installed outside the enterprise container. However, when the app is running inside the container, it is unable to detect any fingerprints that the user registered outside the container (on the normal device).

It fails at this piece (line 137 of MainActivity):

if (!fingerprintManager.hasEnrolledFingerprints()) {
            // User hasn't enrolled any fingerprints to authenticate with
            Toast.makeText(this, "Go to 'Settings -> Security -> Fingerprint' and register at least one fingerprint", Toast.LENGTH_LONG).show();
            return;
        }

Is there a way to detect registered fingerprints outside the Enterprise container from an app that is running inside the container? I have tested this on an S7, S8, and Pixel. Thanks!

The app is not running on the device which does't have a fingerprint sensor. The app is crashing when i try to authenticate with the password and at the same time the password entered by me is not matching the system password and is letting me in the app with any letters.

Hi,
I have tried to work out the existing FingerPrintDialog sample(google sample) in emulator, It worked at the beginning, but when I am trying to execute the same it is throwing the following error.
Caused by: java.security.InvalidAlgorithmParameterException: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use.
The fingerprint ID is already registered from the terminal.

I am checking the source code of the fingerprintDialog and I saw the method checkPassword in the FingerprintAuthenticationDialogFragment class but this method isn't working because only checked if the password isn't empty and nothing else.

My question is: This method should check the pin code of the phone, no?

Regards

When i start the app and then complete the fingerprint verification(successed),then i close the app,then i see the log that MainActivity leaked.

I got error in FingerprintUiHelper.java

mFingerprintManager.authenticate(cryptoObject, mCancellationSignal, 0 /* flags */, this, null);

Here are the error messages

Error:(86, 17) error: method authenticate in class FingerprintManager cannot be applied to given types;
required: CryptoObject,CancellationSignal,AuthenticationCallback,int
found: CryptoObject,CancellationSignal,int,FingerprintUiHelper,<null>
reason: actual and formal argument lists differ in length

Error:Execution failed for task ':Application:compileDebugJava'.
> Compilation failed; see the compiler error output for details.

How can I fix it ?
Thank you.

On samsung galaxy note 4 i have an registered fingerprint, but the app does not see it. Maybe samsung supports only their API.

org.gradle.api.tasks.TaskExecutionException: Execution failed for task ':Application:javaPreCompileDebug'.
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeActions(ExecuteActionsTaskExecuter.java:100)
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.execute(ExecuteActionsTaskExecuter.java:70)
at org.gradle.api.internal.tasks.execution.OutputDirectoryCreatingTaskExecuter.execute(OutputDirectoryCreatingTaskExecuter.java:51)
at org.gradle.api.internal.tasks.execution.SkipUpToDateTaskExecuter.execute(SkipUpToDateTaskExecuter.java:62)
at org.gradle.api.internal.tasks.execution.ResolveTaskOutputCachingStateExecuter.execute(ResolveTaskOutputCachingStateExecuter.java:54)
at org.gradle.api.internal.tasks.execution.ValidatingTaskExecuter.execute(ValidatingTaskExecuter.java:60)
at org.gradle.api.internal.tasks.execution.SkipEmptySourceFilesTaskExecuter.execute(SkipEmptySourceFilesTaskExecuter.java:97)
at org.gradle.api.internal.tasks.execution.CleanupStaleOutputsExecuter.execute(CleanupStaleOutputsExecuter.java:87)
at org.gradle.api.internal.tasks.execution.ResolveTaskArtifactStateTaskExecuter.execute(ResolveTaskArtifactStateTaskExecuter.java:52)
at org.gradle.api.internal.tasks.execution.SkipTaskWithNoActionsExecuter.execute(SkipTaskWithNoActionsExecuter.java:52)
at org.gradle.api.internal.tasks.execution.SkipOnlyIfTaskExecuter.execute(SkipOnlyIfTaskExecuter.java:54)
at org.gradle.api.internal.tasks.execution.ExecuteAtMostOnceTaskExecuter.execute(ExecuteAtMostOnceTaskExecuter.java:43)
at org.gradle.api.internal.tasks.execution.CatchExceptionTaskExecuter.execute(CatchExceptionTaskExecuter.java:34)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker$1.run(DefaultTaskGraphExecuter.java:248)
at org.gradle.internal.progress.DefaultBuildOperationExecutor$RunnableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:336)
at org.gradle.internal.progress.DefaultBuildOperationExecutor$RunnableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:328)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:199)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:110)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker.execute(DefaultTaskGraphExecuter.java:241)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker.execute(DefaultTaskGraphExecuter.java:230)
at org.gradle.execution.taskgraph.DefaultTaskPlanExecutor$TaskExecutorWorker.processTask(DefaultTaskPlanExecutor.java:123)
at org.gradle.execution.taskgraph.DefaultTaskPlanExecutor$TaskExecutorWorker.access$200(DefaultTaskPlanExecutor.java:79)
at org.gradle.execution.taskgraph.DefaultTaskPlanExecutor$TaskExecutorWorker$1.execute(DefaultTaskPlanExecutor.java:104)
at org.gradle.execution.taskgraph.DefaultTaskPlanExecutor$TaskExecutorWorker$1.execute(DefaultTaskPlanExecutor.java:98)
at org.gradle.execution.taskgraph.DefaultTaskExecutionPlan.execute(DefaultTaskExecutionPlan.java:626)
at org.gradle.execution.taskgraph.DefaultTaskExecutionPlan.executeWithTask(DefaultTaskExecutionPlan.java:581)
at org.gradle.execution.taskgraph.DefaultTaskPlanExecutor$TaskExecutorWorker.run(DefaultTaskPlanExecutor.java:98)
at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:63)
at org.gradle.internal.concurrent.ManagedExecutorImpl$1.run(ManagedExecutorImpl.java:46)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.gradle.internal.concurrent.ThreadFactoryImpl$ManagedThreadRunnable.run(ThreadFactoryImpl.java:55)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.RuntimeException: Annotation processors must be explicitly declared now. The following dependencies on the compile classpath are found to contain annotation processor. Please add them to the annotationProcessor configuration.

