selflender / react-native-biometrics Goto Github PK

Ok, so i'm trying to figured out how to get public key and store it inside keystore without having to use biometric authentication. I just want to get it just when user's device is capable of biometrical authentication (has a fingerprint scanner or so) but without prompt for fingerprint. It's a case when i'd like to sent public key (at the begging - let's say at registration process) onto my server, and left choice for using biometric auth for user whenever he needs it (or have set it in settings menu).
Thanks

Btw. very useful lib, thank you!

after the verification of my fingerprint then cancel the dialog. It gives an error

The callback createSignature() exists in module ReactNativeBiometrics, but only one callback may be registered to a function in native module

I am trying to use this biometrics but after I've created and stored the public key, it never matches with the signature generated afterward with the same finger. How can I verify the fingerPrint?

Test Code:

  registerFingerPrint = () => {
    Biometrics.isSensorAvailable()
    .then((biometryType) => {
      if (biometryType === Biometrics.TouchID) {
        Biometrics.createKeys('Confirm fingerprint')
        .then((publicKey) => {
          console.log("create", publicKey)
          this.setState({
            create: publicKey
          })
        })
      } 
    })
  }

  fingerPrintCheck = () => {
    Biometrics.createSignature('Sign in', payload)
    .then((signature) => {
      if (this.state.create === signature){
        console.log("success");
      }else {
        console.log('failure'); //always returns failure here
      }
    })
  }

  render() {
    return (
      <View style={styles.container}>

        <TouchableHighlight onPress={()=> this.registerFingerPrint()}>
          <Text style={{ marginBottom: 10}}>
            Register
          </Text>
        </TouchableHighlight>

        <TouchableHighlight onPress={()=> this.fingerPrintCheck()}>
          <Text>
            Authenticate with Biometrics
          </Text>
        </TouchableHighlight>
      </View>
    );
  }
}

I am calling "Biometrics.createSignature('Please authenticate to proceed.', payload)" in componentDidMount function but it doesn't open alert for biometric authentication but when I touch fingerprint button then it appears for authentication.
I have faced this issue in library version 1.6.0 and updated to 1.7.0 but still facing same.

Unable to link module: Spawn Error

Is possible to change the language for the dialog that shows when calling the simplePrompt function?

Loading dependency graph, done.
error: bundling failed: Error: While trying to resolve module react-native-biometrics from file //Documents/GitHub//class/biometrics.js, the package /Documents/GitHub//node_modules/react-native-biometrics/package.json was successfully found. However, this package itself specifies a main module field that could not be resolved (/Users//Documents/GitHub//node_modules/react-native-biometrics/build/cjs/index.js. Indeed, none of these files exist:

• /Users//Documents/GitHub//node_modules/react-native-biometrics/build/cjs/index.js(.native||.ios.js|.native.js|.js|.ios.json|.native.json|.json|.ios.ts|.native.ts|.ts|.ios.tsx|.native.tsx|.tsx)
• /Users//Documents/GitHub//node_modules/react-native-biometrics/build/cjs/index.js/index(.native||.ios.js|.native.js|.js|.ios.json|.native.json|.json|.ios.ts|.native.ts|.ts|.ios.tsx|.native.tsx|.tsx)
  at ResolutionRequest.resolveDependency (/Users//Documents/GitHub//node_modules/metro/src/node-haste/DependencyGraph/ResolutionRequest.js:65:15)
  at DependencyGraph.resolveDependency (/Users//Documents/GitHub//node_modules/metro/src/node-haste/DependencyGraph.js:283:16)
  at Object.resolve (/Users//Documents/GitHub//node_modules/metro/src/lib/transformHelpers.js:264:42)
  at dependencies.map.result (/Users//Documents/GitHub//node_modules/metro/src/DeltaBundler/traverseDependencies.js:399:31)
  at Array.map ()
  at resolveDependencies (/Users//Documents/GitHub//node_modules/metro/src/DeltaBundler/traverseDependencies.js:396:18)
  at /Users//Documents/GitHub//node_modules/metro/src/DeltaBundler/traverseDependencies.js:269:33
  at Generator.next ()
  at asyncGeneratorStep (/Documents/GitHub//node_modules/metro/src/DeltaBundler/traverseDependencies.js:87:24)
  at _next (//Documents/GitHub//node_modules/metro/src/DeltaBundler/traverseDependencies.js:107:9)

Hi

Is it correct, that this library is only for creating and storing public/private key pairs and doesn't support storing custom values like a hashed pin code? I was looking for something like react-native-keychain, but it turns out, it doesn't support Android biometrics.

