Android6.0 fingerprint recognition development

Reprinted from https://www.cnblogs.com/gccbuaa/p/7293837.html

Recently, android fingerprint related functions are being done, and Google officially supports fingerprint recognition in android 6.0 and above version numbers. At that time, I was tangled between FingerprintManager and FingerprintManagerCompat. The com.android.support:appcompat-v7 package needs to be introduced to use FingerprintManager. Considering the size of the package, it was decided to use the v4 compatibility package FingerprintManagerCompat for implementation.

The main tool class FingerprintUtil: Verify whether the mobile phone supports the fingerprint identification method callFingerPrintVerify(), mainly verify whether the mobile phone hardware supports (6.0 and above), whether the fingerprint is entered, and then whether the lock screen password is enabled. Begin to verify that the identification is successful, and the corresponding callback processing can be performed for failure.

 public class FingerprintUtil{

    private FingerprintManagerCompat mFingerprintManager;
    private KeyguardManager mKeyManager;
    private CancellationSignal mCancellationSignal;
    private Activity mActivity;

    public FingerprintUtil(Context ctx) {
        mActivity = (Activity) ctx;
        mFingerprintManager = FingerprintManagerCompat.from(mActivity);
        mKeyManager = (KeyguardManager) mActivity.getSystemService(Context.KEYGUARD_SERVICE);

    }

    public void callFingerPrintVerify(final IFingerprintResultListener listener) {
        if (!isHardwareDetected()) {
            return;
        }
        if (!isHasEnrolledFingerprints()) {
            if (listener != null) {
                listener.onNoEnroll();
            }
            return;
        }
        if (!isKeyguardSecure()) {
            if (listener != null) {
                listener.onInSecurity();
            }
            return;
        }
        if (listener != null) {
            listener.onSupport();
        }

        if (listener != null) {
            listener.onAuthenticateStart();
        }
        if (mCancellationSignal == null) {
            mCancellationSignal = new CancellationSignal();
        }
        try {
            mFingerprintManager.authenticate(null, 0, mCancellationSignal, new FingerprintManagerCompat.AuthenticationCallback() {
                //多次尝试都失败会走onAuthenticationError。会停止响应一段时间。提示尝试次数过多。请稍后再试。

@Override public void onAuthenticationError(int errMsgId, CharSequence errString) { if (listener != null) listener.onAuthenticateError(errMsgId, errString); } //指纹验证失败走此方法，比如小米前4次验证失败走onAuthenticationFailed,第5次走onAuthenticationError @Override public void onAuthenticationFailed() { if (listener != null) listener.onAuthenticateFailed(); } @Override public void onAuthenticationHelp(int helpMsgId, CharSequence helpString) { if (listener != null) listener.onAuthenticateHelp(helpMsgId, helpString); } //当验证的指纹成功时会回调此函数。然后不再监听指纹sensor @Override public void onAuthenticationSucceeded(FingerprintManagerCompat.AuthenticationResult result) { if (listener != null) listener.onAuthenticateSucceeded(result); } }, null); } catch (Exception e) { e.printStackTrace(); } } /** * 是否录入指纹，有些设备上即使录入了指纹，可是没有开启锁屏password的话此方法还是返回false * * @return */ private boolean isHasEnrolledFingerprints() { try { return mFingerprintManager.hasEnrolledFingerprints(); } catch (Exception e) { return false; } } /** * 是否有指纹识别硬件支持 * * @return */ public boolean isHardwareDetected() { try { return mFingerprintManager.isHardwareDetected(); } catch (Exception e) { return false; } } /** * 推断是否开启锁屏password * * @return */ private boolean isKeyguardSecure() { try { return mKeyManager.isKeyguardSecure(); } catch (Exception e) { return false; } } /** * 指纹识别回调接口 */ public interface IFingerprintResultListener { void onInSecurity(); void onNoEnroll(); void onSupport(); void onAuthenticateStart(); void onAuthenticateError(int errMsgId, CharSequence errString); void onAuthenticateFailed(); void onAuthenticateHelp(int helpMsgId, CharSequence helpString); void onAuthenticateSucceeded(FingerprintManagerCompat.AuthenticationResult result); } public void cancelAuthenticate() { if (mCancellationSignal != null) { mCancellationSignal.cancel(); mCancellationSignal = null; } } public void onDestroy() { cancelAuthenticate(); mKeyManager = null; mFingerprintManager = null; }

Referenced some materials and made some verifications. Got some conclusions:

1. When the fingerprint recognition fails, the onAuthenticationFailed() method will be called. At this time, the fingerprint sensor is not turned off. Google's native system gives us 5 retry opportunities. That is to say, after calling the onAuthenticationFailed() method 4 times in a row, The onAuthenticateError(int errMsgId, CharSequence errString) method will be called for the fifth time, and errMsgId==7.

2. Authorize again and again, even if you don't check it. When canceling, the onAuthenticateError(int errMsgId, CharSequence errString) method will be taken, where errMsgId==5,

3. When the system calls onAuthenticationError() and onAuthenticationSucceeded(), the sensor will be turned off, and we only have to authorize again. After calling the authenticate() method again, you can continue to use the fingerprint recognition function.

4、兼容android6.0下面系统的话，不要使用FingerprintManagerCompat， 低于M的系统版本号。FingerprintManagerCompat不管手机是否有指纹识别模块，均觉得没有指纹识别，能够用FingerprintManager来做。

5、考虑到安全因素，最好authenticate(CryptoObject crypto, CancellationSignal cancel, int flags, AuthenticationCallback callback, Handler handler)时增加CryptoObject 。crypto这是一个加密类的对象，指纹扫描器会使用这个对象来推断认证结果的合法性。

这个对象能够是null，可是这种话。就意味着app无条件信任认证的结果，这个过程可能被攻击。数据能够被篡改。这是app在这种情况下必须承担的风险。

因此。建议这个參数不要置为null。这个类的实例化有点麻烦，主要使用javax的security接口实现。