• dagger-compiler-1.2.2.jar (com.squareup.dagger:dagger-compiler:1.2.2)
  Alternatively, set android.defaultConfig.javaCompileOptions.annotationProcessorOptions.includeCompileClasspath = true to continue with previous behavior. Note that this option is deprecated and will be removed in the future.
  See https://developer.android.com/r/tools/annotation-processor-error-message.html for more details.
  at com.android.build.gradle.tasks.JavaPreCompileTask.preCompile(JavaPreCompileTask.java:142)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:498)
  at org.gradle.internal.reflect.JavaMethod.invoke(JavaMethod.java:73)
  at org.gradle.api.internal.project.taskfactory.StandardTaskAction.doExecute(StandardTaskAction.java:46)
  at org.gradle.api.internal.project.taskfactory.StandardTaskAction.execute(StandardTaskAction.java:39)
  at org.gradle.api.internal.project.taskfactory.StandardTaskAction.execute(StandardTaskAction.java:26)
  at org.gradle.api.internal.AbstractTask$TaskActionWrapper.execute(AbstractTask.java:780)
  at org.gradle.api.internal.AbstractTask$TaskActionWrapper.execute(AbstractTask.java:747)
  at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter$1.run(ExecuteActionsTaskExecuter.java:121)
  at org.gradle.internal.progress.DefaultBuildOperationExecutor$RunnableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:336)
  at org.gradle.internal.progress.DefaultBuildOperationExecutor$RunnableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:328)
  at org.gradle.internal.progress.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:199)
  at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:110)
  at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeAction(ExecuteActionsTaskExecuter.java:110)
  at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeActions(ExecuteActionsTaskExecuter.java:92)
  ... 32 more

The dialog fragment for the fingerprint authentication does not survive rotation, despite having setRetainInstanceState(true) set. This appears to be because the CancellationSignal does not emit the cancellation before the dialog fragment is recreated and resumed again -- mSelfCancelled = false then, causing mCallback.onError() to be called and to close the newly created dialog fragment to be dismissed.

Flow looks something like this (user selects Purchase to start):

1. FingerprintAuthenticationDialogFragment created:

• onResume() called -- mFingerprintUiHelper.startListening() called

2. User rotates device

• onPause() called -- mFingerprintUiHelper.stopListening() called (cancels CancellationSignal, sets mSelfCancelled = true)
• No messages sent through FingerprintManager.AuthenticationCallback during this time

3. New FingerprintAuthenticationDialogFragment created:

• onResume() and startListening() called -- setting mSelfCancelled = false
• now we get a cancellation message in UI Helper's onAuthenticationError, but I believe this cancel message is from the previous onPause() call

So it looks like the cancellation is not sent quickly enough on a rotation, causing the fragment created after the rotation to receive that cancellation message, which then closes the dialog fragment.

