我正在我的应用程序中使用Android P(API 28)中新的BiometricPrompt API。 (我实际上是在基于this project的包装器中使用它,以便它也可以在较旧的设备上运行,但这与问题无关。)这在我测试过的所有设备上都工作得很好,除了具有面部解锁功能的三星S9。
即使BiometricPrompt的现有Android版本目前仅实现指纹认证,三星似乎也对其进行了扩展以支持Face Unlock。当我在我的应用中触发生物特征认证时,“底页”会弹出一个脸部图标(而不是所有其他设备上显示的指纹图标),并且在屏幕顶部会出现一些文字,指出“未检测到脸部”。 (请注意,此处显示的图标是操作系统提供的,而不是我提供的,因此显然是三星的设计。)
根据文档,BiometricPrompt仅应关闭自身并在身份验证成功后调用我的onAuthenticationSucceeded方法。根据{{1}}看来,它已经成功了:
logcat但是,它随后崩溃并显示以下错误:
I/IFaceDaemonCallback: BpFaceDaemonCallback onAcquired()
I/SS_3A: INFO: AEC: TsAec_process_get_aec_info: 650: [Id=132] algo_out g=1.785 e_time=0.025 IsLLS=0x0 Ev=7.422 Bv=2.348 ProEv=7.348 Cvgd=1 lux=261, lls=0x0
E/CHI: [SS_ERR ]: [CHI_FACTORY ]: chxseccamerafactoryusecase.cpp: ExecuteCaptureRequest: 452: pMetaData is NULL
I/FaceHal: face_processFrontImage[614398]
I/FaceServiceWrapper: ss_face_processFrontImage(data_len = 614398, width = 480, height = 640, rotation = 270)
I/NativeFaceService: FaceService::processFrontImage - data_len (614398) width(480) height(640) rotation(270) format(2)
I/NativeFaceService: SEC_FR_SERVICE_AUTHENTICATE
I/sec_fr_engine_qsee: sec_fr_engine_on_authenticate_frame
D/sec_fr_engine_qsee: call QSEECom_send_cmd
I/SS_3A: INFO: AEC: TsAec_process_get_aec_info: 650: [Id=133] algo_out g=1.785 e_time=0.025 IsLLS=0x0 Ev=7.422 Bv=2.352 ProEv=7.352 Cvgd=1 lux=261, lls=0x0
E/CHI: [SS_ERR ]: [CHI_FACTORY ]: chxseccamerafactoryusecase.cpp: ExecuteCaptureRequest: 452: pMetaData is NULL
I/SS_3A: INFO: AEC: TsAec_process_get_aec_info: 650: [Id=134] algo_out g=1.864 e_time=0.025 IsLLS=0x0 Ev=7.359 Bv=2.332 ProEv=7.332 Cvgd=0 lux=262, lls=0x0
E/CHI: [SS_ERR ]: [CHI_FACTORY ]: chxseccamerafactoryusecase.cpp: ExecuteCaptureRequest: 452: pMetaData is NULL
I/SS_3A: INFO: AEC: TsAec_process_get_aec_info: 650: [Id=135] algo_out g=1.910 e_time=0.025 IsLLS=0x0 Ev=7.324 Bv=2.324 ProEv=7.324 Cvgd=0 lux=262, lls=0x0
E/CHI: [SS_ERR ]: [CHI_FACTORY ]: chxseccamerafactoryusecase.cpp: ExecuteCaptureRequest: 452: pMetaData is NULL
I/SS_3A: INFO: AEC: TsAec_process_get_aec_info: 650: [Id=136] algo_out g=1.920 e_time=0.025 IsLLS=0x0 Ev=7.316 Bv=2.316 ProEv=7.316 Cvgd=0 lux=262, lls=0x0
E/CHI: [SS_ERR ]: [CHI_FACTORY ]: chxseccamerafactoryusecase.cpp: ExecuteCaptureRequest: 452: pMetaData is NULL
I/sec_fr_engine_qsee: [Performance Log] QSEECom_send_cmd (129683) us in sec_fr_engine_on_authenticate_frame
D/sec_fr_engine_qsee: QSEECom_send_cmd Success
D/sec_fr_engine_qsee: return value from qsapp is 0
I/NativeFaceService: sec_fr_engine_on_authenticate_frame - status = [0], identified = [1], keepProcessing = [1]
I/NativeFaceService: identify succeeds
I/FaceServiceStorage: GetFileSize::Size of file: 196 bytes.
