Android 添加/删除指纹后密钥永久无效异常
当用户添加新指纹或删除任何现有指纹,然后尝试启动应用程序时,它抛出KeyPermanentlyInvalidatedException 这是我的指纹码:Android 添加/删除指纹后密钥永久无效异常,android,android-fingerprint-api,Android,Android Fingerprint Api,当用户添加新指纹或删除任何现有指纹,然后尝试启动应用程序时,它抛出KeyPermanentlyInvalidatedException 这是我的指纹码: public Boolean auth(FingerprintManager.AuthenticationCallback callback) { try { KeyStore store = accessKeyStore(DEFAULT_KEYSTORE); if (store == null) {
public Boolean auth(FingerprintManager.AuthenticationCallback callback) {
try {
KeyStore store = accessKeyStore(DEFAULT_KEYSTORE);
if (store == null) {
return null;
}
Cipher cipher = accessCipher();
if (cipher == null) {
return null;
}
store.load(null);
SecretKey key = (SecretKey) store.getKey(DEFAULT_KEY_NAME, DEFAULT_STORE_PASS.toCharArray());
cipher.init(Cipher.ENCRYPT_MODE, key);
FingerprintManager manager = initManager();
if (manager == null) {
return null;
}
manager.authenticate(
generateCryptoObject(cipher),
generateCancellationSignal(),
0,
callback,
null
);
return true;
} catch (Throwable exc) {
Logger.error(TAG, exc.getLocalizedMessage(), exc);
return null;
}
}
private Cipher accessCipher() {
try {
return Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
+ KeyProperties.BLOCK_MODE_CBC + "/"
+ KeyProperties.ENCRYPTION_PADDING_PKCS7);
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
// Was not available.
return null;
}
}
在onResume()中调用了auth方法
整个指纹类:
`
公共类指纹Utils{
私有静态最终字符串标记=FingerPrintUtils.class.getSimpleName();
私有静态最终字符串默认值_KEYSTORE=“AndroidKeyStore”;
私有静态最终字符串DEFAULT\u KEY\u NAME=“myApplication”;
私有静态最终字符串默认\u存储\u传递=”csdgh@jkbvj@";
私有静态指纹utils指纹utils;
取消私有布尔值;
专用取消信号取消信号;
@塔吉塔皮(23)
公共静态指纹Utils getInstance(){
if(fingerPrintUtils==null){
指纹utils=新的指纹utils();
}
返回指纹图;
}
@塔吉塔皮(23)
公共布尔值isFingerAuthAvailable(){
布尔hasHarware=hasHarware();
if(hasHarware==null | |!hasHarware){
返回false;
}
布尔值hasPrint=hasristeredprint();
如果(hasPrint==null | |!hasPrint){
返回false;
}
返回true;
}
@塔吉塔皮(23)
公共布尔hasHardware(){
指纹管理器=initManager();
if(manager==null){
返回null;
}
return manager.ishardwaredtected();
}
@塔吉塔皮(23)
公共布尔值hasRegisteredPrint(){
指纹管理器=initManager();
if(manager==null){
返回null;
}
退货经理。hasEnrolled指纹();
}
@塔吉塔皮(23)
公共布尔createKey(){
试一试{
密钥库存储=accessKeyStore(默认密钥库);
if(store==null){
返回null;
}
KeyGenerator generator=accessKeyGen(KeyProperties.KEY\u算法\u AES,默认密钥库);
if(生成器==null){
返回null;
}
generator.init(新的KeyGenParameterSpec.Builder(
默认\u键\u名称,
KeyProperties.PURPOSE|加密| KeyProperties.PURPOSE|解密
)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
//要求用户使用指纹进行身份验证以授权每次使用
//钥匙
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(KeyProperties.ENCRYPTION\u PADDING\u PKCS7)
.build());
generator.generateKey();
返回true;
}捕获(可丢弃exc){
Logger.error(标记,exc.getLocalizedMessage(),exc);
返回false;
}
}
@塔吉塔皮(23)
公共布尔键存在(){
试一试{
密钥库存储=accessKeyStore(默认密钥库);
if(store==null){
返回null;
}
store.load(null);
SecretKey key=(SecretKey)store.getKey(默认的\u key\u NAME,默认的\u store\u PASS.toCharArray());
if(key!=null){
返回true;
}
}捕获(可丢弃exc){
Logger.error(标记,exc.getLocalizedMessage(),exc);
返回null;
}
返回false;
}
@塔吉塔皮(23)
公共布尔身份验证(指纹管理器.AuthenticationCallback){
试一试{
密钥库存储=accessKeyStore(默认密钥库);
if(store==null){
返回null;
}
密码=accessCipher();
如果(密码==null){
返回null;
}
store.load(null);
SecretKey key=(SecretKey)store.getKey(默认的\u key\u NAME,默认的\u store\u PASS.toCharArray());
cipher.init(cipher.ENCRYPT_模式,密钥);
指纹管理器=initManager();
if(manager==null){
返回null;
}
经理。验证(
generateCryptoObject(密码),
generateCancellationSignal(),
0,
回拨,
无效的
);
返回true;
}捕获(可丢弃exc){
Logger.error(标记,exc.getLocalizedMessage(),exc);
返回null;
}
}
@塔吉塔皮(23)
公共布尔停止(){
if(isCancelled!=null&&!isCancelled){
isCancelled=true;
cancellationSignal.cancel();
取消信号=空;
返回true;
}
返回false;
}
@塔吉塔皮(23)
私有指纹管理器initManager(){
Context Context=BasePreferenceHelper.getCurrentContext();
if(上下文==null){
返回null;
}
if(Build.VERSION.SDK_INTpublic class FingerPrintUtils {
private static final String TAG = FingerPrintUtils.class.getSimpleName();
private static final String DEFAULT_KEYSTORE = "AndroidKeyStore";
private static final String DEFAULT_KEY_NAME = "myApplication";
private static final String DEFAULT_STORE_PASS = "csdgh@jkbvj@";
private static FingerPrintUtils fingerPrintUtils;
private Boolean isCancelled;
private CancellationSignal cancellationSignal;
@TargetApi(23)
public static FingerPrintUtils getInstance() {
