oblador · LinusU · Jul 17, 2018 · Jul 17, 2018 · Jul 18, 2018 · Sep 9, 2018
diff --git a/.gitignore b/.gitignore
@@ -2,6 +2,13 @@
 logs
 *.log
 
+#Android
+android/.gradle/
+android/.idea/
+android/android.iml
+android/local.properties
+android/react-native-keychain.iml
+
 # Runtime data
 pids
 *.pid

diff --git a/android/build.gradle b/android/build.gradle
@@ -36,4 +36,5 @@ repositories {
 dependencies {
   implementation 'com.facebook.react:react-native:+'
   implementation 'com.facebook.conceal:conceal:1.1.3@aar'
+  implementation 'moe.feng.support.biometricprompt:library:1.0.1'
 }
diff --git a/android/src/main/java/com/oblador/keychain/DeviceAvailability.java b/android/src/main/java/com/oblador/keychain/DeviceAvailability.java
@@ -1,5 +1,7 @@
 package com.oblador.keychain;
 
+import android.Manifest;
+import android.content.pm.PackageManager;
 import android.os.Build;
 import android.content.Context;
 import android.app.KeyguardManager;
@@ -10,7 +12,9 @@ public static boolean isFingerprintAuthAvailable(Context context) {
         if (android.os.Build.VERSION.SDK_INT >= 23) {
             FingerprintManager fingerprintManager =
                 (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
-            return fingerprintManager != null && fingerprintManager.isHardwareDetected() &&
+            return fingerprintManager != null &&
+                context.checkSelfPermission(Manifest.permission.USE_FINGERPRINT) == PackageManager.PERMISSION_GRANTED &&
+                fingerprintManager.isHardwareDetected() &&
                 fingerprintManager.hasEnrolledFingerprints();
         }
         return false;

diff --git a/android/src/main/java/com/oblador/keychain/KeychainModule.java b/android/src/main/java/com/oblador/keychain/KeychainModule.java
diff --git a/android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorage.java b/android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorage.java
@@ -1,5 +1,7 @@
 package com.oblador.keychain.cipherStorage;
 
+import android.app.Activity;
+import android.security.keystore.KeyPermanentlyInvalidatedException;
 import android.support.annotation.NonNull;
 
 import com.oblador.keychain.exceptions.CryptoFailedException;
@@ -31,13 +33,22 @@ public DecryptionResult(String username, String password) {
         }
     }
 
+    interface DecryptionResultHandler {
+        public void onDecrypt(DecryptionResult decryptionResult, String info, String error);
+    }
+
     EncryptionResult encrypt(@NonNull String service, @NonNull String username, @NonNull String password) throws CryptoFailedException;
 
-    DecryptionResult decrypt(@NonNull String service, @NonNull byte[] username, @NonNull byte[] password) throws CryptoFailedException;
+    void decrypt(@NonNull DecryptionResultHandler decryptionResultHandler, @NonNull String service, @NonNull byte[] username, @NonNull byte[] password) throws CryptoFailedException, KeyPermanentlyInvalidatedException;
 
     void removeKey(@NonNull String service) throws KeyStoreAccessException;
 
     String getCipherStorageName();
 
+    boolean getCipherBiometrySupported();
+
     int getMinSupportedApiLevel();
+
+    boolean getRequiresCurrentActivity();
+    void setCurrentActivity(Activity activity);
 }
diff --git a/android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorageFacebookConceal.java b/android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorageFacebookConceal.java
@@ -1,6 +1,8 @@
 package com.oblador.keychain.cipherStorage;
 
+import android.app.Activity;
 import android.os.Build;
+import android.security.keystore.KeyPermanentlyInvalidatedException;
 import android.support.annotation.NonNull;
 
 import com.facebook.android.crypto.keychain.AndroidConceal;
@@ -14,6 +16,8 @@
 
 import java.nio.charset.Charset;
 
+import static android.R.attr.password;
+
 public class CipherStorageFacebookConceal implements CipherStorage {
     public static final String CIPHER_STORAGE_NAME = "FacebookConceal";
     public static final String KEYCHAIN_DATA = "RN_KEYCHAIN";
@@ -29,11 +33,17 @@ public String getCipherStorageName() {
         return CIPHER_STORAGE_NAME;
     }
 
+    @Override
+    public boolean getCipherBiometrySupported() {
+        return false;
+    }
+
     @Override
     public int getMinSupportedApiLevel() {
         return Build.VERSION_CODES.JELLY_BEAN;
     }
 
