security/FingerprintDialog/Application/src/main/java/com/example/android/fingerprintdialog/MainActivity.java - platform/developers/samples/android - Git at Google

 /*
  * Copyright (C) 2015 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License
  */

 package com.example.android.fingerprintdialog;

 import android.app.Activity;
 import android.app.KeyguardManager;
 import android.content.Intent;
 import android.content.SharedPreferences;
 import android.hardware.fingerprint.FingerprintManager;
 import android.os.Build;
 import android.os.Bundle;
 import android.preference.PreferenceManager;
 import android.security.keystore.KeyGenParameterSpec;
 import android.security.keystore.KeyPermanentlyInvalidatedException;
 import android.security.keystore.KeyProperties;
 import android.support.annotation.Nullable;
 import android.util.Base64;
 import android.util.Log;
 import android.view.Menu;
 import android.view.MenuItem;
 import android.view.View;
 import android.widget.Button;
 import android.widget.TextView;
 import android.widget.Toast;

 import java.io.IOException;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateException;

 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.KeyGenerator;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;

 /**
  * Main entry point for the sample, showing a backpack and "Purchase" button.
  */
 public class MainActivity extends Activity {

     private static final String TAG = MainActivity.class.getSimpleName();

     private static final String DIALOG_FRAGMENT_TAG = "myFragment";
     private static final String SECRET_MESSAGE = "Very secret message";
     private static final String KEY_NAME_NOT_INVALIDATED = "key_not_invalidated";
     static final String DEFAULT_KEY_NAME = "default_key";

     private KeyStore mKeyStore;
     private KeyGenerator mKeyGenerator;
     private SharedPreferences mSharedPreferences;

     @Override
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         setContentView(R.layout.activity_main);

         try {
             mKeyStore = KeyStore.getInstance("AndroidKeyStore");
         } catch (KeyStoreException e) {
             throw new RuntimeException("Failed to get an instance of KeyStore", e);
         }
         try {
             mKeyGenerator = KeyGenerator
                     .getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");
         } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
             throw new RuntimeException("Failed to get an instance of KeyGenerator", e);
         }
         Cipher defaultCipher;
         Cipher cipherNotInvalidated;
         try {
             defaultCipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
                     + KeyProperties.BLOCK_MODE_CBC + "/"
                     + KeyProperties.ENCRYPTION_PADDING_PKCS7);
             cipherNotInvalidated = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
                     + KeyProperties.BLOCK_MODE_CBC + "/"
                     + KeyProperties.ENCRYPTION_PADDING_PKCS7);
         } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
             throw new RuntimeException("Failed to get an instance of Cipher", e);
         }
         mSharedPreferences = PreferenceManager.getDefaultSharedPreferences(this);

         KeyguardManager keyguardManager = getSystemService(KeyguardManager.class);
         FingerprintManager fingerprintManager = getSystemService(FingerprintManager.class);
         Button purchaseButton = (Button) findViewById(R.id.purchase_button);
         Button purchaseButtonNotInvalidated = (Button) findViewById(
                 R.id.purchase_button_not_invalidated);

         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
             purchaseButtonNotInvalidated.setEnabled(true);
             purchaseButtonNotInvalidated.setOnClickListener(
                     new PurchaseButtonClickListener(cipherNotInvalidated,
                             KEY_NAME_NOT_INVALIDATED));
         } else {
             // Hide the purchase button which uses a non-invalidated key
             // if the app doesn't work on Android N preview
             purchaseButtonNotInvalidated.setVisibility(View.GONE);
             findViewById(R.id.purchase_button_not_invalidated_description)
                     .setVisibility(View.GONE);
         }

         if (!keyguardManager.isKeyguardSecure()) {
             // Show a message that the user hasn't set up a fingerprint or lock screen.
             Toast.makeText(this,
                     "Secure lock screen hasn't set up.\n"
                             + "Go to 'Settings -> Security -> Fingerprint' to set up a fingerprint",
                     Toast.LENGTH_LONG).show();
             purchaseButton.setEnabled(false);
             purchaseButtonNotInvalidated.setEnabled(false);
             return;
         }

