biometric unlock: SetInvalidatedByBiometricEnrollment(false) for API level >= 24
This commit is contained in:
Philipp Crocoll
@@ -176,6 +176,7 @@ namespace keepass2android
|
|||||||
|
|
||||||
public void StopListening()
|
public void StopListening()
|
||||||
{
|
{
|
||||||
|
Kp2aLog.Log("Fingerprint: StopListening " + (_biometricPrompt != null ? " having prompt " : " without prompt"));
|
||||||
_biometricAuthCallbackAdapter?.IgnoreNextError();
|
_biometricAuthCallbackAdapter?.IgnoreNextError();
|
||||||
_biometricPrompt?.CancelAuthentication();
|
_biometricPrompt?.CancelAuthentication();
|
||||||
}
|
}
|
||||||
@@ -272,7 +273,24 @@ namespace keepass2android
|
|||||||
try
|
try
|
||||||
{
|
{
|
||||||
_keystore.Load(null);
|
_keystore.Load(null);
|
||||||
|
var aliases = _keystore.Aliases();
|
||||||
|
if (aliases == null)
|
||||||
|
{
|
||||||
|
Kp2aLog.Log("KS: no aliases");
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
while (aliases.HasMoreElements)
|
||||||
|
{
|
||||||
|
var o = aliases.NextElement();
|
||||||
|
Kp2aLog.Log("alias: " + o?.ToString());
|
||||||
|
}
|
||||||
|
Kp2aLog.Log("KS: end aliases");
|
||||||
|
|
||||||
|
}
|
||||||
var key = _keystore.GetKey(GetAlias(_keyId), null);
|
var key = _keystore.GetKey(GetAlias(_keyId), null);
|
||||||
|
if (key == null)
|
||||||
|
throw new Exception("Failed to init cipher for fingerprint Init: key is null");
|
||||||
var ivParams = new IvParameterSpec(_iv);
|
var ivParams = new IvParameterSpec(_iv);
|
||||||
_cipher.Init(CipherMode.DecryptMode, key, ivParams);
|
_cipher.Init(CipherMode.DecryptMode, key, ivParams);
|
||||||
|
|
||||||
@@ -286,27 +304,27 @@ namespace keepass2android
|
|||||||
}
|
}
|
||||||
catch (KeyStoreException e)
|
catch (KeyStoreException e)
|
||||||
{
|
{
|
||||||
throw new RuntimeException(FailedToInitCipher, e);
|
throw new RuntimeException(FailedToInitCipher + " (keystore)", e);
|
||||||
}
|
}
|
||||||
catch (CertificateException e)
|
catch (CertificateException e)
|
||||||
{
|
{
|
||||||
throw new RuntimeException(FailedToInitCipher, e);
|
throw new RuntimeException(FailedToInitCipher + " (CertificateException)", e);
|
||||||
}
|
}
|
||||||
catch (UnrecoverableKeyException e)
|
catch (UnrecoverableKeyException e)
|
||||||
{
|
{
|
||||||
throw new RuntimeException(FailedToInitCipher, e);
|
throw new RuntimeException(FailedToInitCipher + " (UnrecoverableKeyException)", e);
|
||||||
}
|
}
|
||||||
catch (IOException e)
|
catch (IOException e)
|
||||||
{
|
{
|
||||||
throw new RuntimeException(FailedToInitCipher, e);
|
throw new RuntimeException(FailedToInitCipher + " (IOException)", e);
|
||||||
}
|
}
|
||||||
catch (NoSuchAlgorithmException e)
|
catch (NoSuchAlgorithmException e)
|
||||||
{
|
{
|
||||||
throw new RuntimeException(FailedToInitCipher, e);
|
throw new RuntimeException(FailedToInitCipher + " (NoSuchAlgorithmException)", e);
|
||||||
}
|
}
|
||||||
catch (InvalidKeyException e)
|
catch (InvalidKeyException e)
|
||||||
{
|
{
|
||||||
throw new RuntimeException(FailedToInitCipher, e);
|
throw new RuntimeException(FailedToInitCipher + " (InvalidKeyException)" + e.ToString(), e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -349,14 +367,19 @@ namespace keepass2android
|
|||||||
try
|
try
|
||||||
{
|
{
|
||||||
_keystore.Load(null);
|
_keystore.Load(null);
|
||||||
_keyGen.Init(new KeyGenParameterSpec.Builder(GetAlias(_keyId),
|
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(GetAlias(_keyId),
|
||||||
KeyStorePurpose.Encrypt | KeyStorePurpose.Decrypt)
|
KeyStorePurpose.Encrypt | KeyStorePurpose.Decrypt)
|
||||||
.SetBlockModes(KeyProperties.BlockModeCbc)
|
.SetBlockModes(KeyProperties.BlockModeCbc)
|
||||||
// Require the user to authenticate with biometry to authorize every use
|
// Require the user to authenticate with biometry to authorize every use
|
||||||
// of the key
|
// of the key
|
||||||
.SetEncryptionPaddings(KeyProperties.EncryptionPaddingPkcs7)
|
.SetEncryptionPaddings(KeyProperties.EncryptionPaddingPkcs7)
|
||||||
.SetUserAuthenticationRequired(true)
|
.SetUserAuthenticationRequired(true);
|
||||||
|
|
||||||
|
if ((int)Build.VERSION.SdkInt >= 24)
|
||||||
|
builder.SetInvalidatedByBiometricEnrollment(false);
|
||||||
|
|
||||||
|
_keyGen.Init(
|
||||||
|
builder
|
||||||
.Build());
|
.Build());
|
||||||
_keyGen.GenerateKey();
|
_keyGen.GenerateKey();
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -51,6 +51,7 @@
|
|||||||
<AndroidEnableProfiledAot>false</AndroidEnableProfiledAot>
|
<AndroidEnableProfiledAot>false</AndroidEnableProfiledAot>
|
||||||
<MandroidI18n />
|
<MandroidI18n />
|
||||||
<AndroidLinkTool>r8</AndroidLinkTool>
|
<AndroidLinkTool>r8</AndroidLinkTool>
|
||||||
|
<AndroidUseAapt2>false</AndroidUseAapt2>
|
||||||
</PropertyGroup>
|
</PropertyGroup>
|
||||||
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
|
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
|
||||||
<DebugType>full</DebugType>
|
<DebugType>full</DebugType>
|
||||||
|
|||||||
Reference in New Issue
Block a user