fail to detect new fingerprint enrolled

[codingjeremy]

Issue by jiazhao2048
Monday Sep 05, 2016 at 10:12 GMT
Originally opened as googlearchive/android-FingerprintDialog#35

---

Hi, I test this app on Nexus5x and Samsung s6. It both fail to detect that a new fingerprint is enrolled.

What I was do:

1. kill the app (not delete the app).
2. enroll a new fingerprint.
3. launch the app and click "purchase" button

It works out of expect and the new fingerprint also "purchase" successfully.

If the app is designed to work like this.So, how can I detect the change of fingerprint catalog? I need the user to re-input the password when the fingerprint cataglog is changed because of the security requirement.

Glad to see your reply soon. Thanks!

[codingjeremy]

Comment by thagikura
Monday Sep 05, 2016 at 12:54 GMT

---

Hi,

Let me confirm, the expected behavior of enrolling a new fingerprint for the app is asking you the password with a checkbox saying use fingerprint in future.

So when you do like following:

• Enroll a fingerprint 1
• Open the app
• Purchase the item with the fingerprint, then succeed. (Keep the app open)
• Enroll another fingerprint 2
• Purchase the item in the app
• The app asks you the password

When I tried the app in my end, it worked correctly.
Could you confirm the behavior and let me know if it still doesn't work?

[codingjeremy]

Comment by jiazhao2048
Tuesday Sep 06, 2016 at 04:12 GMT

---

Thanks for reply.

You can reproduce the bug I found in this way

1. Enroll a fingerprint 1
2. Open the app
3. Purchase the item with the fingerprint, then succeed.
4. ** Kill the app ( it means you exit the app totally )
5. Enroll another fingerprint 2
6. Purchase the item in the app with fingerprint2, then succeed.

I read the source code and found the reason.

The creatKey( ) function is called in MainActivity->onCreate() method. Thus when the app relaunch the key is regenerated and the app can't detect the change of the fingerprint.

I creat a variate to keep the status the app's first launch and use it to decise call createKey() or not. It works as expected.

[codingjeremy]

Comment by jiazhao2048
Tuesday Sep 06, 2016 at 04:47 GMT

---

By the way I also found that the app won't require me to input the password when I delete an exsitent fingerprint.

1. Enroll fingerprint1
2. Enroll fingerprint2
3. launch the app and I can purchase with fingerprint1/fingerprint2 as expect
4. keep the app open and delete the fingerprint2
5. purchase item with fingerprint1 successfully
6. fail to purchase item with fingerprint2

I'm curious about how the app works. As I known the creatKey( ) is called at first time the app launch . How the key store in the app?

Do I ask a bad question?
Can you give me some useful information?

[codingjeremy]

Comment by coobing17
Thursday Apr 05, 2018 at 04:24 GMT

---

"I creat a variate to keep the status the app's first launch and use it to decise call createKey() or not. It works as expected."

can you tell me your variate code... @jiazhao2048

[codingjeremy]

Comment by IsracardTeam
Tuesday Apr 10, 2018 at 12:53 GMT

---

@bill-yudhistira @jiazhao2048 did you find a solution for this ?

[codingjeremy]

Comment by fkie4ibm
Thursday Nov 22, 2018 at 01:47 GMT

---

I can get all finger id in integers.

private void getFingerprintInfo(Context context)
{
try {
FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
Method method = FingerprintManager.class.getDeclaredMethod("getEnrolledFingerprints");
Object obj = method.invoke(fingerprintManager);

    if (obj != null) {
        Class<?> clazz = Class.forName("android.hardware.fingerprint.Fingerprint");
        Method getFingerId = clazz.getDeclaredMethod("getFingerId");

        for (int i = 0; i < ((List) obj).size(); i++)
        {
            Object item = ((List) obj).get(i);
            if(item != null)
            {
                System.out.println("fkie4. fingerId: " + getFingerId.invoke(item));
            }
        }
    }
} catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException | ClassNotFoundException e) {
    e.printStackTrace();
}

}
please refer to this: https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/hardware/fingerprint/Fingerprint.java

there is a public method getFingerId( ), but it is not available for us to call because it has "@UnsupportedAppUsage".

so you need to use reflection to call the method. after you get a list of fingerprint id, you can encrypt them and store in sharedPreference.

Finger id is the id of the fingerprints stored in setting

After you get all finger ids, you can determine if user has added/deleted a fingerprint.

No need to count on the KeyPermanentlyInvalidatedException. It is not thrown in Android 8.0

Google didn't do such a good job....

[codingjeremy]

Comment by ddeath
Monday Dec 03, 2018 at 13:59 GMT

---

@thagikura I tried it with your flow and it did not ask for a password. I was using phone with android 7.

[Morteza-Rastgoo]

When a new fingerprint is enrolled, with running initCipher, I expect to get KeyPermanentlyInvalidatedException but it returns true. what am I missing and how to fix this to get to know when a new fingerprint is added?