         // Now the protection level of USE_FINGERPRINT permission is normal instead of dangerous.
         // See http://developer.android.com/reference/android/Manifest.permission.html#USE_FINGERPRINT
         // The line below prevents the false positive inspection from Android Studio
         // noinspection ResourceType
         if (!fingerprintManager.hasEnrolledFingerprints()) {
             purchaseButton.setEnabled(false);
             // This happens when no fingerprints are registered.
             Toast.makeText(this,
                     "Go to 'Settings -> Security -> Fingerprint' and register at least one fingerprint",
                     Toast.LENGTH_LONG).show();
             return;
         }
         createKey(DEFAULT_KEY_NAME, true);
         createKey(KEY_NAME_NOT_INVALIDATED, false);
         purchaseButton.setEnabled(true);
         purchaseButton.setOnClickListener(
                 new PurchaseButtonClickListener(defaultCipher, DEFAULT_KEY_NAME));
     }

     /**
      * Initialize the {@link Cipher} instance with the created key in the
      * {@link #createKey(String, boolean)} method.
      *
      * @param keyName the key name to init the cipher
      * @return {@code true} if initialization is successful, {@code false} if the lock screen has
      * been disabled or reset after the key was generated, or if a fingerprint got enrolled after
      * the key was generated.
      */
     private boolean initCipher(Cipher cipher, String keyName) {
         try {
             mKeyStore.load(null);
             SecretKey key = (SecretKey) mKeyStore.getKey(keyName, null);
             cipher.init(Cipher.ENCRYPT_MODE, key);
             return true;
         } catch (KeyPermanentlyInvalidatedException e) {
             return false;
         } catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException
                 | NoSuchAlgorithmException | InvalidKeyException e) {
             throw new RuntimeException("Failed to init Cipher", e);
         }
     }

     /**
      * Proceed the purchase operation
      *
      * @param withFingerprint {@code true} if the purchase was made by using a fingerprint
      * @param cryptoObject the Crypto object
      */
     public void onPurchased(boolean withFingerprint,
             @Nullable FingerprintManager.CryptoObject cryptoObject) {
         if (withFingerprint) {
             // If the user has authenticated with fingerprint, verify that using cryptography and
             // then show the confirmation message.
             assert cryptoObject != null;
             tryEncrypt(cryptoObject.getCipher());
         } else {
             // Authentication happened with backup password. Just show the confirmation message.
             showConfirmation(null);
         }
     }

     // Show confirmation, if fingerprint was used show crypto information.
     private void showConfirmation(byte[] encrypted) {
         findViewById(R.id.confirmation_message).setVisibility(View.VISIBLE);
         if (encrypted != null) {
             TextView v = (TextView) findViewById(R.id.encrypted_message);
             v.setVisibility(View.VISIBLE);
             v.setText(Base64.encodeToString(encrypted, 0 /* flags */));
         }
     }

     /**
      * Tries to encrypt some data with the generated key in {@link #createKey} which is
      * only works if the user has just authenticated via fingerprint.
      */
     private void tryEncrypt(Cipher cipher) {
         try {
             byte[] encrypted = cipher.doFinal(SECRET_MESSAGE.getBytes());
             showConfirmation(encrypted);
         } catch (BadPaddingException | IllegalBlockSizeException e) {
             Toast.makeText(this, "Failed to encrypt the data with the generated key. "
                     + "Retry the purchase", Toast.LENGTH_LONG).show();
             Log.e(TAG, "Failed to encrypt the data with the generated key." + e.getMessage());
         }
     }

     /**
      * Creates a symmetric key in the Android Key Store which can only be used after the user has
      * authenticated with fingerprint.
      *
      * @param keyName the name of the key to be created
      * @param invalidatedByBiometricEnrollment if {@code false} is passed, the created key will not
      *                                         be invalidated even if a new fingerprint is enrolled.
      *                                         The default value is {@code true}, so passing
      *                                         {@code true} doesn't change the behavior
      *                                         (the key will be invalidated if a new fingerprint is
      *                                         enrolled.). Note that this parameter is only valid if
      *                                         the app works on Android N developer preview.
      *
      */
     public void createKey(String keyName, boolean invalidatedByBiometricEnrollment) {
         // The enrolling flow for fingerprint. This is where you ask the user to set up fingerprint
         // for your flow. Use of keys is necessary if you need to know if the set of
         // enrolled fingerprints has changed.
         try {
             mKeyStore.load(null);
             // Set the alias of the entry in Android KeyStore where the key will appear
             // and the constrains (purposes) in the constructor of the Builder

             KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(keyName,
                     KeyProperties.PURPOSE_ENCRYPT |
                             KeyProperties.PURPOSE_DECRYPT)
                     .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
                     // Require the user to authenticate with a fingerprint to authorize every use
                     // of the key
                     .setUserAuthenticationRequired(true)
                     .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7);

