Added in API level 28

Summary: Ctors | Methods | Inherited Methods

BiometricPrompt.CryptoObject

Kotlin |Java

public static final class BiometricPrompt.CryptoObject
extends Object

java.lang.Object
↳	android.hardware.biometrics.BiometricPrompt.CryptoObject

A wrapper class for the cryptographic operations supported by BiometricPrompt.

Currently the framework supports Signature, Cipher, Mac, IdentityCredential, PresentationSession and KeyAgreement.

Cryptographic operations in Android can be split into two categories: auth-per-use and time-based. This is specified during key creation via the timeout parameter of the setUserAuthenticationParameters(int, int) method of KeyGenParameterSpec.Builder.

CryptoObjects are used to unlock auth-per-use keys via BiometricPrompt.authenticate(CryptoObject, CancellationSignal, Executor, AuthenticationCallback), whereas time-based keys are unlocked for their specified duration any time the user authenticates with the specified authenticators (e.g. unlocking keyguard). If a time-based key is not available for use (i.e. none of the allowed authenticators have been unlocked recently), applications can prompt the user to authenticate via BiometricPrompt.authenticate(CancellationSignal, Executor, AuthenticationCallback)

See also:

BiometricPrompt.Builder.setAllowedAuthenticators(int)

Summary

Public constructors
`CryptoObject(IdentityCredential credential)` This constructor is deprecated. Use `PresentationSession` instead of `IdentityCredential`.
`CryptoObject(PresentationSession session)` Create from a `PresentationSession` object.
`CryptoObject(Signature signature)` Create from a `Signature` object.
`CryptoObject(Cipher cipher)` Create from a `Cipher` object.
`CryptoObject(KeyAgreement keyAgreement)` Create from a `KeyAgreement` object.
`CryptoObject(Mac mac)` Create from a `Mac` object.
`CryptoObject(long operationHandle)` Create from an operation handle.

Public methods
`Cipher`	`getCipher()` Get `Cipher` object.
`IdentityCredential`	`getIdentityCredential()` This method was deprecated in API level 33. Use `PresentationSession` instead of `IdentityCredential`.
`KeyAgreement`	`getKeyAgreement()` Get `KeyAgreement` object.
`Mac`	`getMac()` Get `Mac` object.
`long`	`getOperationHandle()` Returns the `operationHandle` associated with this object or 0 if none.
`PresentationSession`	`getPresentationSession()` Get `PresentationSession` object.
`Signature`	`getSignature()` Get `Signature` object.

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeoutMillis, int nanos)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait(long timeoutMillis)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait()` Causes the current thread to wait until it is awakened, typically by being notified or interrupted.

Public constructors

CryptoObject

Added in API level 30

public CryptoObject (IdentityCredential credential)

This constructor is deprecated.
Use PresentationSession instead of IdentityCredential.

Create from a IdentityCredential object.

Parameters
`credential`	`IdentityCredential`: a `IdentityCredential` object. This value cannot be `null`.

CryptoObject

Added in API level 33

public CryptoObject (PresentationSession session)

Create from a PresentationSession object.

Parameters
`session`	`PresentationSession`: a `PresentationSession` object. This value cannot be `null`.

CryptoObject

Added in API level 28

public CryptoObject (Signature signature)

Create from a Signature object.

Parameters
`signature`	`Signature`: a `Signature` object. This value cannot be `null`.

CryptoObject

Added in API level 28

public CryptoObject (Cipher cipher)

Create from a Cipher object.

Parameters
`cipher`	`Cipher`: a `Cipher` object. This value cannot be `null`.

CryptoObject

Added in version 36.1

public CryptoObject (KeyAgreement keyAgreement)

Create from a KeyAgreement object.

Parameters
`keyAgreement`	`KeyAgreement`: a `KeyAgreement` object. This value cannot be `null`.

CryptoObject

Added in API level 28

public CryptoObject (Mac mac)

Create from a Mac object.

Parameters
`mac`	`Mac`: a `Mac` object. This value cannot be `null`.

CryptoObject

Added in API level 35

public CryptoObject (long operationHandle)

Create from an operation handle.

Parameters
`operationHandle`	`long`: the operation handle associated with this object.

See also:

getOperationHandle()

Public methods

getCipher

Added in API level 28

public Cipher getCipher ()

Get Cipher object.

Returns
`Cipher`	`Cipher` object or null if this doesn't contain one.

getIdentityCredential

Added in API level 30
Deprecated in API level 33

public IdentityCredential getIdentityCredential ()

This method was deprecated in API level 33.
Use PresentationSession instead of IdentityCredential.

Get IdentityCredential object.

Returns
`IdentityCredential`	`IdentityCredential` object or null if this doesn't contain one.

getKeyAgreement

Added in version 36.1

public KeyAgreement getKeyAgreement ()

Get KeyAgreement object.

Returns
`KeyAgreement`	`KeyAgreement` object or null if this doesn't contain one.

getMac

Added in API level 28

public Mac getMac ()

Get Mac object.

Returns
`Mac`	`Mac` object or null if this doesn't contain one.

getOperationHandle

Added in API level 35

public long getOperationHandle ()

Returns the operationHandle associated with this object or 0 if none. The operationHandle is the underlying identifier associated with the CryptoObject.

The operationHandle can be used to reconstruct a CryptoObject instance. This is useful for any cross-process communication as the CryptoObject class is not Parcelable. Hence, if the CryptoObject is constructed in one process, and needs to be propagated to another process, before calling the BiometricPrompt.authenticate(CryptoObject, CancellationSignal, Executor, AuthenticationCallback) API in the second process, the recommendation is to retrieve the operationHandle using this API, and then reconstruct the CryptoObjectusing the constructor that takes in an operationHandle, and pass that in to the authenticate API mentioned above.

Returns
`long`

getPresentationSession

Added in API level 33

public PresentationSession getPresentationSession ()

Get PresentationSession object.

Returns
`PresentationSession`	`PresentationSession` object or null if this doesn't contain one.

getSignature

Added in API level 28

public Signature getSignature ()

Get Signature object.

Returns
`Signature`	`Signature` object or null if this doesn't contain one.