3

From android 11 setUserAuthenticationValidityDurationSeconds are deprecated in favor of setUserAuthenticationParameters inside KeyGenParameterSpec.Builder but seams there is any support for previous versions.

so, what are best the solution ?

KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(...)
if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.R)
    builder.setUserAuthenticationParameters(timeout, KeyProperties.AUTH_DEVICE_CREDENTIAL | KeyProperties.AUTH_BIOMETRIC_STRONG);
else
    //noinspection deprecation
    builder.setUserAuthenticationValidityDurationSeconds(timeout);

this one?

Alessandro Scarozza
  • 4,273
  • 6
  • 31
  • 39

1 Answers1

8

You don't need to migrate the actual keys, when you are ready to support Android 11 you can just switch to something like this, (don't forget to set compileSdkVersion 30 for the new APIs)

val timeout = 30 //seconds
val builder = KeyGenParameterSpec.Builder(...)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
    builder.setUserAuthenticationParameters(timeout, 
       KeyProperties.AUTH_DEVICE_CREDENTIAL 
         or KeyProperties.AUTH_BIOMETRIC_STRONG
    )
} else {
    builder.setUserAuthenticationValidityDurationSeconds(timeout)
}

You can do this because internally setUserAuthenticationValidityDurationSeconds is doing the same thing. The only exception is if you are calling setUserAuthenticationValidityDurationSeconds with -1 as the timeout. In this case the equivalent with the new API is builder.setUserAuthenticationParameters(0, KeyProperties.AUTH_BIOMETRIC_STRONG).

You can check here the source code for both cases.

PS: The code above is minAPI 24, you need to wrap the code above in more build checks if you are at a lower API level.

MatPag
  • 41,742
  • 14
  • 105
  • 114
  • thanks i don't know why even if minsdk is lower than 30 we not receive any warning by android studio abount lev 30 required. i receive much "method not found" crash in prodution :( – Alessandro Scarozza Feb 06 '21 at 18:50