Hi,
it is mandatory to register fingerprint inside my app? Or i can use also system registered fingerprints?

I'm not sure whether it's a bug of emulator image or this sample. Here's the stack trace.

E/AndroidRuntime( 3043): FATAL EXCEPTION: main
E/AndroidRuntime( 3043): Process: com.example.android.fingerprintdialog, PID: 3043
E/AndroidRuntime( 3043): java.lang.RuntimeException: Failure delivering result ResultInfo{who=@android:requestPermissions:, request=0, result=-1, data=Intent { act=android.content.pm.action.REQUEST_PERMISSIONS (has extras) }} to activity {com.example.android.fingerprintdialog/com.example.android.fingerprintdialog.MainActivity}: java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use
E/AndroidRuntime( 3043):    at android.app.ActivityThread.deliverResults(ActivityThread.java:3699)
E/AndroidRuntime( 3043):    at android.app.ActivityThread.handleSendResult(ActivityThread.java:3742)
E/AndroidRuntime( 3043):    at android.app.ActivityThread.-wrap16(ActivityThread.java)
E/AndroidRuntime( 3043):    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1393)
E/AndroidRuntime( 3043):    at android.os.Handler.dispatchMessage(Handler.java:102)
E/AndroidRuntime( 3043):    at android.os.Looper.loop(Looper.java:148)
E/AndroidRuntime( 3043):    at android.app.ActivityThread.main(ActivityThread.java:5417)
E/AndroidRuntime( 3043):    at java.lang.reflect.Method.invoke(Native Method)
E/AndroidRuntime( 3043):    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
E/AndroidRuntime( 3043):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
E/AndroidRuntime( 3043): Caused by: java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use
E/AndroidRuntime( 3043):    at com.example.android.fingerprintdialog.MainActivity.createKey(MainActivity.java:232)
E/AndroidRuntime( 3043):    at com.example.android.fingerprintdialog.MainActivity.onRequestPermissionsResult(MainActivity.java:109)
E/AndroidRuntime( 3043):    at android.app.Activity.dispatchRequestPermissionsResult(Activity.java:6553)
E/AndroidRuntime( 3043):    at android.app.Activity.dispatchActivityResult(Activity.java:6432)
E/AndroidRuntime( 3043):    at android.app.ActivityThread.deliverResults(ActivityThread.java:3695)
E/AndroidRuntime( 3043):    ... 9 more
E/AndroidRuntime( 3043): Caused by: java.security.InvalidAlgorithmParameterException: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use
E/AndroidRuntime( 3043):    at android.security.keystore.AndroidKeyStoreKeyGeneratorSpi.engineInit(AndroidKeyStoreKeyGeneratorSpi.java:238)
E/AndroidRuntime( 3043):    at android.security.keystore.AndroidKeyStoreKeyGeneratorSpi$AES.engineInit(AndroidKeyStoreKeyGeneratorSpi.java:53)
E/AndroidRuntime( 3043):    at javax.crypto.KeyGenerator.init(KeyGenerator.java:189)
E/AndroidRuntime( 3043):    at com.example.android.fingerprintdialog.MainActivity.createKey(MainActivity.java:220)
E/AndroidRuntime( 3043):    ... 13 more
E/AndroidRuntime( 3043): Caused by: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use
E/AndroidRuntime( 3043):    at android.security.keystore.KeymasterUtils.addUserAuthArgs(KeymasterUtils.java:115)
E/AndroidRuntime( 3043):    at android.security.keystore.AndroidKeyStoreKeyGeneratorSpi.engineInit(AndroidKeyStoreKeyGeneratorSpi.java:234)
E/AndroidRuntime( 3043):    ... 16 more
W/ActivityManager( 1354):   Force finishing activity com.example.android.fingerprintdialog/.MainActivity

Build failed with below error:
Error:(43, 9) error: cannot find symbol method library()
Error:(44, 9) error: cannot find symbol method injects()
Error:(44, 19) error: illegal initializer for
Error:Execution failed for task ':compileDebugJavaWithJavac'.

