search

infinum / Android-Goldfinger

Android library to simplify Biometric authentication implementation.
Apache License 2.0
653 stars 73 forks source link

decrypt onSuccess() gives an empty string #41

Closed chadbohannan closed 5 years ago

chadbohannan commented 5 years ago

Hi, I really like the elegance of the Goldfinger API but I'm not getting decryption functionality out of the box. Perhaps I'm doing something wrong but I'm using the default configuration. The library was trivial to integrate into a workflow and events occur as expected, but the decrypting onSuccess() function is giving me an empty string when i expect "password"

Cool: encrypt("biometric_key", "password", callback) -> "ARCJKF3KqYAw0NQBr5gRIA==\n "

Not Cool: decrypt("biometric_key", "ARCJKF3KqYAw0NQBr5gRIA==\n ", callback) -> ""

Am i missing something silly like a permission or whatnot?

domagojkorman commented 5 years ago

Hi @chadbohannan,

from the looks of it, it seems you are using the library as intended.

  1. Is this issue device specific or it happens on multiple devices?
  2. Does example application work correctly on your device?
  3. Do you have enabled logging? If so, do you get any specific log or error in logcat?
chadbohannan commented 5 years ago

Thanks for the quick response! Behavior is consistent between the emulator and my Pixel XL, both running Android 9 (API 28). Nothing interesting occurs in the logs. The state transitions are happening as and when I expect, the only problem callback occurs with a successful biometric scan, but I get an empty string back.

the most interesting log messages:

2018-11-06 11:36:06.930 1791-1821/? D/FingerprintHal: ----------------> send_scan_notice ----------------->
2018-11-06 11:36:07.018 1791-1821/? D/android.hardware.biometrics.fingerprint@2.1-service: onAcquired(0)
2018-11-06 11:36:07.027 1791-1821/? D/android.hardware.biometrics.fingerprint@2.1-service: onAuthenticated(fid=45146572, gid=0)
2018-11-06 11:36:07.229 1791-1821/? D/FingerprintHal: fingerprint ID 0 off
2018-11-06 11:36:08.732 1774-1774/? D/keystore: AddAuthenticationToken: timestamp = 1826608, time_received = 1828
2018-11-06 11:36:08.758 1990-1990/system_process V/FingerprintService: onAuthenticated(owner=com.company.app, id=45146572, gp=0)
2018-11-06 11:36:09.595 1990-1990/system_process V/FingerprintService: Done with client: com.company.app
chadbohannan commented 5 years ago

Update: I've tried swapping out Goldfinger with Mauin/RxFingerprint and i'm having the same experience. This points the finger more at me than Goldfinger, so I'll keep digging.

chadbohannan commented 5 years ago

Developer is a bonehead and cleared the password edit immediately before reading it. Decrypted value was correclty the empty string.

domagojkorman commented 5 years ago

Thank you for letting us know what the issue was and for closing the issue.