I/FaceServiceStorage: file size = 196
I/NativeFaceService: sid file length = 196
I/sec_fr_engine_qsee: sec_fr_engine_authenticated
D/sec_fr_engine_qsee: call QSEECom_send_cmd
I/SS_3A: INFO: AEC: TsAec_process_get_aec_info: 650: [Id=137] algo_out g=1.936 e_time=0.025 IsLLS=0x0 Ev=7.305 Bv=2.301 ProEv=7.301 Cvgd=0 lux=263, lls=0x0
I/sec_fr_engine_qsee: [Performance Log] QSEECom_send_cmd (12414) us in sec_fr_engine_authenticated
D/sec_fr_engine_qsee: QSEECom_send_cmd Success
D/sec_fr_engine_qsee: return value from qsapp is 0
I/FaceServiceCallback: sendAuthenticated in
I/faced_Proxy: wrapped_object_length = 0
I/IFaceDaemonCallback: BpFaceDaemonCallback onAuthenticated()
I/FaceServiceCallback: sendAuthenticated out
I/SemBioFaceServiceD: handleAuthenticated : 1
D/keystore: AddAuthenticationToken: timestamp = 168377203, time_received = 16675
I/SemBioFacePrompt: isSuccess = true
根据文档,生物识别身份验证的成功应该已经解锁了密钥库,但是显然没有发生此异常,如异常中的E/keystore: getAuthToken failed: -3
W/System.err: javax.crypto.IllegalBlockSizeException
W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:519)
W/System.err: at javax.crypto.Cipher.doFinal(Cipher.java:2055)
W/System.err: at com.mycompany.myapp.activities.LoginActivity.onAuthenticationSuccessful(LoginActivity.java:560)
W/System.err: at com.mycompany.common.security.BiometricCallbackV28.onAuthenticationSucceeded(BiometricCallbackV28.kt:18)
W/System.err: at com.samsung.android.bio.face.SemBioFaceManager.sendAuthenticatedSucceeded(SemBioFaceManager.java:1507)
W/System.err: at com.samsung.android.bio.face.SemBioFaceManager.access$2400(SemBioFaceManager.java:73)
W/System.err: at com.samsung.android.bio.face.SemBioFaceManager$3.lambda$onAuthenticationSucceeded$1(SemBioFaceManager.java:1673)
W/System.err: at com.samsung.android.bio.face.-$$Lambda$SemBioFaceManager$3$GGUPv9osWllaLwJM7Wg6GJEWK8E.run(Unknown Source:6)
W/System.err: at android.os.Handler.handleCallback(Handler.java:873)
W/System.err: at android.os.Handler.dispatchMessage(Handler.java:99)
W/System.err: at android.os.Looper.loop(Looper.java:214)
W/System.err: at android.app.ActivityThread.main(ActivityThread.java:6981)
W/System.err: at java.lang.reflect.Method.invoke(Native Method)
W/System.err: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
W/System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1445)
W/System.err: Caused by: android.security.KeyStoreException: Key user not authenticated
W/System.err: at android.security.KeyStore.getKeyStoreException(KeyStore.java:1168)
W/System.err: at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132)
W/System.err: at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:217)
W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
W/System.err: ... 14 more
消息所示。
我该如何工作?
答案 0 :(得分:3)
当尝试使用BiometricPrompt API将用户身份验证到我的应用程序时,我遇到了同样的问题。我与三星技术支持联系,他们确认三星的面部识别不够安全,无法解锁Android Keystore。
这是有道理的,因为当前的三星Galaxy设备(S8,S9,S10)没有进行面部3D成像所需的硬件(有传言说Pixel 4可以做到)。这让我想起了三星在S5上首次实现的指纹识别技术,该技术不符合Google的技术规格,并且在升级到棉花糖后无法正常工作。
以下是我从三星技术支持部门收到的实际答复:
出于安全原因,Face Biometric无法在更新后更新密钥库 身份验证。因此,当应用程序显示SecurityException时 尝试建立密钥库或由密钥库签名。
当前,您无法在应用程序中使用面部生物特征识别来 认证。或者,您可以指导用户进行更改 通过显示一个弹出窗口来首选指纹/虹膜生物识别(打开 生物特征偏好设置),同时获取这些例外。
感谢您的耐心等候。
奇怪的是,我再也看不到Galaxy S10的崩溃。身份验证仅返回错误代码。这可能会更糟,因为它破坏了建议的修复程序。啊。