1

I'm using FingerprintManager for login process. I'm expecting a KeyPermanentlyInvalidatedException exception when user adds a new Fingerprint to the existing set. I use this exception to show a appropriate dialog to user during login.

In Samsung devices, this exception is not thrown which is causing the issue.

        keyStore.load(null);
        final PrivateKey privateKey = (PrivateKey) keyStore.getKey(KEY_NAME, KEY_PASSWORD);
        final Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(privateKey);

Any leads please?

sha
  • 1,410
  • 2
  • 18
  • 37
  • Which device(s) specifically? Also, what happens when you try to complete the signature? I would suspect that you get some kind of exception at that point. – Michael Jan 29 '19 at 08:51
  • @Michael Tested this on Samsung S9. What do you mean by completing signature? I'm using this `signature` to create a `CryptoObject` which is then passed to `FingerpintManager.authenticate()` method. – sha Jan 29 '19 at 20:52
  • I mean when you actually try to perform the signature, as opposed to just initializing the `Signature` instance. I know that the exception is supposed to be thrown at init, but I've seen similar problems (on different devices and under slightly different circumstances), and my experience was that although the init call appeared successful, I would get some kind of exception when I tried to actually complete the cryptographic operation. – Michael Jan 30 '19 at 10:13

0 Answers0