Role of cryptoObject
codingjeremy opened this issue · 1 comments
Tuesday Jun 06, 2017 at 07:14 GMT
Originally opened as googlearchive/android-FingerprintDialog#46
After going through the sample,
I am still curious about what is the use of passing cryptoObject to authenticate api of FingerprintManager.
If we see the code here, it stores the reference to cryptoObject in a field which it uses only at one place : to create the AuthenticationResult when authenticatin succeeds (see here).
Also, apart from this, it uses the cryptoObject's getOpId method to set some sessionId that it passes to authenticate api of IFingerprintService.
What's this OpId? I guess this is the thing that makes all difference, but I've no clue what it is and can't seem to find any documentation :-/
This question has been asked here, here and here but I didn't find a good answer in all the places.
You should find the answer in this blog post
and also in BiometricLoginKotlin