Best regards
Jens

please add some method to check if key was generated and stored before calling createSignature

Would be nice to have TS definitions file so we can have autocomplete

This class was deprecated in API level 28.
See BiometricPrompt.CryptoObject
https://developer.android.com/reference/android/hardware/fingerprint/FingerprintManager.CryptoObject

I am trying to check if face recognition and fingerprint is available in a phone or not by the below code:

 Biometrics.isSensorAvailable()
        .then((biometryType) => {

                
                if (biometryType === Biometrics.TouchID) {
                    console.log('fingerprint')
                    this.setState({ finger: true })
                }

                if (biometryType === Biometrics.FaceID) {
                    console.log('face Recognition')
                  this.setState({ false: true })
              } 
            })

Its working fine in case of finger print but unable to detect face recognition sensor.
I have tested it in android (Samsung S10 Plus).

"react": "16.9.0",
"react-native": "0.61.2",
"react-native-biometrics": "^1.6.1"

Hello, I want to ask about how to custom prompt dialog view ? Thanks

I saw this post already:
#21

And their proposed solution was right here:
https://gist.github.com/lkdocs/6519372

I am using the node-rsa package right now to try to mimic what they are doing but I keep getting into this issue where it's like invalid ASN1 Error. Is there an example of this being done on the Node JS side?

I am getting that error on the first step of importKey:

const pubKey = `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynY5oEuJ0/qv3KPZWJdcfUGIIBNWq30NnUS201XyV4B1aP7lTO+TrlDiWsWLon+JDd5H30/NS0dihQoxWXgco4l1xiRotgaDT9p1FlVeNm/z49Ybb0zOxMhDy950Y4TwjyP03PJAV7FqdHbJNlTnmoWpHW8JdzJP4DfzXAQdnq9SIG+fARo+2W+NxTYpH2meby1PdrBjEAiqc/nguJj4u/RC2Utol+cGEZoSfSjuVzHLEcNpjYGXRi/432GpCgWeSTbft+qv3ei/R1GrLya8P5k2426w6eI1OPR4p/Cw+PwRcM+J28NMgH5pPwRWkVletGuivIwxzXgdDgYlHlRGewIDAQAB`
const key = new NodeRSA();
const signer = key.importKey(pubKey, ‘pkcs1-public-pem’);

Hello, I got this issues in my tracker related to this repository apparently.
Error detecting fingerprint availability it's only occurring on Android on devices which looks to doesn't have Fingerprints feature, most of them (more than 65% are Samsung devices).

But since I'm using the method isSensorAvailable it shouldn't throw an error, isn't it ?

Thanks for the help, or advices.

I use 2.0.0 version and not understand, how to import and use react-native-biometrics in Typescript?

Please, write a simple example, how import and use any function.

Thanks

Hello,

I'm having issues with the package on rooted phones. The Biometrics.isSensorAvailable() function crashes the app as soon as the app starts. Can you look into it please ?

I can't set new biometric registry, I want to add new fingerprint but the input fingerprint only authorize the given fingerprint in the security. Which basically only allows the owner of the device to use it...

Hello,
I'm wondering, if a user already created a keypair :

  Biometrics.createKeys('Confirm fingerprint in order to activate it')
          .then((publicKey) => {
            console.log(publicKey)
          })

The next time he do that, if the key already exist, how does your lib works ? Does it create a new_publicKey and keep the private one on the keychain ? Or does it modify both ?
Sorry for the small issues, not usefull, but I just would like to know...

Moreover, how does it works in case of multi account on the same device ?
Let's say, I'm connect with my account A, I'm activating touchID on my application, it's creating a first keypair. Then I loggout, and one of my friend's connecting to his account B, and activate touchID. How does the Biometrics will know which private key to use when creating a new signature with encrypted data...?

I am trying to verify biomatric signature using the code in java with public key not not able to verify .
Please help me to know which algorithm i should use.
Below are sample

PUBLIC KEY 001

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRAOJkDdfryjDUIl11coCPok25bCW8K7GhrxHA9tC7GUmuWPZtAGN+Nf25E8SV8BZRRx7T0p26IShzwcP5mHYJczERy7s3DDqrsAnmf2YFAv7VYYibSGhmvVBPJCWbt5SsiP5WhskUOvc/96LRKt6N2ubaH/0UN59VtWIIy0FoZdi6lhyqbFFTV/IfTT1m7UspRz8MtXtS5bahurwLtYGw173rxQ2MXZWyGgVUv75lQ3KdPV59eTMXwwmzVTBvkA5pyq/yn+Kc3xzzEj8uafaUpl9y9yjfdAY+T+dRKsrEhEkmITcl1kj9G5nID1rSJCG9VVP+6dtwK6KqKeIYf9lwIDAQAB