Compilation failed; see the compiler error output for details.

Hi,
To make it crash do this:

• authenticate with your finger
• the animation with "Fingerprint recognised" text is shown
• because that animation has 1 sec of delay before calling the callback mCallback.onAuthenticated();
• if you send the app in background during the animation then it crash (just press home button before the animation is gone)

The issue is that are missing some checks when you call dismiss()

@OverRide
public void onAuthenticated() {
// Callback from FingerprintUiHelper. Let the activity know that authentication was
// successful.
mActivity.onPurchased(true /* withFingerprint */, mCryptoObject);
dismiss();
}

I suggest to put
Activity anActivity = getActivity();
if (getDialog() != null && getDialog().isShowing() && isResumed() && anActivity != null && !anActivity.isFinishing()) {
dismiss();
}

or you can use dismissAllowingStateLoss()

hy guys, sorry for my english , I have this problem when I close authentication dialog and app go in background

D/AbstractTracker: Event success
E/System: Uncaught exception thrown by finalizer
E/System: java.lang.IllegalStateException: Binder has been finalized!
at android.os.BinderProxy.transactNative(Native Method)
at android.os.BinderProxy.transact(Binder.java:536)
at android.security.IKeystoreService$Stub$Proxy.abort(IKeystoreService.java:1302)
at android.security.KeyStore.abort(KeyStore.java:496)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.finalize(AndroidKeyStoreCipherSpiBase.java:680)
at android.security.keystore.AndroidKeyStoreUnauthenticatedAESCipherSpi$CBC$PKCS7Padding.finalize(AndroidKeyStoreUnauthenticatedAESCipherSpi.java:73)
at java.lang.Daemons$FinalizerDaemon.doFinalize(Daemons.java:219)
at java.lang.Daemons$FinalizerDaemon.run(Daemons.java:197)
at java.lang.Thread.run(Thread.java:818)

how can I resolve this issue?

thanks in advance

[nevermind]

Hello,
We are a team who is going to integrate fingerprint in important business flow like buying stuffs.

We are testing the behaviour/mechanism on your fingerprintDialog app with Android M simulator on Android Studio.

We found the following issues and we are worrying about it would affect user and we are confused about the mechanism

1. FingerPrint Deletion.
   a) After I deleted a fingerprint, the fingerprint is always on the list and sometimes it is really deleted(say it does not pass the fingerprint detection),
   but sometimes not(I tested it by adb -s command)
   b) After we have five fingerprint, as the deletion never helps, we won't have ways to add fingerprint
   unless we delete the emulator.

2. FingerPrint Deletion affect the FingerPrint mechanism
   After we do the deletion as described in 1)
   the fingerprint behaviour sometimes become strange.
   a) When I add a fingerprint, previous fingerprints are invalided
   (say the operation is Add F1 -> Delete F1 -> Add F2-> Add F3, the adding of F3 makes
   F2 invalided, which is a bit strange.
   b) When I add a new fingerprint, the initCipher(Testing if fingerprint set is changed or not) does not work
   Say I Add F1 -> Delete F1 -> Add F2 -> Add F3,
   After Add F3, the dialog would not prompt the dialog to let user input password, but
   just let him input fingerprint

Summary:
It looks like every strange behaviour is due to deletion of fingerprint has bug,
Do you have any suggestion like what emulator or device we should use in
testing fingerprint behaviour?

Thanks!

The app is throwing an IllegalStateException on following physical devices with registered fingerprints:

• Samsung S5 - SM-G800H (Android 6.0.1 API 23)
• Samsung Note 4 - SM-N9105S (Android 6.0.1 API 23)
• Samsung S6 Edge - SM-G925F (Android 6.0.1 API 23)

I tried these without success:

• Deleted all fingerprints and re-registered them again. (And setting screen lock with fingerprint)
• Updated Android SDK Build-Tools to the latest.
• Restarted the devices

What should I do?