             // This is a workaround to avoid crashes on devices whose API level is < 24
             // because KeyGenParameterSpec.Builder#setInvalidatedByBiometricEnrollment is only
             // visible on API level +24.
             // Ideally there should be a compat library for KeyGenParameterSpec.Builder but
             // which isn't available yet.
             if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
                 builder.setInvalidatedByBiometricEnrollment(invalidatedByBiometricEnrollment);
             }
             mKeyGenerator.init(builder.build());
             mKeyGenerator.generateKey();
         } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
                 | CertificateException | IOException e) {
             throw new RuntimeException(e);
         }
     }

     @Override
     public boolean onCreateOptionsMenu(Menu menu) {
         getMenuInflater().inflate(R.menu.menu_main, menu);
         return true;
     }

     @Override
     public boolean onOptionsItemSelected(MenuItem item) {
         int id = item.getItemId();

         if (id == R.id.action_settings) {
             Intent intent = new Intent(this, SettingsActivity.class);
             startActivity(intent);
             return true;
         }
         return super.onOptionsItemSelected(item);
     }

     private class PurchaseButtonClickListener implements View.OnClickListener {

         Cipher mCipher;
         String mKeyName;

         PurchaseButtonClickListener(Cipher cipher, String keyName) {
             mCipher = cipher;
             mKeyName = keyName;
         }

         @Override
         public void onClick(View view) {
             findViewById(R.id.confirmation_message).setVisibility(View.GONE);
             findViewById(R.id.encrypted_message).setVisibility(View.GONE);

             // Set up the crypto object for later. The object will be authenticated by use
             // of the fingerprint.
             if (initCipher(mCipher, mKeyName)) {

                 // Show the fingerprint dialog. The user has the option to use the fingerprint with
                 // crypto, or you can fall back to using a server-side verified password.
                 FingerprintAuthenticationDialogFragment fragment
                         = new FingerprintAuthenticationDialogFragment();
                 fragment.setCryptoObject(new FingerprintManager.CryptoObject(mCipher));
                 boolean useFingerprintPreference = mSharedPreferences
                         .getBoolean(getString(R.string.use_fingerprint_to_authenticate_key),
                                 true);
                 if (useFingerprintPreference) {
                     fragment.setStage(
                             FingerprintAuthenticationDialogFragment.Stage.FINGERPRINT);
                 } else {
                     fragment.setStage(
                             FingerprintAuthenticationDialogFragment.Stage.PASSWORD);
                 }
                 fragment.show(getFragmentManager(), DIALOG_FRAGMENT_TAG);
             } else {
                 // This happens if the lock screen has been disabled or or a fingerprint got
                 // enrolled. Thus show the dialog to authenticate with their password first
                 // and ask the user if they want to authenticate with fingerprints in the
                 // future
                 FingerprintAuthenticationDialogFragment fragment
                         = new FingerprintAuthenticationDialogFragment();
                 fragment.setCryptoObject(new FingerprintManager.CryptoObject(mCipher));
                 fragment.setStage(
                         FingerprintAuthenticationDialogFragment.Stage.NEW_FINGERPRINT_ENROLLED);
                 fragment.show(getFragmentManager(), DIALOG_FRAGMENT_TAG);
             }
         }
     }
 }
	/*
	* Copyright (C) 2015 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License
	*/

	package com.example.android.fingerprintdialog;

	import android.app.Activity;
	import android.app.KeyguardManager;
	import android.content.Intent;
	import android.content.SharedPreferences;
	import android.hardware.fingerprint.FingerprintManager;
	import android.os.Build;
	import android.os.Bundle;
	import android.preference.PreferenceManager;
	import android.security.keystore.KeyGenParameterSpec;
	import android.security.keystore.KeyPermanentlyInvalidatedException;
	import android.security.keystore.KeyProperties;
	import android.support.annotation.Nullable;
	import android.util.Base64;
	import android.util.Log;
	import android.view.Menu;
	import android.view.MenuItem;
	import android.view.View;
	import android.widget.Button;
	import android.widget.TextView;
	import android.widget.Toast;

	import java.io.IOException;
	import java.security.InvalidAlgorithmParameterException;
	import java.security.InvalidKeyException;
	import java.security.KeyStore;
	import java.security.KeyStoreException;
	import java.security.NoSuchAlgorithmException;
	import java.security.NoSuchProviderException;
	import java.security.UnrecoverableKeyException;
	import java.security.cert.CertificateException;

	import javax.crypto.BadPaddingException;
	import javax.crypto.Cipher;
	import javax.crypto.IllegalBlockSizeException;
	import javax.crypto.KeyGenerator;
	import javax.crypto.NoSuchPaddingException;
	import javax.crypto.SecretKey;

