Added KeyRevokedException that is thrown by getPassword if the key has been revoked. This provides some added information for the app to provide better feedback to the user if their fingerprint auth fails. So far this exception is only available on Android. Looking into iOS now. codenameone/CodenameOne#3045

shannah · shannah · commit a58014ca1c48 · 2020-07-06T09:22:16.000-07:00
diff --git a/native/android/com/codename1/fingerprint/impl/InternalFingerprintImpl.java b/native/android/com/codename1/fingerprint/impl/InternalFingerprintImpl.java
@@ -1,3 +1,25 @@
+/*
+ * Copyright (c) 2012, Codename One and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Codename One designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *  
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ * 
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ * 
+ * Please contact Codename One through http://www.codenameone.com/ if you 
+ * need additional information or have any questions.
+ */
 package com.codename1.fingerprint.impl;
 
 import android.hardware.fingerprint.FingerprintManager;
@@ -317,6 +339,7 @@ private boolean addPassword29(final int requestId, final String reason, final St
                     secretKey = getSecretKey();
                 } else {
                     InternalCallback.requestError(requestId, String.valueOf("Failed to create key"));
+                    return false;
                 }
             }
 
@@ -451,6 +474,7 @@ private boolean addPassword(final int requestId, final String reason, final Stri
                     secretKey = getSecretKey();
                 } else {
                     InternalCallback.requestError(requestId, String.valueOf("Failed to create key"));
+                    return false;
                 }
             }
 
@@ -576,11 +600,20 @@ private boolean getPassword29(final int requestId, final String reason, final St
             SecretKey secretKey = getSecretKey();
 
             if (secretKey == null) {
+                /*
                 if (createKey()) {
                     secretKey = getSecretKey();
                 } else {
                     InternalCallback.requestError(requestId, String.valueOf("Failed to create key"));
+                    return false;
                 }
+                */
+                if (keyRevoked) {
+                    InternalCallback.requestKeyRevokedError(requestId, String.valueOf("Key has been invalidated"));
+                } else {
+                    InternalCallback.requestError(requestId, String.valueOf("No key found"));
+                }
+                return false;
             }
 
 
@@ -641,6 +674,9 @@ public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult resul
                     };
                     if(!initCipher(Cipher.DECRYPT_MODE, key)) {
                         // Could not initialize cipher, key must have been invalidated
+                        InternalCallback.requestKeyRevokedError(requestId, "Failed to initialize cipher.  Secret key must have been revoked");
+                        return;
+                        /*
                         if (!createKey()) {
                             InternalCallback.requestError(requestId, "Failed to create a new key after old key failed to initialize the cipher.  Something must be wrong.");
                             return;
@@ -649,6 +685,7 @@ public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult resul
                             InternalCallback.requestError(requestId, "Failed to initialize the cipher even after generating new key.  Something must be wrong");
                             return;
                         }
+                        */
 
 
                     }
@@ -695,11 +732,20 @@ private boolean getPassword(final int requestId, final String reason, final Stri
             SecretKey secretKey = getSecretKey();
 
             if (secretKey == null) {
+                /*
                 if (createKey()) {
                     secretKey = getSecretKey();
                 } else {
                     InternalCallback.requestError(requestId, String.valueOf("Failed to create key"));
+                    return false;
+                }
+                */
+                if (keyRevoked) {
+                    InternalCallback.requestKeyRevokedError(requestId, String.valueOf("Key has been invalidated"));
+                } else {
+                    InternalCallback.requestError(requestId, String.valueOf("No key found"));
                 }
+                return false;
             }
 
 
@@ -760,6 +806,9 @@ public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult re
                     };
                     if(!initCipher(Cipher.DECRYPT_MODE, key)) {
                         // Could not initialize cipher, key must have been invalidated
+                        InternalCallback.requestKeyRevokedError(requestId, "Failed to initialize cipher.  Secret key must have been revoked");
+                        return;
+                        /*
                         if (!createKey()) {
                             InternalCallback.requestError(requestId, "Failed to create a new key after old key failed to initialize the cipher.  Something must be wrong.");
                             return;
@@ -768,6 +817,7 @@ public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult re
                             InternalCallback.requestError(requestId, "Failed to initialize the cipher even after generating new key.  Something must be wrong");
                             return;
                         }
+                        */
 