CERTIFICATE 001

lO1qCyAL9cGgor3tgclwLQm8o7OBnvTM9rR3HlLyhCyclprDp1Z01nA7LmN1prClE5PjBGNSUKREssRv42lGmutTNkgDrzRG+sMPraVjw5eJUqEHTpp9E122pHpp1W1pCV6kQBtFXigZe9h5Vms/fUmieK9jkmzmJfJOv28KnDMmAGIFEyTmkZ0/PeVfOldmF6xsjsownZKiIVnw6ZZgEIUG6yTe2gA6Xh174uNP9HuDI2KgivhXWOoxyiE0U+Ri9lccXn40iKoVe5m+SD0TRFepSHf//GdXi0t7WtYMbTTG48ots7gfcctafoRE4PBn6jbg/R5RIkCrj7m+U9X3jw==

JIExsj8aLTRUM0OVfoBPaKR2h4oqtEDUo5NPy6EsAAYnsVvGHERCikl1ctTv2k3RHcgZUqmdcCfT2Uekxi3efblFLdB5Mvjl8Ju+RXRNZT5813GLahhtDjgiAM3W4pTxIAsRFbsNPY0O4NfKQXqDYcReI+7P+nR/QzmM5SIB2cc+k+nrcPpGA6gihyrY++se7itPz/ImG8fL6QdZdyD5i5gZAWVXhZTeEdLOOKGDIzPsxUBTIwJm4B+saBwj+sfa48w47ueLPDnU6ayGqsFE3mOZmV6L+EoTJT7R9WIKNFa3QGfxD/bew6zfWoms4qx/hI+TdxxgTfTOc/lRtVlrgg==

LJMTn1IwmyxyFfeNxOCcWrsCFwdJY8ANQ5iyzfgPn2Y1rs/e5xzO011867k5uBV25MvY+6WhF51QjdIxuRw8DzalXrsGRtN62rfYrQDqX/VErjaQEDG5YkV3tc/zhGbjhLJtUpvbwnXyHA+LI96MNQTEPXDwwNmEKMN7Ia8xIi/5fuNYbc0aLM6r9c63tD8u5l3K8tAkVByWHKcRfrYXL4sxL7hGQSOFtnCEDRPud9J9SNHpD4OcqpvzVKwFOHMHssKo3MCsAhVkTFkIohQoj5d812h1HWixxshilErIIQvuWhjBhkbbSrREk1FTYtlkh+nh0f8CqGSpy+sbxVYfUw==

Sorry for posting questions here, but from what I understand in the README, this library creates a key pair and stores it on the phone, and just uses the fingerprint to access the private key, which could remain the same if the user changes the fingerprint, right?

nice work with the library btw, cheers 🍺

Hello,

This package causes the app to crash on certain devices. I'll put the list below. Thanks 😄

Samsung Galaxy J4+ (SM-J415FN)
Samsung Galaxy J3 2017 (SM-J330FN)
Samsung A3 2015 (SM-A300FU)

Possible to configure the fallback option "Enter Passcode" such as Enable or Disable?
If Enable, maybe a callback?

I am actually not entirely sure whether all the libraries need to opt into using AndroidX to support [email protected] nor how hard it is for a library to support it. I haven't got a chance to upgrade the project to use [email protected] to test out things but could you have a look into updating the library to use AndroidX?

First things first, the lib looks awesome and the public/private keys are great, thank you for releasing it for the public!

Haven't tried it yet (still researching the subject), but I have a small suggestion which will make it much more versatile. A simple method authenticate() (similar to the one found in react-native-touch-id lib) would be very helpful. Thus, I'll be able to use the lib in many ways. I have use cases where just a simple "confirmation" is required, and being able not to contact the server for such wold be awesome.

TouchID is working fine on iOS 13.1.3 but not on old version; is current package version required latest iOS version?

Do you guys have any plans to add the new biometrics API from Android P?

Hi,

Thanks for your recent release, It works pretty well in most scenarios, however, I cant see the cancel button if the device has an in-display fingerprint (I am using OnePlus 6T). It seems to be after trying out version 2.1.1, i was able to cancel the in-display fingerprint in previous version [1.6.*].

could you please clarify if this was removed intentionally or more of a bug?

Thanks again.
Cheers.

