[WIP] Android fingerprint #148
Conversation
see more: oblador#116
android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorageKeystoreRSAECB.java
Outdated
Show resolved
Hide resolved
android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorageKeystoreRSAECB.java
Outdated
Show resolved
Hide resolved
| .setEncryptionPaddings(ENCRYPTION_PADDING) | ||
| .setRandomizedEncryptionRequired(true) | ||
| .setUserAuthenticationRequired(true) | ||
| .setUserAuthenticationValidityDurationSeconds(-1) |
There was a problem hiding this comment.
This needs to be at least 2 seconds. Otherwise the decryption will always fail.
To work around the issue we need to pass in a CryptoObject to the .authenticate call (as mentioned here #116 (comment)) but I could not figure out myself how to do it. I can't seem to be able to figure out how to pass the Cipher to CryptoObject since it needs to be initialized, and to initialize it user needs to be authenticated... Hopefully @cladjules will figure that one out.
There was a problem hiding this comment.
That's why we need to get the crypto object out of encryptBytes,
getting the instance of the Cipher should be fine.
Then, try to call cipher.init, that should throw the UserNotAuthenticatedException (or not).
I will give it a go on that PR.
|
FYI: Found some issues w/ upgrading and when user removes their lock screen: E: Updated the commit |
Since AES and RSA share the same key space the upgrade path fails cause the RSA class gets a false positive for containsAlias call. Currently I just remove the AES key before encrypting with rsa key, however this could potentially result in a situation where the aes key gets removed but RSA key generation/encryption fails. This would cause data loss. I though about an alternative prefix solution for the server but maybe theres even a better way to do it. Also: - Handle case where key has been permanently invalidated
|
So amazing seeing progress on this feature. What's the current status? |
|
@oblador I will finish integration next week. Sorry been so busy last 2 weeks... |
|
Know that all to well, didn't mean to rush you 😺 |
|
I noticed that with my original implementation if the user fails fingerprint authentication (e.g. uses wrong finger) the app will crash with E: I have not yet been able to resolve that, so tips are welcome. |
I solved that by posting runnables to anything that's visible in the interface, don't remember exactly where I saw that trick 🤔 |
Yup that worked, thanks for the tip. |
|
Google has now released an official compat version of https://developer.android.com/reference/androidx/biometrics/BiometricPrompt We should probably try and use that one instead 👍 |
|
Sorry for not being active recently. |
Looking forward to that. Tried integrating with it in my temporary branch myself, but had some issues. In the end I just ended up fixing the crash issue I had with BiometricPromptCompat for now. |
Apparently, we need to migrate the project to use AndroidX. I am giving it a go and will see how it goes :) |
| throw new CryptoFailedException("Unknown error: " + e.getMessage(), e); | ||
| } | ||
| } | ||
|
|
There was a problem hiding this comment.
... be cool to provide a getPublicKey function, so the user can pass in properly formatted public key encrypted bytes from, say, another device. Separate this into its own public function call.
public byte[] getPublicKey(@NonNull String service) {
KeyStore keyStore = getKeyStoreAndLoad();
generateKeyAndStoreUnderAlias(service);
KeyFactory keyFactory = KeyFactory.getInstance(ENCRYPTION_ALGORITHM);
PublicKey publicKey = keyStore.getCertificate(service).getPublicKey();
return publicKey.getEncoded();
}
| public static final String KEYSTORE_TYPE = "AndroidKeyStore"; | ||
| public static final String ENCRYPTION_ALGORITHM = KeyProperties.KEY_ALGORITHM_RSA; | ||
| public static final String ENCRYPTION_BLOCK_MODE = KeyProperties.BLOCK_MODE_ECB; | ||
| public static final String ENCRYPTION_PADDING = KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1; |
There was a problem hiding this comment.
Eventually, these really should be options. OAEP is the default on many systems now, and is considered more secure, for example. Likewise 1024 bit RSA is ... well.
There was a problem hiding this comment.
Google has now released an official compat version of
BiometricPrompt🎉 🙌
https://developer.android.com/reference/androidx/biometrics/BiometricPrompt
We should probably try and use that one instead 👍Apparently, we need to migrate the project to use AndroidX. I am giving it a go and will see how it goes :)
Still trying to get it working with androidx. I am not sure if we can just get that library upgraded using androidx, or we need the whole project, React-native doesn't support it yet in any case.
