BiometricPrompt.CryptoObject

public static final class BiometricPrompt.CryptoObject
extends Object

java.lang.Object
   ↳ android.hardware.biometrics.BiometricPrompt.CryptoObject


A wrapper class for the cryptographic operations supported by BiometricPrompt.

Currently the framework supports Signature, Cipher, Mac, IdentityCredential, PresentationSession and KeyAgreement.

Cryptographic operations in Android can be split into two categories: auth-per-use and time-based. This is specified during key creation via the timeout parameter of the setUserAuthenticationParameters(int, int) method of KeyGenParameterSpec.Builder.

CryptoObjects are used to unlock auth-per-use keys via BiometricPrompt#authenticate(CryptoObject, CancellationSignal, Executor, AuthenticationCallback), whereas time-based keys are unlocked for their specified duration any time the user authenticates with the specified authenticators (e.g. unlocking keyguard). If a time-based key is not available for use (i.e. none of the allowed authenticators have been unlocked recently), applications can prompt the user to authenticate via BiometricPrompt#authenticate(CancellationSignal, Executor, AuthenticationCallback)

Summary

Public constructors

CryptoObject(Signature signature)
CryptoObject(Cipher cipher)
CryptoObject(Mac mac)
CryptoObject(IdentityCredential credential)

This constructor is deprecated. Use PresentationSession instead of IdentityCredential.

CryptoObject(PresentationSession session)

Public methods

Cipher getCipher()

Get Cipher object.

IdentityCredential getIdentityCredential()

This method was deprecated in API level 33. Use PresentationSession instead of IdentityCredential.

Mac getMac()

Get Mac object.

PresentationSession getPresentationSession()

Get PresentationSession object.

Signature getSignature()

Get Signature object.

Inherited methods

Public constructors

CryptoObject

Added in API level 28
public CryptoObject (Signature signature)

Parameters
signature Signature: This value cannot be null.

CryptoObject

Added in API level 28
public CryptoObject (Cipher cipher)

Parameters
cipher Cipher: This value cannot be null.

CryptoObject

Added in API level 28
public CryptoObject (Mac mac)

Parameters
mac Mac: This value cannot be null.

CryptoObject

Added in API level 28
public CryptoObject (IdentityCredential credential)

This constructor is deprecated.
Use PresentationSession instead of IdentityCredential.

Create from a IdentityCredential object.

Parameters
credential IdentityCredential: a IdentityCredential object. This value cannot be null.

CryptoObject

Added in API level 28
public CryptoObject (PresentationSession session)

Parameters
session PresentationSession: This value cannot be null.

Public methods

getCipher

Added in API level 28
public Cipher getCipher ()

Get Cipher object.

Returns
Cipher Cipher object or null if this doesn't contain one.

getIdentityCredential

Added in API level 30
Deprecated in API level 33
public IdentityCredential getIdentityCredential ()

This method was deprecated in API level 33.
Use PresentationSession instead of IdentityCredential.

Get IdentityCredential object.

Returns
IdentityCredential IdentityCredential object or null if this doesn't contain one.

getMac

Added in API level 28
public Mac getMac ()

Get Mac object.

Returns
Mac Mac object or null if this doesn't contain one.

getPresentationSession

Added in API level 33
public PresentationSession getPresentationSession ()

Get PresentationSession object.

Returns
PresentationSession PresentationSession object or null if this doesn't contain one.

getSignature

Added in API level 28
public Signature getSignature ()

Get Signature object.

Returns
Signature Signature object or null if this doesn't contain one.