Hi,
I am able to successfully create PublicKey and Signature that I send back to server.
Server Code is written in LifeRay (Java). I am not able to decode the signature with Generated publicKey.
Any help in this will be highly appreciated.

Android SDK 28 introduces a new Biometrics API with a standard dialog prompt.

It also features a compat library for previous Android versions which is meant to offer a consistent experience.

I looked at the source code and it seems like it still uses the now deprecated FingerprintManager.

Would you be interested in replacing the old API with the new one?

Open up android/app/src/main/java/[...]/MainActivity.java
Add import com.rnbiometrics.ReactNativeBiometricsPackage; to the imports at the top of the file
Add new ReactNativeBiometricsPackage() to the list returned by the getPackages() method
Append the following lines to android/settings.gradle:

it's not realling MainActivity.java the class where you should add the import and where getPackages is, but MainApplication

:)

Hello just saw a warning.
It's actually not a issue, or bug report (maybe ?), it's just that I wanted to share it to the owner of this repository.
I'm doing a deleteKeys() as soon as the user logout on my app. It appears that deleteKeys() was returning this warning if no private key was set before.
See below :

I just added a check to don't call this method if not needed on my code on my side.
Maybe, would be worth to add a check on the lib directly... ?

Thank you,

Why not a module without any dialogs on Android？The user interface can not custom.

Hey,

I am getting a crash on iOS with an error Thread: signal SIGABRT. Basically a thread that runs the package crashes. My app works on android. I am running the package on react-native 0.59.8.

Here is my stack trace.

(
0 CoreFoundation 0x0000000115ebc1bb __exceptionPreprocess + 331
1 libobjc.A.dylib 0x0000000114fe6735 objc_exception_throw + 48
2 CoreFoundation 0x0000000115ebc015 +[NSException raise:format:] + 197
3 LocalAuthentication 0x0000000117092a08 __50-[LAContext evaluatePolicy:localizedReason:reply:]_block_invoke + 113
4 LocalAuthentication 0x0000000117092c56 __50-[LAContext evaluatePolicy:localizedReason:reply:]_block_invoke.108 + 16
5 libsystem_trace.dylib 0x000000011774d742 _os_activity_initiate_impl + 53
6 LocalAuthentication 0x000000011709290b -[LAContext evaluatePolicy:localizedReason:reply:] + 307
7 RentProfile 0x000000010f0f560a __56-[ReactNativeBiometrics simplePrompt:resolver:rejecter:]_block_invoke + 182
8 libdispatch.dylib 0x0000000117454595 _dispatch_call_block_and_release + 12
9 libdispatch.dylib 0x0000000117455602 _dispatch_client_callout + 8
10 libdispatch.dylib 0x0000000117458064 _dispatch_queue_override_invoke + 1028
11 libdispatch.dylib 0x000000011746600a _dispatch_root_queue_drain + 351
12 libdispatch.dylib 0x00000001174669af _dispatch_worker_thread2 + 130
13 libsystem_pthread.dylib 0x000000011783e6b3 _pthread_wqthread + 583
14 libsystem_pthread.dylib 0x000000011783e3fd start_wqthread + 13
)

Would appreciate some help with this.

How can the service be verified to be safe? Can it provide an idea?

After updating my iPhone to iOS13 the TouchID pop-up sometime rises after random timeout.
Sometime pop-up rises only after touching the TouchID sensor.
Timeout is random - from almost 0 to seconds.

Hello!
I have expo project.
I installed package, then I linked package into a project
via
react-native link react-native-biometrics

But I got the error message
https://monosnap.com/file/BuKsNgXEo4vjnkMgvMWCNloAdnPMay

I know this is the package that is aimed to be used for sending the public key to the server. But this time, i just want to use this to encrypt and store many other things.

So i wish we can have the

publicKeyEncryptMessage(payload,publicKey)
privateKeyEncryptMessage(payload,promptMessage)
publicKeyDecryptMessage(encryptedPayload,publicKey)
privateKeyDecryptMessage(encryptedPayload,promptMessage)

since the algorithm to encrypt and decrypt is the same for RSA, then we can just simplify to

processPublicKey(payload,publicKey) 
processPrivateKey(payload, promptMessage) 

and all of them return the value after RSA process.

So we can have a library that use the biometrics for anything we want to make it secure and not only limited to the scenario that the public key must be stored in server.

Hi,

After upgrading to version 2.1.2, I started getting the error "TypeError: null is not an object (evaluating 'bridge.isSensorAvailable')", how can i fix? For now, I made a downgrade and I'm using version 2.1.1.

Best regards,
Marcos Vaz.