I get a lot of multidex error atm.
|
Any further progress here? |
Still working on integrating the new compat library. It's quite a big change for the whole Android project to move to androidx and get rid of the compat library. We need to decide whether or not, we will want to force users to move their Android project to use AndroidX. Android encourages the developer to move their project anyway, but React-native didn't indicate anything regarding this yet. If we don't go to the route using androidx, we will need to stick to the old compat library (which is now deprecated and suggest using androidx biometric). |
|
Ok, I finally managed to do something. It's now fully working and show dialog for both Android P and prior to that. I have committed all the code to my fork, I am not sure what is the best way to merge back into that PR, there are few commits on that PR that are not in my fork. You can review the PR here: https://github.com/cladjules/react-native-keychain |
|
@cladjules I'd start by fixing the conflicts that you have against master of this repo (See master...cladjules:master) then maybe @LinusU, @earonesty and @oblador can take a look ? BTW, Huge thanks for working on this! |
|
@Jyrno42 regarding "This needs to be at least 2 seconds. Otherwise, the decryption will always fail." Not necessarily, the issue is, when you pass the crypto object to use it to decode, you can only use it once. It means that username and password would need to be encrypted within the same byte[] in order to work. Setting 2 seconds is working, as you could use ANY cipher within those 2 seconds, but it's a bit a hack... |
|
@cladjules I've forked your repo, gave it a try and got it working! The biggest change I had to make was on my app side, switching I understand that it's a requirement from the BiometricPrompt on AndroidX, but I'm curious about how did you deal with that? If anyone else knows lmk! I have some time to help with this on my end this week so if you guys want just let me know and I can open a PR of this soon to start a new code review (since the implementation from @cladjules is different enough than the code in this PR). |
|
@brunobar79 It seems like the PR for this might finally be landing 🙌 |
@brunobar79 I remember doing that change too, I don't really like the fact the fragment is directly added to the main react view. I am wondering if it's possible to launch a new activity and attach to it... I will give it a go. |
|
Sounds good!, I did some good rogress and ended up adding support for PIN /
pattern / password too (similar to how the iOS version works). You can
check out my fork.
On Mon, Dec 17, 2018 at 08:22 cladjules ***@***.***> wrote:
@cladjules <https://github.com/cladjules> I've forked your repo, gave it
a try and got it working!
The biggest change I had to make was on my app side, switchingMainActivity
to extend from ReactFragmentActivity instead of ReactActivity.
The main problem with it is that ReactFragmentActivity will be deprecated
soon
<https://github.com/facebook/react-native/blob/1151c096dab17e5d9a6ac05b61aacecd4305f3db/ReactAndroid/src/main/java/com/facebook/react/ReactFragmentActivity.java#L23>
I understand that it's a requirement from the BiometricPrompt
<https://developer.android.com/reference/androidx/biometrics/BiometricPrompt.html#BiometricPrompt(androidx.fragment.app.FragmentActivity,%20java.util.concurrent.Executor,%20androidx.biometrics.BiometricPrompt.AuthenticationCallback)>
on AndroidX, but I'm curious about how did you deal with that? If anyone
else knows lmk!
I have some time to help with this on my end this week so if you guys want
just let me know and I can open a PR of this soon to start a new code
review (since the implementation from @cladjules
<https://github.com/cladjules> is different enough than the code in this
PR).
@brunobar79 <https://github.com/brunobar79> I remember doing that change
too, I don't really like the fact the fragment is directly added to the
main react view. I am wondering if it's possible to launch a new activity
and attach to it... I will give it a go.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#148 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABMKWvPN8CV3gmheh5Ty3L8v-eavLOHQks5u55qrgaJpZM4WlUh0>
.
--
*Bruno Barbieri* // Senior Javascript Engineer @ Metamask
49 Bogart St, Suite 22, Brooklyn NY 11206
Web <https://consensys.net/> | Twitter <https://twitter.com/brunobar79> |
Linkedin <https://www.linkedin.com/in/brunobar79/> | Github
<https://github.com/brunobar79>
|
|
Is there any further progress here? |
@Timm0 I believe my branch is stable, there are few minor issues regarding fragment that I will push a fix for, |
|
Hmm, I'm curious, what's the status on this? Is it just waiting for a review? |
|
I have created a separate PR with all the code from that PR
|
|
Thanks guys for the good work! 🥇 Quick question - is there a particular reason why you chose RSA encryption for the authentication with the fingerprint instead of AES? In a lot of use cases we don't want to store an encrypted username/password but for example an encrypted JSON Web Token instead, that could be a few thousand characters long. This data size is way too large for RSA to encrypt, since max key length is 4096 bits and hence it is able to encrypt up to 512 chars (even less if padding is used). As it stands now the |
@vchernobyl we need an algorithm that handles private/public key pair, as it needs to be encrypted with a public key (without fingerprint) and decrypted with the private key (using fingerprint), if you use an algorithm that doesn't use a pair, you will need to prompt fingerprint for both encrypting and decrypting. |
|
@cladjules , I have used your cladjules:master repo to integrate it. It work nicely but I have to change ReactActivity to ReactFragmentActivity as I am on lower version of React Native. Do we have some other way to fix It ? Also Do we any early plan to merge this pull request in Main repo ? |
@anagar23 Yeah that's the issue, I had to change to ReactFragmentActivity as well and I think React-Native deprecated that. |
|
Hi guys, i don't know if this could help you, but i've created an Android library that provides an embedded ui for biometric authentication (without androidX). This library works from api level 23 to 29 (starting to android 28 use the biometricPrompt APIs). it also provides and helps to manage JCA crypto operation. Github repo (with minimal docs and screenshots) |
|
Any updates on this? |
|
Superseded by #260 |
Opening early for feedback.
Fixes #116