Android指纹识别

上一篇讲了通过FingerprintManager验证手机是否支持指纹识别,以及是否录入了指纹,这里进行指纹的验证.

//获取FingerprintManager实例 FingerprintManager mFingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE); //执行验证监听 mFingerprintManager .authenticate(cryptoObject, mCancellationSignal, 0, this, null);

参数说明:

cryptoObject//FingerprintManager支持的加密对象的包装类。目前该框架支持Signature，Cipher和Mac对象。 mCancellationSignal//提供取消正在进行的操作的功能。 callback(参数中的this)//指纹识别的回调函数

cryptoObject初始化:

private KeyguardManager mKeyguardManager; private FingerprintManager mFingerprintManager; private static final String DIALOG_FRAGMENT_TAG = "myFragment"; private static final String SECRET_MESSAGE = "Very secret message"; public static boolean isAuthenticating = false; public static final String PARAM_DISMISS_DIALOG = "param_dismiss_dialog"; /** * Alias for our key in the Android Key Store */ private static final String KEY_NAME = "my_key"; private KeyStore mKeyStore; private KeyGenerator mKeyGenerator; private Cipher mCipher; @TargetApi(Build.VERSION_CODES.M) private boolean initCipher() { try { mCipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/" + KeyProperties.BLOCK_MODE_CBC + "/" + KeyProperties.ENCRYPTION_PADDING_PKCS7); } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { throw new RuntimeException("Failed to get an instance of Cipher", e); } try { mKeyStore.load(null); SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null); mCipher.init(Cipher.ENCRYPT_MODE, key); return true; } catch (KeyPermanentlyInvalidatedException e) { return false; } catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException | NoSuchAlgorithmException | InvalidKeyException e) { throw new RuntimeException("Failed to init Cipher", e); } } /** * Creates a symmetric key in the Android Key Store which can only be used after the user has * authenticated with fingerprint. */ @TargetApi(Build.VERSION_CODES.M) public void createKey() { // The enrolling flow for fingerprint. This is where you ask the user to set up fingerprint // for your flow. Use of keys is necessary if you need to know if the set of // enrolled fingerprints has changed. mKeyStore = null; mKeyGenerator = null; try { mKeyStore = KeyStore.getInstance("AndroidKeyStore"); } catch (KeyStoreException e) { throw new RuntimeException("Failed to get an instance of KeyStore", e); } try { mKeyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore"); } catch (NoSuchAlgorithmException | NoSuchProviderException e) { throw new RuntimeException("Failed to get an instance of KeyGenerator", e); } try { mKeyStore.load(null); // Set the alias of the entry in Android KeyStore where the key will appear // and the constrains (purposes) in the constructor of the Builder mKeyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_CBC) // Require the user to authenticate with a fingerprint to authorize every use // of the key .setUserAuthenticationRequired(true) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7) .build()); mKeyGenerator.generateKey(); } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException | CertificateException | IOException e) { throw new RuntimeException(e); } }

FingerprintManager.CryptoObject cryptoObject = new FingerprintManager.CryptoObject(mCipher);

回调函数:

@Override public void onAuthenticationError(int errMsgId, CharSequence errString) { //验证出现错误了 //errString为错误的信息 } @Override public void onAuthenticationHelp(int helpMsgId, CharSequence helpString) { showError(helpString); //验证出现一些问题的系统提示,比如:请按久一点等提示信息. } @Override public void onAuthenticationFailed() { showError("指纹验证失败"); //在验证失败和出现问题以后,系统会继续执行监听,使用者需要在这里修改相关提示信息 } @Override public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult result) { //验证成功 }