Increment to version 4.0.20

Blockstream · Nov 23, 2023 · 1d7e016 · 1d7e016
1 parent 5839c9b
commit 1d7e016
Show file tree

Hide file tree

Showing 7 changed files with 17 additions and 10 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,11 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [4.0.20] - 2023-11-23
+
+### Fixed
+- Fix keystore key being invalidated when device was unlocked with face biometrics
+
 ## [4.0.19] - 2023-11-20
 
 ### Changed

diff --git a/compose/src/main/res/values/strings.xml b/compose/src/main/res/values/strings.xml
@@ -1427,4 +1427,6 @@
   <string name="id_2fa_call_is_now_enabled">2FA Call is now enabled</string>
   <string name="id_you_will_need_to_export_the_account">You will need to export the account from Jade at your next login.</string>
   <string name="id_no_ill_repeat_the_setup">No, I\'ll repeat the setup</string>
+  <string name="id_user_authentication">User Authentication</string>
+  <string name="id_you_have_to_authenticate_to_unlock_your_device">You have to Authenticate to unlock your device</string>
 </resources>
diff --git a/green/build.gradle.kts b/green/build.gradle.kts
@@ -41,8 +41,8 @@ android {
     defaultConfig {
         minSdk = libs.versions.androidMinSdk.get().toInt()
         targetSdk = libs.versions.androidTargetSdk.get().toInt()
-        versionCode = 419
-        versionName = "4.0.19"
+        versionCode = 420
+        versionName = "4.0.20"
 
         setProperty("archivesBaseName", "BlockstreamGreen-v$versionName")
         proguardFiles(getDefaultProguardFile("proguard-android-optimize.txt"), "proguard-rules.pro")

diff --git a/green/src/main/java/com/blockstream/green/extensions/BiometricsExtensions.kt b/green/src/main/java/com/blockstream/green/extensions/BiometricsExtensions.kt
@@ -11,8 +11,8 @@ import java.security.InvalidAlgorithmParameterException
 
 fun Fragment.authenticateWithBiometrics(callback : AuthenticationCallback, onlyDeviceCredentials: Boolean = false){
     val promptInfo = BiometricPrompt.PromptInfo.Builder()
-        .setTitle(getString(R.string.id_biometrics_authentication))
-        .setDescription(getString(R.string.id_you_have_to_authenticate_using))
+        .setTitle(getString(R.string.id_user_authentication))
+        .setDescription(getString(R.string.id_you_have_to_authenticate_to_unlock_your_device))
         .setConfirmationRequired(true)
         .setAllowedAuthenticators(if (onlyDeviceCredentials) BiometricManager.Authenticators.DEVICE_CREDENTIAL else BiometricManager.Authenticators.BIOMETRIC_STRONG or BiometricManager.Authenticators.DEVICE_CREDENTIAL)
 

diff --git a/green/src/main/java/com/blockstream/green/ui/onboarding/WatchOnlyCredentialsFragment.kt b/green/src/main/java/com/blockstream/green/ui/onboarding/WatchOnlyCredentialsFragment.kt
@@ -185,7 +185,7 @@ class WatchOnlyCredentialsFragment : AppFragment<WatchOnlyCredentialsFragmentBin
         try {
             biometricPrompt.authenticate(
                 promptInfo.build(),
-                BiometricPrompt.CryptoObject(appKeystore.getBiometricsEncryptionCipher())
+                BiometricPrompt.CryptoObject(appKeystore.getBiometricsEncryptionCipher(recreateKeyIfNeeded = true))
             )
         } catch (e: InvalidAlgorithmParameterException) {
             // At least one biometric must be enrolled

diff --git a/green/src/main/java/com/blockstream/green/ui/settings/WalletSettingsFragment.kt b/green/src/main/java/com/blockstream/green/ui/settings/WalletSettingsFragment.kt
@@ -581,7 +581,7 @@ class WalletSettingsFragment :
         try {
             biometricPrompt.authenticate(
                 promptInfo.build(),
-                BiometricPrompt.CryptoObject(appKeystore.getBiometricsEncryptionCipher())
+                BiometricPrompt.CryptoObject(appKeystore.getBiometricsEncryptionCipher(recreateKeyIfNeeded = true))
             )
         } catch (e: InvalidAlgorithmParameterException) {
             // At least one biometric must be enrolled

diff --git a/green/src/main/java/com/blockstream/green/utils/AppKeystore.kt b/green/src/main/java/com/blockstream/green/utils/AppKeystore.kt
@@ -25,7 +25,7 @@ class AppKeystore(val context: Context): GreenKeystore {
 
     fun isBiometricsAuthenticationRequired(): Boolean {
         try{
-            getBiometricsEncryptionCipher()
+            getEncryptionCipher(BIOMETRICS_KEYSTORE_ALIAS)
         }catch (e: UserNotAuthenticatedException){
             logger.info { "User not Authenticated, probably device was unlocked with Face biometrics" }
             if(isDevelopmentOrDebug) {
@@ -139,10 +139,10 @@ class AppKeystore(val context: Context): GreenKeystore {
      * The returned {@code Cipher} object must be unlocked by {@code BiometricPrompt} before use.
      */
     @Throws(Exception::class)
-    fun getBiometricsEncryptionCipher(): Cipher {
-        if (!keyStoreKeyExists(BIOMETRICS_KEYSTORE_ALIAS) || !isKeyStoreValid(
+    fun getBiometricsEncryptionCipher(recreateKeyIfNeeded: Boolean): Cipher {
+        if ((!keyStoreKeyExists(BIOMETRICS_KEYSTORE_ALIAS) || !isKeyStoreValid(
                 BIOMETRICS_KEYSTORE_ALIAS
-            )) {
+            )) && recreateKeyIfNeeded) {
             deleteFromKeyStore(BIOMETRICS_KEYSTORE_ALIAS)
             initializeKeyStoreKey(BIOMETRICS_KEYSTORE_ALIAS, true)
         }