 
                     }
@@ -842,8 +892,9 @@ private boolean createKey() {
         }
         return isKeyCreated;
     }
-    
+     private boolean keyRevoked = false;
      private SecretKey getSecretKey() {
+         keyRevoked = false;
         String errorMessage = "";
         String getSecretKeyExceptionErrorPrefix = "Failed to get SecretKey from KeyStore: ";
         SecretKey key = null;
@@ -855,12 +906,14 @@ private SecretKey getSecretKey() {
         } catch (CertificateException e) {
             errorMessage = getSecretKeyExceptionErrorPrefix + "CertificateException";
         } catch (UnrecoverableKeyException e) {
+            keyRevoked = true;
             errorMessage = getSecretKeyExceptionErrorPrefix + "UnrecoverableKeyException";
         } catch (IOException e) {
             errorMessage = getSecretKeyExceptionErrorPrefix + "IOException";
         } catch (NoSuchAlgorithmException e) {
             errorMessage = getSecretKeyExceptionErrorPrefix + "NoSuchAlgorithmException";
         } catch (UnrecoverableEntryException e) {
+            keyRevoked = true;
             errorMessage = getSecretKeyExceptionErrorPrefix + "UnrecoverableEntryException";
         }
         if (key == null) {
@@ -893,6 +946,7 @@ private static class CipherInitializerM {
 
         @RequiresApi(api = Build.VERSION_CODES.M)
         private static boolean initCipher(InternalFingerprintImpl impl, int mode, String account) {
+            
             boolean initCipher = false;
             String errorMessage = "";
             String initCipherExceptionErrorPrefix = "Failed to init Cipher: ";
diff --git a/src/com/codename1/fingerprint/Fingerprint.java b/src/com/codename1/fingerprint/Fingerprint.java
@@ -1,7 +1,24 @@
 /*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
+ * Copyright (c) 2012, Codename One and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Codename One designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *  
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ * 
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ * 
+ * Please contact Codename One through http://www.codenameone.com/ if you 
+ * need additional information or have any questions.
  */
 package com.codename1.fingerprint;
 
diff --git a/src/com/codename1/fingerprint/KeyRevokedException.java b/src/com/codename1/fingerprint/KeyRevokedException.java
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2012, Codename One and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Codename One designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *  
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ * 
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ * 
+ * Please contact Codename One through http://www.codenameone.com/ if you 
+ * need additional information or have any questions.
+ */
+package com.codename1.fingerprint;
+
+/**
+ * Exception thrown by {@link Fingerprint#addPassword(java.lang.String, java.lang.String, java.lang.String) } and
+ * {@link Fingerprint#getPassword(java.lang.String, java.lang.String) } if the key has been revoked.  A key is revoked
+ * if the user has added fingerprints, or other forms of biometric authentication since the key was generated.
+ * @author Steve Hannah
+ */
+public class KeyRevokedException extends RuntimeException {
+    public KeyRevokedException(String msg) {
+        super(msg);
+    }
+}
diff --git a/src/com/codename1/fingerprint/impl/InternalCallback.java b/src/com/codename1/fingerprint/impl/InternalCallback.java
@@ -1,7 +1,30 @@
+/*
+ * Copyright (c) 2012, Codename One and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Codename One designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *  
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ * 
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ * 
+ * Please contact Codename One through http://www.codenameone.com/ if you 
+ * need additional information or have any questions.
+ */
 package com.codename1.fingerprint.impl;
 
 import com.codename1.components.SpanLabel;
 import com.codename1.fingerprint.Fingerprint;
+import com.codename1.fingerprint.KeyRevokedException;
 import com.codename1.ui.Dialog;
 import com.codename1.ui.Display;
 import com.codename1.ui.FontImage;
@@ -109,6 +132,15 @@ public static void requestError(int requestId, String message) {
         req.error(new RuntimeException(message));
     }
     
+    public static void requestKeyRevokedError(int requestId, String message) {
+        AsyncResource<?> req = requests.get(requestId);
+        if (req == null) {
+            return;
+        }
+        requests.remove(requestId);
+        req.error(new KeyRevokedException(message));
+    }
+    
     public static void requestComplete(int requestId, boolean success) {
         AsyncResource<Boolean> req = (AsyncResource<Boolean>)requests.get(requestId);
         if (req == null) {
diff --git a/src/com/codename1/fingerprint/impl/InternalFingerprint.java b/src/com/codename1/fingerprint/impl/InternalFingerprint.java
@@ -1,7 +1,24 @@
 /*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
+ * Copyright (c) 2012, Codename One and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Codename One designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *  
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ * 
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ * 
+ * Please contact Codename One through http://www.codenameone.com/ if you 
+ * need additional information or have any questions.
  */
 package com.codename1.fingerprint.impl;
 