Google Play will soon require that apps target API level 26 or higher. This will be required for new apps in August 2018, and for updates to existing apps in November 2018

In the second half of 2018, Google Play will require that new apps and app updates target API level 26 or higher. This will be required for new apps in August 2018, and for updates to existing apps in November 2018. Configuring your app to target a recent API level ensures that users benefit from significant security and performance improvements, while still allowing your app to run on older Android versions (down to the minSdkVersion). This lint check starts warning you some months before these changes go into effect if your targetSdkVersion is 25 or lower. This is intended to give you a heads up to update your app, since depending on your current targetSdkVersion the work can be nontrivial. To update your targetSdkVersion, follow the steps from "Meeting Google Play requirements for target API level", https://developer.android.com/distribute/best-practices/develop/target-sdk.html Issue id: ExpiringTargetSdkVersion More info: https://support.google.com/googleplay/android-developer/answer/113469#targetsdk https://developer.android.com/distribute/best-practices/develop/target-sdk.html

Ok so to test this I made a brand new application and tried this lib and it works great.
Then I installed this into our app and then get this error.

Possible Unhandled Promise Rejection (id: 0):
06-15 17:55:38.323 13994 14660 W ReactNativeJS: Error: Error generating signature
06-15 17:55:38.323 13994 14660 W ReactNativeJS: createErrorFromErrorData@http://localhost:8081/index.delta?platform=android&dev=true&minify=false:2106:26
06-15 17:55:38.323 13994 14660 W ReactNativeJS: http://localhost:8081/index.delta?platform=android&dev=true&minify=false:2058:51
06-15 17:55:38.323 13994 14660 W ReactNativeJS: __invokeCallback@http://localhost:8081/index.delta?platform=android&dev=true&minify=false:2625:23
06-15 17:55:38.323 13994 14660 W ReactNativeJS: http://localhost:8081/index.delta?platform=android&dev=true&minify=false:2356:34
06-15 17:55:38.323 13994 14660 W ReactNativeJS: __guard@http://localhost:8081/index.delta?platform=android&dev=true&minify=false:2529:15
06-15 17:55:38.323 13994 14660 W ReactNativeJS: invokeCallbackAndReturnFlushedQueue@http://localhost:8081/index.delta?platform=android&dev=true&minify=false:2355:21
06-15 17:55:38.323 13994 14660 W ReactNativeJS: invokeCallbackAndReturnFlushedQueue@[native code]

When you fail with touchID a new option is presented by iOS:

It can be set as hidden with 1 line of code:
https://stackoverflow.com/questions/28103575/how-to-remove-enter-password-and-cancel-button-from-touch-id-alert-view

It will be nice to have an option to handle this or at least to be hidden by default.

So I am using the library and when I click cancel on the fingerprint prompt or failed the fingerprint prompt, it gives the same error making them indistinguishable:

Could not confirm fingerprint

Maybe I am not looking hard enough, but is there a way for me to distinguish these errors. I want to show something on fingerprint failure, but nothing on cancel.

Couple Samsung users have

Error displaying local biometric prompt: must have com.samsung.android.bio.face.permission.USE_FACE or android.permission.USE_BIOMETRIC permission.

That happens when in Preferred biometric is selected Face recignition.

Any ideas how to fix it?

So I am doing this in the code:

const result = await Biometrics.createSignature('Confirm Fingerprint', '');

I log the result and I get a signature coming back. However according to the docs when I call that function, I should get a prompt for fingerprint. And I don't get that. I don't see any errors either. It just automatically and successfully gives me the signature. Oddly enough, if I use the simplePrompt function and createKeys function, the prompt shows up.

I am testing this on the an iOS simulator. I also tried to copy the exact same code the example has in the docs and I still can't get this prompt to show up. What am I doing wrong?

Hey I wanna record this issue, I already created a PR for this

FAILURE: Build failed with an exception.

• What went wrong:
  A problem occurred configuring project ':react-native-biometrics'.

Could not resolve all artifacts for configuration ':react-native-biometrics:classpath'.
Could not find aapt2-proto.jar (com.android.tools.build:aapt2-proto:0.3.1).
Searched in the following locations:
https://jcenter.bintray.com/com/android/tools/build/aapt2-proto/0.3.1/aapt2-proto-0.3.1.jar

Only have to change the order of google() and jcenter() to make this work. I will be using my fork until you merge this

#29

Thanks

How to detect and direct user to setting in case biometric is not configured at all on device.

Consider I have integrated this library on my app and want to use it for biometric auth. But user have not added any finger print or face id on the device at all.

How this situation is handled.