Stacktrace:

06-09 16:24:59.682 6873-6873/com.example.android.fingerprintdialog E/AndroidRuntime: FATAL EXCEPTION: main
 Process: com.example.android.fingerprintdialog, PID: 6873
 java.lang.RuntimeException: Unable to start activity ComponentInfo{com.example.android.fingerprintdialog/com.example.android.fingerprintdialog.MainActivity}: java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use
 at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3319)
 at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415)
 at android.app.ActivityThread.access$1100(ActivityThread.java:229)
 at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821)
 at android.os.Handler.dispatchMessage(Handler.java:102)
 at android.os.Looper.loop(Looper.java:148)
 at android.app.ActivityThread.main(ActivityThread.java:7331)
 at java.lang.reflect.Method.invoke(Native Method)
 at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
 at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)
 Caused by: java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use
 at com.example.android.fingerprintdialog.MainActivity.createKey(MainActivity.java:269)
 at com.example.android.fingerprintdialog.MainActivity.onCreate(MainActivity.java:152)
 at android.app.Activity.performCreate(Activity.java:6904)
 at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136)
 at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266)
 at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415) 
 at android.app.ActivityThread.access$1100(ActivityThread.java:229) 
 at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821) 
 at android.os.Handler.dispatchMessage(Handler.java:102) 
 at android.os.Looper.loop(Looper.java:148) 
 at android.app.ActivityThread.main(ActivityThread.java:7331) 
 at java.lang.reflect.Method.invoke(Native Method) 
 at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) 
 at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) 
 Caused by: java.security.InvalidAlgorithmParameterException: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use
 at android.security.keystore.AndroidKeyStoreKeyGeneratorSpi.engineInit(AndroidKeyStoreKeyGeneratorSpi.java:238)
 at android.security.keystore.AndroidKeyStoreKeyGeneratorSpi$AES.engineInit(AndroidKeyStoreKeyGeneratorSpi.java:53)
 at javax.crypto.KeyGenerator.init(KeyGenerator.java:189)
 at com.example.android.fingerprintdialog.MainActivity.createKey(MainActivity.java:265)
 at com.example.android.fingerprintdialog.MainActivity.onCreate(MainActivity.java:152) 
 at android.app.Activity.performCreate(Activity.java:6904) 
 at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136) 
 at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266) 
 at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415) 
 at android.app.ActivityThread.access$1100(ActivityThread.java:229) 
 at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821) 
 at android.os.Handler.dispatchMessage(Handler.java:102) 
 at android.os.Looper.loop(Looper.java:148) 
 at android.app.ActivityThread.main(ActivityThread.java:7331) 
 at java.lang.reflect.Method.invoke(Native Method) 
 at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) 
 at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) 
 Caused by: java.lang.IllegalStateException: At least one fingerprint must be enrolled to create keys requiring user authentication for every use
 at android.security.keystore.KeymasterUtils.addUserAuthArgs(KeymasterUtils.java:115)
 at android.security.keystore.AndroidKeyStoreKeyGeneratorSpi.engineInit(AndroidKeyStoreKeyGeneratorSpi.java:234)
 at android.security.keystore.AndroidKeyStoreKeyGeneratorSpi$AES.engineInit(AndroidKeyStoreKeyGeneratorSpi.java:53) 
 at javax.crypto.KeyGenerator.init(KeyGenerator.java:189) 
 at com.example.android.fingerprintdialog.MainActivity.createKey(MainActivity.java:265) 
 at com.example.android.fingerprintdialog.MainActivity.onCreate(MainActivity.java:152) 
 at android.app.Activity.performCreate(Activity.java:6904) 
 at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136) 
 at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266) 
 at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415) 
 at android.app.ActivityThread.access$1100(ActivityThread.java:229) 
 at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821) 
 at android.os.Handler.dispatchMessage(Handler.java:102) 
 at android.os.Looper.loop(Looper.java:148) 
 at android.app.ActivityThread.main(ActivityThread.java:7331) 
 at java.lang.reflect.Method.invoke(Native Method) 
 at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) 
 at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) 

Hi, I test this app on Nexus5x and Samsung s6. It both fail to detect that a new fingerprint is enrolled.

What I was do:

1. kill the app (not delete the app).
2. enroll a new fingerprint.
3. launch the app and click "purchase" button

It works out of expect and the new fingerprint also "purchase" successfully.

If the app is designed to work like this.So, how can I detect the change of fingerprint catalog? I need the user to re-input the password when the fingerprint cataglog is changed because of the security requirement.

Glad to see your reply soon. Thanks!

