CryptoObject
class CryptoObject
kotlin.Any | |
↳ | android.hardware.biometrics.BiometricPrompt.CryptoObject |
A wrapper class for the cryptographic operations supported by BiometricPrompt.
Currently the framework supports Signature
, Cipher
, Mac
, IdentityCredential
, PresentationSession
and KeyAgreement
.
Cryptographic operations in Android can be split into two categories: auth-per-use and time-based. This is specified during key creation via the timeout parameter of the setUserAuthenticationParameters(int, int)
method of .
CryptoObjects are used to unlock auth-per-use keys via BiometricPrompt#authenticate(CryptoObject, CancellationSignal, Executor,
, whereas time-based keys are unlocked for their specified duration any time the user authenticates with the specified authenticators (e.g. unlocking keyguard). If a time-based key is not available for use (i.e. none of the allowed authenticators have been unlocked recently), applications can prompt the user to authenticate via BiometricPrompt#authenticate(CancellationSignal, Executor, AuthenticationCallback)
Summary
Public constructors | |
---|---|
CryptoObject(signature: Signature) Create from a |
|
CryptoObject(cipher: Cipher) Create from a |
|
CryptoObject(mac: Mac) Create from a |
|
CryptoObject(credential: IdentityCredential) Create from a |
|
CryptoObject(session: PresentationSession) Create from a |
|
CryptoObject(operationHandle: Long) Create from an operation handle. |
Public methods | |
---|---|
Cipher? |
Get |
IdentityCredential? |
Get |
Mac? |
getMac() Get |
Long |
Returns the |
PresentationSession? |
Get |
Signature? |
Get |
Public constructors
CryptoObject
CryptoObject(signature: Signature)
Create from a Signature
object.
Parameters | |
---|---|
signature |
Signature: a Signature object. This value cannot be null . |
CryptoObject
CryptoObject(cipher: Cipher)
Create from a Cipher
object.
Parameters | |
---|---|
cipher |
Cipher: a Cipher object. This value cannot be null . |
CryptoObject
CryptoObject(mac: Mac)
Create from a Mac
object.
Parameters | |
---|---|
mac |
Mac: a Mac object. This value cannot be null . |
CryptoObject
CryptoObject(credential: IdentityCredential)
Deprecated: Use PresentationSession
instead of IdentityCredential
.
Create from a IdentityCredential
object.
Parameters | |
---|---|
credential |
IdentityCredential: a IdentityCredential object. This value cannot be null . |
CryptoObject
CryptoObject(session: PresentationSession)
Create from a PresentationSession
object.
Parameters | |
---|---|
session |
PresentationSession: a PresentationSession object. This value cannot be null . |
CryptoObject
CryptoObject(operationHandle: Long)
Create from an operation handle.
Parameters | |
---|---|
operationHandle |
Long: the operation handle associated with this object. |
Public methods
getCipher
fun getCipher(): Cipher?
Get Cipher
object.
Return | |
---|---|
Cipher? |
Cipher object or null if this doesn't contain one. |
getIdentityCredential
fungetIdentityCredential(): IdentityCredential?
Deprecated: Use PresentationSession
instead of IdentityCredential
.
Get IdentityCredential
object.
Return | |
---|---|
IdentityCredential? |
IdentityCredential object or null if this doesn't contain one. |
getMac
fun getMac(): Mac?
Get Mac
object.
Return | |
---|---|
Mac? |
Mac object or null if this doesn't contain one. |
getOperationHandle
fun getOperationHandle(): Long
Returns the operationHandle
associated with this object or 0 if none. The operationHandle
is the underlying identifier associated with the CryptoObject
.
The operationHandle
can be used to reconstruct a CryptoObject
instance. This is useful for any cross-process communication as the CryptoObject
class is not android.os.Parcelable
. Hence, if the CryptoObject
is constructed in one process, and needs to be propagated to another process, before calling the BiometricPrompt#authenticate(CryptoObject, CancellationSignal, Executor,
API in the second process, the recommendation is to retrieve the operationHandle
using this API, and then reconstruct the CryptoObject
using the constructor that takes in an operationHandle
, and pass that in to the authenticate
API mentioned above.
getPresentationSession
fun getPresentationSession(): PresentationSession?
Get PresentationSession
object.
Return | |
---|---|
PresentationSession? |
PresentationSession object or null if this doesn't contain one. |
getSignature
fun getSignature(): Signature?
Get Signature
object.
Return | |
---|---|
Signature? |
Signature object or null if this doesn't contain one. |