9

In Android fingerprint sample code FingerprintDialog, the method that starts fingerprint hardware FingerprintManager#authenticate takes a parameter of FingerprintManager.CryptoObject. According to the documentation, it's the object associated with the call or null if none required. The description is still not clear for me. Would someone explain when I should or should not use crypto Thanks.

Dino Tw
  • 3,167
  • 4
  • 34
  • 48

1 Answers1

11

The FingerprintDialog sample provided in the Android Samples is a bit dense so let's break down what's happening:

  1. Configure and generate cryptographic Keys. In this step you can specify that the Key can only be used if KeyGenParameterSpec.Builder.setAuthenticated(true).
  2. Initialize a Cipher object with the cipherMode (encrypt/decrypt) and the Key generated from Step 1
  3. Initialize a FingerprintCrypto.CryptoObject() with the Cipher from Step 2
  4. Start the Fingerprint scanner and pass in the CryptoObject from step 3 by calling FingerprintManager.authenticate()
  5. User successfully authenticates with their fingerprint. The Android OS will set the "authenticated" bit in the Key from 0 to 1.
  6. Now that the key has been authenticated for use, it can be used to do any crypto operation by calling Cipher.doFinal().

If you try to modify step 4 by passing in null to FingerprintManager.authenticate(), then step 6 will fail because you have not been authenticated to use the key.

Hope that helps.

Android Noob
  • 3,271
  • 4
  • 34
  • 60
  • 1
    First of all, thank you very much for your help. Regarding step 1, I assumed you meant `KeyGenParameterSpec.Builder.setUserAuthenticationRequired(boolean required)`. I tried passing null in step 4 before already. This time I tried to set step 1 to false and was able to call `Cipher.doFinal()` with result returned even before fingerprint authentication. The key has nothing to do with fingerprint authentication flow, it's just part of the sample code to demonstrate how to authenticate the use of the key. – Dino Tw Jan 13 '16 at 18:53
  • But the other question is, why do I have to authenticate the key that I create myself within the same program? – Dino Tw Jan 13 '16 at 19:55
  • 1
    By default the Keys in the Keystore can be used without any authentication. If you call setUserAuthenticationRequired with true then you have to use your fingerprint to use the key. – Android Noob Jan 13 '16 at 20:58
  • Yes, I figured out that part. But when do I want to call `setUserAuthenticationRequired` with true? – Dino Tw Jan 13 '16 at 22:03
  • I'm not a security expert but I would say that if you want to make it as hard as possible for an attacker to decrypt your stuff then setting setUserAuthenticationRequired to true would be a good idea. – Android Noob Jan 13 '16 at 22:05