I am using the android Biometricx library for face and fingerprint authentication. When only FaceID is registered and I try to create secret key I am getting "IllegalStatException: At least one biometric must be enrolled to create keys that require user authentication"
I am trying to create secretKey like this
try {
mKeyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT |
KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
// Require the user to authenticate with a fingerprint to authorize every use
// of the key
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.build());
secretKey = mKeyGenerator.generateKey();
} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
| CertificateException | IOException e) {
Toast.makeText(this,"Create Key "+ e.getLocalizedMessage(), Toast.LENGTH_LONG).show();
}
The code works fine when fingerprint is registered. This happens only when FaceId is registered. What am I missing here?
Got the issue here. Its all got to do with the setting of .setUserAuthenticationRequired(true)
If this key is set to true while generating a key, that means at least one secure biometric/unlock pin/pattern must be enrolled. Since the key was set to true and only unsecured authentication methods were present, the error At least one biometric must be enrolled to create keys that require user authentication was thrown
Note: Face ID in Samsung is considered unsecured as of now. That was the reason for the above issue