Hi,
I want to know about the biometric fingerprint so, when Im run this application Im unable to install. It shows me below error
pkg: /data/local/tmp/com.example.android.fingerprintdialog
Failure [INSTALL_FAILED_OLDER_SDK]
Even I have changed build .gradle file
compileSdkVersion "android-MNC"
buildToolsVersion "22.0.1"
defaultConfig {
minSdkVersion 15
maxSdkVersion 17
versionCode 1
versionName "1.0"
}
I want to check the functionality but im unable to get apk file
Please help me on this

Hi,
almost all links mentioned in README.md are not working (return 404):

• https://developer.android.com/reference/android/hardware/FingerprintManager.AuthenticationCallback#onAuthenticationSucceeded%28%29.html
• https://developer.android.com/reference/android/hardware/FingerprintManager/index.html#authenticate%28%29.html
• https://developer.android.com/reference/android/security/KeyGenParameterSpec.Builder#setUserAuthenticationRequired%28%29.html
• https://developer.android.com/reference/android/security/KeyGenParameterSpec.html

Problem appears only on some devices:

• Meizu PRO 6
• HTC One M9PLUS (M9+)
• LeTV Le 1s X500

Location:
MainActivity#initCipher(Cipher cipher, String keyName)
line 165
when calling cipher.init(Cipher.ENCRYPT_MODE, key);
i got android.security.keystore.UserNotAuthenticatedException: User not authenticated

There are crashes in some Meizu phones, such as M5 note, PRO 7 Plus and so on. The system version is Android 7.0. The log is:

java.util.concurrent.TimeoutException: android.security.keystore.AndroidKeyStoreUnauthenticatedAESCipherSpi$CBC$PKCS7Padding.finalize(AndroidKeyStoreUnauthenticatedAESCipherSpi.java) timed out after 20 seconds
	at android.os.BinderProxy.transactNative(BinderProxy.java)
	at android.os.BinderProxy.transact(BinderProxy.java:626)
	at android.security.IKeystoreService$Stub$Proxy.abort(IKeystoreService.java:1341)
	at android.security.KeyStore.abort(KeyStore.java:538)
	at android.security.keystore.AndroidKeyStoreCipherSpiBase.finalize(AndroidKeyStoreCipherSpiBase.java:744)
	at android.security.keystore.AndroidKeyStoreUnauthenticatedAESCipherSpi$CBC$PKCS7Padding.finalize(AndroidKeyStoreUnauthenticatedAESCipherSpi.java)
	at java.lang.Daemons$FinalizerDaemon.doFinalize(Daemons.java:239)
	at java.lang.Daemons$FinalizerDaemon.run(Daemons.java:226)
	at java.lang.Thread.run(Thread.java:761)

How to fix it?

Hi,

I am using nexus 5 device.. I dnt have any option like finger print in settings. So not able to enable purchase button.. Is there any particular to enable it.

java.lang.IllegalStateException: Binder has been finalized!
at android.os.BinderProxy.transactNative(Native Method)
at android.os.BinderProxy.transact(Binder.java:628)
at android.security.IKeystoreService$Stub$Proxy.abort(IKeystoreService.java:1387)
at android.security.KeyStore.abort(KeyStore.java:879)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.finalize(AndroidKeyStoreCipherSpiBase.java:744)
at android.security.keystore.AndroidKeyStoreUnauthenticatedAESCipherSpi$CBC$PKCS7Padding.finalize(AndroidKeyStoreUnauthenticatedAESCipherSpi.java)
at java.lang.Daemons$FinalizerDaemon.doFinalize(Daemons.java:222)
at java.lang.Daemons$FinalizerDaemon.run(Daemons.java:209)
at java.lang.Thread.run(Thread.java:762)

For example, if finger 1 is scanned do something, and if finger 2 is scanned, do something else?

Can realize the function of fingerprint puncher

The initCipher()-method checks if lockscreen has been disabled or new fingerprints have been enrolled.
For this it checks if a KeyPermanentlyInvalidatedException will be thrown or not. If it wil lbe thrown, any of above reasons apply.

But this does not seem to trigger all the time. It only triggers randomly on my device (Nexus 5X) after adding new fingerprints.
Most of the time I get normal fingerprint-authentication dialog and it works as nothing has been changed. Only very few times I get "A new fingerprint was added to this device"-message to reauthenticate.

Can anyone tell me why this is not triggering all the time when new fingerprints have been enrolled? Is this a bug or a feature? :D

Is it possible to check for fingerprint-changes in another way?