iOS8指紋識別TouchID
蘋果在2014年6月3日的WWDC2014開幕式上推出了新版iOS8系統,界面上iOS8與iOS7相比變化不大,不過在功能方面進行了完善。iOS8通知中心更加強大,支持消息直接回復操作,並支持QuickType和第三方輸入法。短信功能改進明顯,支持群聊,發送語音、視頻,分享地理位置等。從終端用戶的角度看,iOS8的許多新功能早已出現在其他平台中。iOS8會向第三方軟件開放TouchID訪問,這意味著可以使用該感應器登陸銀行應用等。
第三方應用可以使用TouchID接口,意味著未來的很多應用都可以用指紋識別功能了。你可以選擇Touch ID登陸第三方應用程序,不需要輸入密碼,你的指紋數據是被保護的,在沒有被允許的情況下別的程序是訪問不到它的。
根據蘋果的解釋,一個單一的注冊指紋與別人指紋出現隨機匹配的概率為五萬分之一。
蘋果聲稱“Secure Enclave”模塊系統能夠安全地管理並識別用戶的指紋,並將用戶的指紋信息獨立地保存在別的系統中,同時通過加密內存和一個硬件隨機數字密碼發生器進行管理。
每個“Secure Enclave”是單獨設置的,不能訪問系統其他部分的,擁有自己的獨立的UID(唯一的ID),連蘋果也不知道這些UID。當設備啟動時,Touch ID會臨時創建一個秘鑰,與“Secure Enclave”的UID配合,對設備的內存空間進行加密。
而在蘋果發布的文件中,蘋果對A7處理器進行指紋識別授權的描述是:A7和Touch ID之間通過一個串行外設接口總線進行通信。A7處理器將數據發到“Secure Enclave”,但並不對數據內容進行讀取。加密和身份驗證都是使用Touch ID和“Secure Enclave”之間的共享密鑰。通信密鑰交換使用雙方提供的一個隨機AES密鑰,並隨機建立會話密鑰和使用AES-CCM傳輸加密。
據了解:iPhone 5s中的指紋傳感器檢測到的表皮上突起的紋線。它檢測到的不是用戶手指外部的死皮指紋,這種指紋很容易被復制。iPhone 5s的指紋傳感器利用射頻信號,檢測用戶手指表面下方那一層皮膚的“活”指紋。如果手指與人的身體分離,那麼傳感器是無法檢測到這種指紋的。所以用戶不用擔心自己的指紋被復制或盜竊之後,被用於解鎖設備,因為傳感器是無法識別這種“死”指紋的。
最近研究了下iOS8的文檔,對指紋識別了解了下,並下載了一個官方提供的Demo。但是
NS_CLASS_AVAILABLE(10_10, 8_0)
從這句中可以看出,要想使用TouchID的接口,電腦的mac系統必須是10.10的,手機iOS系統必須是8.0,所以為了這個Demo我也沒有升級電腦系統(畢竟還不穩定)。但根據Demo中的代碼和文檔可以看出,TouchID的基本用法。
1.首先要使用TouchID,要先導入依賴包:LocalAuthentication.framework。
2.檢查設備是否能用TouchID,返回檢查結果BOOL類型success:
LAContext *context = [[LAContext alloc] init];
__block NSString *msg;
NSError *error;
BOOL success;
// test if we can evaluate the policy, this test will tell us if Touch ID is available and enrolled
success = [context canEvaluatePolicy: LAPolicyDeviceOwnerAuthenticationWithBiometrics error:&error];
if (success) {
msg =[NSString stringWithFormat:NSLocalizedString(@"TOUCH_ID_IS_AVAILABLE", nil)];
} else {
msg =[NSString stringWithFormat:NSLocalizedString(@"TOUCH_ID_IS_NOT_AVAILABLE", nil)];
}
3.如果設備能使用TouchID,代碼塊中返回識別結果BOOL類型的success:
LAContext *context = [[LAContext alloc] init];
__block NSString *msg;
// show the authentication UI with our reason string
[context evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics localizedReason:NSLocalizedString(@"UNLOCK_ACCESS_TO_LOCKED_FATURE", nil) reply:
^(BOOL success, NSError *authenticationError) {
if (success) {
msg =[NSString stringWithFormat:NSLocalizedString(@"EVALUATE_POLICY_SUCCESS", nil)];
} else {
msg = [NSString stringWithFormat:NSLocalizedString(@"EVALUATE_POLICY_WITH_ERROR", nil), authenticationError.localizedDescription];
}
}];4.對於檢查和識別的兩個方法在 LocalAuthentication.framework/Headers/LAContext.h 中定義的:
/// Determines if a particular policy can be evaluated. /// /// @discussion Policies can have certain requirements which, when not satisfied, would always cause /// the policy evaluation to fail. Examples can be a passcode set or a fingerprint /// enrolled with Touch ID. This method allows easy checking for such conditions. /// /// Applications should consume the returned value immediately and avoid relying on it /// for an extensive period of time. At least, it is guaranteed to stay valid until the /// application enters background. /// /// @warning Do not call this method in the reply block of evaluatePolicy:reply: because it could /// lead to a deadlock. /// /// @param policy Policy for which the preflight check should be run. /// /// @param error Optional output parameter which is set to nil if the policy can be evaluated, or it /// contains error information if policy evaluation is not possible. /// /// @return YES if the policy can be evaluated, NO otherwise. - (BOOL)canEvaluatePolicy:(LAPolicy)policy error:(NSError * __autoreleasing *)error; /// Evaluates the specified policy. /// /// @discussion Policy evaluation may involve prompting user for various kinds of interaction /// or authentication. Actual behavior is dependent on evaluated policy, device type, /// and can be affected by installed configuration profiles. /// /// Be sure to keep a strong reference to the context while the evaluation is in progress. /// Otherwise, an evaluation would be canceled when the context is being deallocated. /// /// The method does not block. Instead, the caller must provide a reply block to be /// called asynchronously when evaluation finishes. The block is executed on a private /// queue internal to the framework in an unspecified threading context. Other than that, /// no guarantee is made about which queue, thread, or run-loop the block is executed on. /// /// Implications of successful policy evaluation are policy specific. In general, this /// operation is not idempotent. Policy evaluation may fail for various reasons, including /// user cancel, system cancel and others, see LAError codes. /// /// @param policy Policy to be evaluated. /// /// @param reply Reply block that is executed when policy evaluation finishes. /// /// @param localizedReason Application reason for authentication. This string must be provided in correct /// localization and should be short and clear. It will be eventually displayed in /// the authentication dialog subtitle. A name of the calling application will be /// already displayed in title, so it should not be duplicated here. /// /// @param success Reply parameter that is YES if the policy has been evaluated successfully or NO if /// the evaluation failed. /// /// @param error Reply parameter that is nil if the policy has been evaluated successfully, or it contains /// error information about the evaluation failure. /// /// @warning localizedReason parameter is mandatory and the call will throw NSInvalidArgumentException if /// nil or empty string is specified. /// /// @see LAError /// /// Typical error codes returned by this call are: /// @li LAErrorUserFallback if user tapped the fallback button /// @li LAErrorUserCancel if user has tapped the Cancel button /// @li LAErrorSystemCancel if some system event interrupted the evaluation (e.g. Home button pressed). - (void)evaluatePolicy:(LAPolicy)policy localizedReason:(NSString *)localizedReason reply:(void(^)(BOOL success, NSError *error))reply;
歡迎小伙伴們對測試結果檢驗一下啊!
(轉載請注明出處,謝謝!http://blog.csdn.net/yujianxiang666/article/details/35280025)
