General overview
At the time of Android6.0 (Api23), the Android system added the api interface of fingerprint recognition, namely FingerprintManager, which defined the most basic fingerprint recognition interface. However, at the time of AndroidP (Api28), it was no longer officially recommended, and @Deprecated was done.
Later, the FingerprintManagerCompat class was added to the support v4 library. I read its source code, and it actually encapsulates the FingerprintManager to a certain extent, such as judging the SDK version, processing the encrypted part, etc. The essence is still in the Use FingerprintManager to realize the fingerprint identification function.
In AndroidP, FingerprintManager is officially retired, and the system has added a BiometricPrompt interface, which can also be seen from the interface name “Biometric Identification”. The future security verification function will not be limited to fingerprints, and facial recognition should also be added.
Detailed Introduction
1.Public section
1.1 In general, we write a Manager class. The interior of the class is judged by the Api version to realize the adaptation of Api23 and Api28 respectively.
1.2 Among them, the way to judge the version number is:
1.3 Secondly, we declare an interface IBiometricPromptImpl, and the instances of Api28 and Api23 must inherit it
1.4 Judgment on whether the system supports fingerprint recognition:
2.BiometricPromptApi23: for the part of Api23~Api27
2.1 authenticate()
Before looking at the contents of BiometricPromptApi23.java, we need to understand the key method of fingerprint identification: authenticate().
authenticate method
The picture above is the description in Google’s api documentation. Now let’s explain what these parameters are one by one:
①. crypto This is an encrypted object, and the fingerprint scanner will use this object to judge the legitimacy of the authentication result. This object can be null, but in this case, it means that the app unconditionally trusts the result of the authentication. Although theoretically the process may be attacked and the data can be tampered with, this is the risk that the app must bear in this case. Therefore, it is recommended not to set this parameter to null. The instantiation of this class is a bit troublesome. It is mainly realized by the security interface of javax. Later, I will give a helper class (CryptoObjectHelper.java) in my demo program. This class encapsulates the internal implementation logic, and developers can directly use my class. Simplify the instantiation process.
②. cancel This is an object of the CancellationSignal class. This object is used to cancel the current scanning operation when the fingerprint reader scans the user’s fingerprint. If it is not canceled, the fingerprint scanner will transplant the scan until it times out (usually 30s, depends on the implementation of the specific manufacturer), this will consume more power. It is recommended not to set this parameter to null.
③. The flags flag, according to the document description in the above figure, this bit should be 0 temporarily, and this flag should be reserved for future use.
④.callback This is the object of the FingerprintManager.AuthenticationCallback class. This is the most important parameter in this interface except the first parameter. We will introduce it in detail later. This parameter cannot be NULL.
⑤. handler This is the object of the Handler class. If this parameter is not null, then FingerprintManager will use the looper in this handler to process messages from the fingerprint recognition hardware. Generally speaking, development does not need to provide this parameter, and it can be set to null directly, because FingerprintManager will use the main looper of the app to process by default.
2.2 Callback method after fingerprint authentication
Here we will introduce the FingerprintManager.AuthenticationCallback mentioned above, because the process of scanning fingerprints and authentication is completed in another process, so we need to adopt an asynchronous method, and let the system call back to us after the operation is completed. , the callback method is the four methods in the AuthenticationCallback class
3.BiometricPromptApi28: for Api28 and later platforms
In AndroidP, the original fingerprintManager will be replaced by the BiometricPrompt class. Google aims to unify the way of biometric identification (although iris, face recognition, etc. have not been seen in the API), including UI, and the UI is not allowed to be customized. It must be used BiometricPrompt.Builder to create a dialog box, in which you can customize the title, subtitle, description and a NegativeButton (that is, the cancel key).