if (fingerPrintUtils == null) {
fingerPrintUtils = new FingerPrintUtils();
}
return fingerPrintUtils;
}
@TargetApi(23)
public Boolean isFingerAuthAvailable() {
Boolean hasHarware = hasHardware();
if (hasHarware == null || !hasHarware) {
return false;
}
Boolean hasPrint = hasRegisteredPrint();
if (hasPrint == null || !hasPrint) {
return false;
}
return true;
}
@TargetApi(23)
public Boolean hasHardware() {
FingerprintManager manager = initManager();
if (manager == null) {
return null;
}
return manager.isHardwareDetected();
}
@TargetApi(23)
public Boolean hasRegisteredPrint() {
FingerprintManager manager = initManager();
if (manager == null) {
return null;
}
return manager.hasEnrolledFingerprints();
}
@TargetApi(23)
public Boolean createKey() {
try {
KeyStore store = accessKeyStore(DEFAULT_KEYSTORE);
if (store == null) {
return null;
}
KeyGenerator generator = accessKeyGen(KeyProperties.KEY_ALGORITHM_AES, DEFAULT_KEYSTORE);
if (generator == null) {
return null;
}
generator.init(new KeyGenParameterSpec.Builder(
DEFAULT_KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT
)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
// Require the user to authenticate with a fingerprint to authorize every use
// of the key
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.build());
generator.generateKey();
return true;
} catch (Throwable exc) {
Logger.error(TAG, exc.getLocalizedMessage(), exc);
return false;
}
}
@TargetApi(23)
public Boolean keyExist() {
try {
KeyStore store = accessKeyStore(DEFAULT_KEYSTORE);
if (store == null) {
return null;
}
store.load(null);
SecretKey key = (SecretKey) store.getKey(DEFAULT_KEY_NAME, DEFAULT_STORE_PASS.toCharArray());
if (key != null) {
return true;
}
} catch (Throwable exc) {
Logger.error(TAG, exc.getLocalizedMessage(), exc);
return null;
}
return false;
}
@TargetApi(23)
public Boolean auth(FingerprintManager.AuthenticationCallback callback) {
try {
KeyStore store = accessKeyStore(DEFAULT_KEYSTORE);
if (store == null) {
return null;
}
Cipher cipher = accessCipher();
if (cipher == null) {
return null;
}
store.load(null);
SecretKey key = (SecretKey) store.getKey(DEFAULT_KEY_NAME, DEFAULT_STORE_PASS.toCharArray());
cipher.init(Cipher.ENCRYPT_MODE, key);
FingerprintManager manager = initManager();
if (manager == null) {
return null;
}
manager.authenticate(
generateCryptoObject(cipher),
generateCancellationSignal(),
0,
callback,
null
);
return true;
} catch (Throwable exc) {
Logger.error(TAG, exc.getLocalizedMessage(), exc);
return null;
}
}
@TargetApi(23)
public Boolean stop() {
if (isCancelled != null && !isCancelled) {
isCancelled = true;
cancellationSignal.cancel();
cancellationSignal = null;
return true;
}
return false;
}
@TargetApi(23)
private FingerprintManager initManager() {
Context context = BasePreferenceHelper.getCurrentContext();
if (context == null) {
return null;
}
if(Build.VERSION.SDK_INT < Build.VERSION_CODES.M) {
return null;
}
FingerprintManager manager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
if (manager == null) {
return null;
}
return manager;
}
@TargetApi(23)
private Cipher accessCipher() {
try {
return Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
+ KeyProperties.BLOCK_MODE_CBC + "/"
+ KeyProperties.ENCRYPTION_PADDING_PKCS7);
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
// Was not available.
return null;
}
}
@TargetApi(23)
private KeyStore accessKeyStore(String storeName) {
try {
return KeyStore.getInstance(storeName);
} catch (Throwable exc) {
// Was not available.
return null;
}
}
@TargetApi(23)
private FingerprintManager.CryptoObject generateCryptoObject(Cipher cipher) {
if (cipher == null) {
throw new IllegalArgumentException("Cipher is required.");
}
return new FingerprintManager.CryptoObject(cipher);
}
@TargetApi(23)
private CancellationSignal generateCancellationSignal() {
cancellationSignal = new CancellationSignal();
isCancelled = false;
return cancellationSignal;
}
@TargetApi(23)
private KeyGenerator accessKeyGen(String algo, String storeName) {
try {
return KeyGenerator.getInstance(algo, storeName);
} catch (Throwable exc) {
// Was not available.
return null;
}
}
}
try
{
cipher.init(Cipher.ENCRYPT_MODE, key);
}
catch (KeyPermanentlyInvalidatedException e)
{
store.deleteEntry(DEFAULT_KEY_NAME);
createKey();
auth(callback);
return false;
}