version 1.3.0

* Fixed issue #85 No token returned when using PIN backup
mjwheatley · Jun 15, 2017 · b1eefa2 · b1eefa2
1 parent b9cfb37
commit b1eefa2
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 25 deletions.
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# Update to Version 1.2.0
+# Update to Version 1.3.0
 Please consult the [changelog](https://github.com/mjwheatley/cordova-plugin-android-fingerprint-auth/blob/master/changelog.md).
 
 # About

diff --git a/changelog.md b/changelog.md
@@ -1,3 +1,8 @@
+# Version 1.3.0
+### What's New
+* Fixed issue #85 No token returned when using PIN backup
+    * Authentication with backup credentials will now use cryptography to encrypt or decrypt a token.
+
 # Version 1.2.8
 ### What's New
 * Updates to README

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "cordova-plugin-android-fingerprint-auth",
-  "version": "1.2.8",
+  "version": "1.3.0",
   "description": "Cordova plugin to use Android fingerprint authentication API",
   "cordova": {
     "id": "cordova-plugin-android-fingerprint-auth",

diff --git a/plugin.xml b/plugin.xml
@@ -2,7 +2,7 @@
 <plugin xmlns="http://apache.org/cordova/ns/plugins/1.0"
         xmlns:android="http://schemas.android.com/apk/res/android"
         id="cordova-plugin-android-fingerprint-auth"
-        version="1.2.8">
+        version="1.3.0">
     <name>FingerprintAuth</name>
     <description>Cordova plugin to use Android fingerprint authentication API</description>
     <license>Apache 2.0</license>

diff --git a/src/android/FingerprintAuth.java b/src/android/FingerprintAuth.java
@@ -574,38 +574,39 @@ public static void onAuthenticated(boolean withFingerprint,
         boolean createdResultJson = false;
 
         try {
+            byte[] bytes;
+            FingerprintManager.CryptoObject cryptoObject;
+
             if (withFingerprint) {
-                // If the user has authenticated with fingerprint, verify that using cryptography and
-                // then return the encrypted (in Base 64) or decrypted mClientSecret
-                byte[] bytes;
-                if (mCipherModeCrypt) {
-                    bytes = result.getCryptoObject().getCipher()
-                            .doFinal(mClientSecret.getBytes("UTF-8"));
-                    String encodedBytes = Base64.encodeToString(bytes, Base64.NO_WRAP);
-                    resultJson.put("token", encodedBytes);
-                } else {
-                    bytes = result.getCryptoObject().getCipher()
-                            .doFinal(Base64.decode(mClientSecret, Base64.NO_WRAP));
-                    String credentialString = new String(bytes, "UTF-8");
-                    String[] credentialArray = credentialString.split(":");
-                    if (credentialArray.length == 2) {
-                        String username = credentialArray[0];
-                        String password = credentialArray[1];
-                        if (username.equalsIgnoreCase(mClientId + mUsername)) {
-                            resultJson.put("password", credentialArray[1]);
-                        }
-                    }
-                }
                 resultJson.put("withFingerprint", true);
+                cryptoObject = result.getCryptoObject();
             } else {
-                // Authentication happened with backup password.
                 resultJson.put("withBackup", true);
+                cryptoObject= new FingerprintManager.CryptoObject(mCipher);
 
                 // If failed to init cipher because of InvalidKeyException, create new key
                 if (!initCipher()) {
                     createKey();
                 }
             }
+
+            if (mCipherModeCrypt) {
+                bytes = cryptoObject.getCipher().doFinal(mClientSecret.getBytes("UTF-8"));
+                String encodedBytes = Base64.encodeToString(bytes, Base64.NO_WRAP);
+                resultJson.put("token", encodedBytes);
+            } else {
+                bytes = cryptoObject.getCipher()
+                        .doFinal(Base64.decode(mClientSecret, Base64.NO_WRAP));
+                String credentialString = new String(bytes, "UTF-8");
+                String[] credentialArray = credentialString.split(":");
+                if (credentialArray.length == 2) {
+                    String username = credentialArray[0];
+                    String password = credentialArray[1];
+                    if (username.equalsIgnoreCase(mClientId + mUsername)) {
+                        resultJson.put("password", credentialArray[1]);
+                    }
+                }
+            }
             createdResultJson = true;
         } catch (BadPaddingException e) {
             Log.e(TAG, "Failed to encrypt the data with the generated key:"