+
     @Override
     public EncryptionResult encrypt(@NonNull String service, @NonNull String username, @NonNull String password) throws CryptoFailedException {
         if (!crypto.isAvailable()) {
@@ -53,7 +63,7 @@ public EncryptionResult encrypt(@NonNull String service, @NonNull String usernam
     }
 
     @Override
-    public DecryptionResult decrypt(@NonNull String service, @NonNull byte[] username, @NonNull byte[] password) throws CryptoFailedException {
+    public void decrypt(@NonNull DecryptionResultHandler decryptionResultHandler, @NonNull String service, @NonNull byte[] username, @NonNull byte[] password) throws CryptoFailedException, KeyPermanentlyInvalidatedException {
         if (!crypto.isAvailable()) {
             throw new CryptoFailedException("Crypto is missing");
         }
@@ -64,9 +74,9 @@ public DecryptionResult decrypt(@NonNull String service, @NonNull byte[] usernam
             byte[] decryptedUsername = crypto.decrypt(username, usernameEntity);
             byte[] decryptedPassword = crypto.decrypt(password, passwordEntity);
 
-            return new DecryptionResult(
+            decryptionResultHandler.onDecrypt(new DecryptionResult(
                     new String(decryptedUsername, Charset.forName("UTF-8")),
-                    new String(decryptedPassword, Charset.forName("UTF-8")));
+                    new String(decryptedPassword, Charset.forName("UTF-8"))), null, null);
         } catch (Exception e) {
             throw new CryptoFailedException("Decryption failed for service " + service, e);
         }
@@ -90,4 +100,15 @@ private Entity createPasswordEntity(String service) {
     private String getEntityPrefix(String service) {
         return KEYCHAIN_DATA + ":" + service;
     }
+
+    @Override
+    public boolean getRequiresCurrentActivity() {
+        // Facebook conceal does not need the current activity
+        return false;
+    }
+
+    @Override
+    public void setCurrentActivity(Activity activity) {
+        // Facebook conceal does not need the current activity
+    }
 }
diff --git a/android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorageKeystoreAESCBC.java b/android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorageKeystoreAESCBC.java
@@ -1,8 +1,10 @@
 package com.oblador.keychain.cipherStorage;
 
 import android.annotation.TargetApi;
+import android.app.Activity;
 import android.os.Build;
 import android.security.keystore.KeyGenParameterSpec;
+import android.security.keystore.KeyPermanentlyInvalidatedException;
 import android.security.keystore.KeyProperties;
 import android.support.annotation.NonNull;
 
@@ -48,6 +50,11 @@ public String getCipherStorageName() {
         return CIPHER_STORAGE_NAME;
     }
 
+    @Override
+    public boolean getCipherBiometrySupported() {
+        return false;
+    }
+
     @Override
     public int getMinSupportedApiLevel() {
         return Build.VERSION_CODES.M;
@@ -97,7 +104,7 @@ private void generateKeyAndStoreUnderAlias(@NonNull String service) throws NoSuc
     }
 
     @Override
-    public DecryptionResult decrypt(@NonNull String service, @NonNull byte[] username, @NonNull byte[] password) throws CryptoFailedException {
+    public void decrypt(@NonNull DecryptionResultHandler decryptionResultHandler, @NonNull String service, @NonNull byte[] username, @NonNull byte[] password) throws CryptoFailedException, KeyPermanentlyInvalidatedException {
         service = getDefaultServiceIfEmpty(service);
 
         try {
@@ -108,7 +115,7 @@ public DecryptionResult decrypt(@NonNull String service, @NonNull byte[] usernam
             String decryptedUsername = decryptBytes(key, username);
             String decryptedPassword = decryptBytes(key, password);
 
-            return new DecryptionResult(decryptedUsername, decryptedPassword);
+            decryptionResultHandler.onDecrypt(new DecryptionResult(decryptedUsername, decryptedPassword), null, null);
         } catch (KeyStoreException | UnrecoverableKeyException | NoSuchAlgorithmException e) {
             throw new CryptoFailedException("Could not get key from Keystore", e);
         } catch (KeyStoreAccessException e) {
@@ -198,4 +205,15 @@ private KeyStore getKeyStoreAndLoad() throws KeyStoreException, KeyStoreAccessEx
     private String getDefaultServiceIfEmpty(@NonNull String service) {
         return service.isEmpty() ? DEFAULT_SERVICE : service;
     }
+
+    @Override
+    public boolean getRequiresCurrentActivity() {
+        // AESCBC does not need the current activity
+        return false;
+    }
+
+    @Override
+    public void setCurrentActivity(Activity activity) {
+        // AESCBC does not need the current activity
+    }
 }