This version is compatible with androidx.biometric
. If you do not want to use androidx.biometric
, feel free to use older version of Goldfinger.
implementation 'co.infinum:goldfinger:2.0.0-RC2'
Goldfinger.Builder(context).build()
if (goldfinger.canAuthenticate()) {
/* Authenticate */
}
PromptParams are directly linked to BiometricPrompt.PromptInfo so be sure to read which parameters are required.
Goldfinger.PromptParams params = new Goldfinger.PromptParams.Builder(activity)
.title("Title")
.negativeButtonText("Cancel")
.description("Description")
.subtitle("Subtitle")
.build();
goldfinger.authenticate(params, new Goldfinger.Callback() {
@Override
public void onError(@NonNull Exception e) {
/* Critical error happened */
}
@Override
public void onResult(@NonNull Goldfinger.Result result) {
/* Result received */
}
});
You can see all Goldfinger methods here.
Goldfinger has separate Rx module in case you want to use reactive approach.
implementation 'co.infinum:goldfinger:2.0.0-RC2'
implementation 'co.infinum:goldfinger-rx:2.0.0-RC2'
RxGoldfinger.Builder(context).build()
goldfinger.authenticate(params).subscribe(new DisposableObserver<Goldfinger.Result>() {
@Override
public void onComplete() {
/* Fingerprint authentication is finished */
}
@Override
public void onError(Throwable e) {
/* Critical error happened */
}
@Override
public void onNext(Goldfinger.Result result) {
/* Result received */
}
});
You can see all RxGoldfinger methods here.
To use the Android Fingerprint API you must:
- Create a new or load an existing
SecretKey
- Create a
Cipher
with a created or loadedSecretKey
- Create a
CryptoObject
with a createdCipher
- Start Fingerprint authentication with a created
CryptoObject
- Create
BiometricPrompt.PromptInfo
object - Handle possible exceptions at every step due to complexity of the Android Fingerprint API
The CryptoObject
is locked when created and it is unlocked when the user successfully authenticates. Once it is unlocked, you can use it to cipher data.
Fingerprint authentication is used to either:
- Authenticate the user, e.g. for payment
- Perform encryption or decryption operations over user’s case-sensitive information, e.g. passwords
Goldfinger wraps everything mentioned and provides an intuitive and easy-to-use interface.
If you don’t like Default implementations, you can easily modify them using Goldfinger.Builder
object.
Goldfinger.Builder(context)
.logEnabled(true)
.cryptoObjectFactory(factory)
.cryptographyHandler(cryptographyHandler)
.build()
Logging is off by default. You can enable it by calling Goldfinger.Builder(context).logEnabled(true)
.
Creating a CryptoObject
is a complicated process that has multiple steps. CryptoObjectFactory
allows you to modify CryptoObject
creation and adjust it to your needs.
new CryptoObjectFactory() {
@Nullable
@Override
public BiometricPrompt.CryptoObject createEncryptionCryptoObject(@NonNull String keyName) {}
@Nullable
@Override
public BiometricPrompt.CryptoObject createDecryptionCryptoObject(@NonNull String keyName) {}
};
All methods should return a CryptoObject
instance or a null
value if an error happens during object creation.
You can find the default implementation here.
Goldfinger automatically handles encryption and decryption operations via a CryptographyHandler
implementation which you can implement yourself in case you want a custom cipher.
new CryptographyHandler() {
@Nullable
@Override
public String encrypt(@NonNull BiometricPrompt.CryptoObject cryptoObject, @NonNull String value) {}
@Nullable
@Override
public String decrypt(@NonNull BiometricPrompt.CryptoObject cryptoObject, @NonNull String value) {}
}
CryptographyHandler
methods receive an unlocked CryptoObject
and a String
value. The return value should be ciphered value
or null
if an error happens.
The default CryptographyHandler
implementation can be found here.
- Android Oreo does not throw
KeyPermanentlyInvalidatedException
- Link
Feedback and code contributions are very much welcome. Just make a pull request with a short description of your changes. By making contributions to this project you give permission for your code to be used under the same license.
Copyright 2018 Infinum
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Maintained and sponsored by Infinum.