CryptoObject

Kotlin |Java

class CryptoObject

kotlin.Any
↳	android.hardware.biometrics.BiometricPrompt.CryptoObject

A wrapper class for the cryptographic operations supported by BiometricPrompt.

Currently the framework supports Signature, Cipher, Mac, IdentityCredential, PresentationSession and KeyAgreement.

Cryptographic operations in Android can be split into two categories: auth-per-use and time-based. This is specified during key creation via the timeout parameter of the setUserAuthenticationParameters(int, int) method of .

CryptoObjects are used to unlock auth-per-use keys via BiometricPrompt.authenticate(CryptoObject, CancellationSignal, Executor,, whereas time-based keys are unlocked for their specified duration any time the user authenticates with the specified authenticators (e.g. unlocking keyguard). If a time-based key is not available for use (i.e. none of the allowed authenticators have been unlocked recently), applications can prompt the user to authenticate via BiometricPrompt.authenticate(CancellationSignal, Executor, AuthenticationCallback)

Summary

Public constructors
`CryptoObject(credential: IdentityCredential)` Create from a `IdentityCredential` object.
`CryptoObject(session: PresentationSession)` Create from a `PresentationSession` object.
`CryptoObject(signature: Signature)` Create from a `Signature` object.
`CryptoObject(cipher: Cipher)` Create from a `Cipher` object.
`CryptoObject(mac: Mac)` Create from a `Mac` object.
`CryptoObject(operationHandle: Long)` Create from an operation handle.

Public methods
Cipher?	`getCipher()` Get `Cipher` object.
IdentityCredential?	`getIdentityCredential()` Get `IdentityCredential` object.
Mac?	`getMac()` Get `Mac` object.
Long	`getOperationHandle()` Returns the `operationHandle` associated with this object or 0 if none.
PresentationSession?	`getPresentationSession()` Get `PresentationSession` object.
Signature?	`getSignature()` Get `Signature` object.

Public constructors

CryptoObject

Added in API level 30

CryptoObject(credential: IdentityCredential)

Deprecated: Use PresentationSession instead of IdentityCredential.

Create from a IdentityCredential object.

Parameters
`credential`	IdentityCredential: a `IdentityCredential` object. This value cannot be `null`.

CryptoObject

Added in API level 33

CryptoObject(session: PresentationSession)

Create from a PresentationSession object.

Parameters
`session`	PresentationSession: a `PresentationSession` object. This value cannot be `null`.

CryptoObject

Added in API level 28

CryptoObject(signature: Signature)

Create from a Signature object.

Parameters
`signature`	Signature: a `Signature` object. This value cannot be `null`.

CryptoObject

Added in API level 28

CryptoObject(cipher: Cipher)

Create from a Cipher object.

Parameters
`cipher`	Cipher: a `Cipher` object. This value cannot be `null`.

CryptoObject

Added in API level 28

CryptoObject(mac: Mac)

Create from a Mac object.

Parameters
`mac`	Mac: a `Mac` object. This value cannot be `null`.

CryptoObject

Added in API level 35

CryptoObject(operationHandle: Long)

Create from an operation handle.

Parameters
`operationHandle`	Long: the operation handle associated with this object.

See Also

android.hardware.biometrics.BiometricPrompt.CryptoObject#getOperationHandle()

Public methods

getCipher

Added in API level 28

fun getCipher(): Cipher?

Get Cipher object.

Return
`Cipher?`	`Cipher` object or null if this doesn't contain one.

getIdentityCredential

Added in API level 30
Deprecated in API level 33

fun getIdentityCredential(): IdentityCredential?

Deprecated: Use PresentationSession instead of IdentityCredential.

Get IdentityCredential object.

Return
`IdentityCredential?`	`IdentityCredential` object or null if this doesn't contain one.

getMac

Added in API level 28

fun getMac(): Mac?

Get Mac object.

Return
`Mac?`	`Mac` object or null if this doesn't contain one.

getOperationHandle

Added in API level 35

fun getOperationHandle(): Long

Returns the operationHandle associated with this object or 0 if none. The operationHandle is the underlying identifier associated with the CryptoObject.

The operationHandle can be used to reconstruct a CryptoObject instance. This is useful for any cross-process communication as the CryptoObject class is not android.os.Parcelable. Hence, if the CryptoObject is constructed in one process, and needs to be propagated to another process, before calling the BiometricPrompt.authenticate(CryptoObject, CancellationSignal, Executor, API in the second process, the recommendation is to retrieve the operationHandle using this API, and then reconstruct the CryptoObjectusing the constructor that takes in an operationHandle, and pass that in to the authenticate API mentioned above.

getPresentationSession

Added in API level 33

fun getPresentationSession(): PresentationSession?

Get PresentationSession object.

Return
`PresentationSession?`	`PresentationSession` object or null if this doesn't contain one.

getSignature

Added in API level 28

fun getSignature(): Signature?

Get Signature object.

Return
`Signature?`	`Signature` object or null if this doesn't contain one.