	/**
	* Main entry point for the sample, showing a backpack and "Purchase" button.
	*/
	public class MainActivity extends Activity {

	private static final String TAG = MainActivity.class.getSimpleName();

	private static final String DIALOG_FRAGMENT_TAG = "myFragment";
	private static final String SECRET_MESSAGE = "Very secret message";
	private static final String KEY_NAME_NOT_INVALIDATED = "key_not_invalidated";
	static final String DEFAULT_KEY_NAME = "default_key";

	private KeyStore mKeyStore;
	private KeyGenerator mKeyGenerator;
	private SharedPreferences mSharedPreferences;

	@Override
	protected void onCreate(Bundle savedInstanceState) {
	super.onCreate(savedInstanceState);
	setContentView(R.layout.activity_main);

	try {
	mKeyStore = KeyStore.getInstance("AndroidKeyStore");
	} catch (KeyStoreException e) {
	throw new RuntimeException("Failed to get an instance of KeyStore", e);
	}
	try {
	mKeyGenerator = KeyGenerator
	.getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");
	} catch (NoSuchAlgorithmException \| NoSuchProviderException e) {
	throw new RuntimeException("Failed to get an instance of KeyGenerator", e);
	}
	Cipher defaultCipher;
	Cipher cipherNotInvalidated;
	try {
	defaultCipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
	+ KeyProperties.BLOCK_MODE_CBC + "/"
	+ KeyProperties.ENCRYPTION_PADDING_PKCS7);
	cipherNotInvalidated = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
	+ KeyProperties.BLOCK_MODE_CBC + "/"
	+ KeyProperties.ENCRYPTION_PADDING_PKCS7);
	} catch (NoSuchAlgorithmException \| NoSuchPaddingException e) {
	throw new RuntimeException("Failed to get an instance of Cipher", e);
	}
	mSharedPreferences = PreferenceManager.getDefaultSharedPreferences(this);

	KeyguardManager keyguardManager = getSystemService(KeyguardManager.class);
	FingerprintManager fingerprintManager = getSystemService(FingerprintManager.class);
	Button purchaseButton = (Button) findViewById(R.id.purchase_button);
	Button purchaseButtonNotInvalidated = (Button) findViewById(
	R.id.purchase_button_not_invalidated);

	if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
	purchaseButtonNotInvalidated.setEnabled(true);
	purchaseButtonNotInvalidated.setOnClickListener(
	new PurchaseButtonClickListener(cipherNotInvalidated,
	KEY_NAME_NOT_INVALIDATED));
	} else {
	// Hide the purchase button which uses a non-invalidated key
	// if the app doesn't work on Android N preview
	purchaseButtonNotInvalidated.setVisibility(View.GONE);
	findViewById(R.id.purchase_button_not_invalidated_description)
	.setVisibility(View.GONE);
	}

	if (!keyguardManager.isKeyguardSecure()) {
	// Show a message that the user hasn't set up a fingerprint or lock screen.
	Toast.makeText(this,
	"Secure lock screen hasn't set up.\n"
	+ "Go to 'Settings -> Security -> Fingerprint' to set up a fingerprint",
	Toast.LENGTH_LONG).show();
	purchaseButton.setEnabled(false);
	purchaseButtonNotInvalidated.setEnabled(false);
	return;
	}

	// Now the protection level of USE_FINGERPRINT permission is normal instead of dangerous.
	// See http://developer.android.com/reference/android/Manifest.permission.html#USE_FINGERPRINT
	// The line below prevents the false positive inspection from Android Studio
	// noinspection ResourceType
	if (!fingerprintManager.hasEnrolledFingerprints()) {
	purchaseButton.setEnabled(false);
	// This happens when no fingerprints are registered.
	Toast.makeText(this,
	"Go to 'Settings -> Security -> Fingerprint' and register at least one fingerprint",
	Toast.LENGTH_LONG).show();
	return;
	}
	createKey(DEFAULT_KEY_NAME, true);
	createKey(KEY_NAME_NOT_INVALIDATED, false);
	purchaseButton.setEnabled(true);
	purchaseButton.setOnClickListener(
	new PurchaseButtonClickListener(defaultCipher, DEFAULT_KEY_NAME));
	}

	/**
	* Initialize the {@link Cipher} instance with the created key in the
	* {@link #createKey(String, boolean)} method.
	*
	* @param keyName the key name to init the cipher
	* @return {@code true} if initialization is successful, {@code false} if the lock screen has
	* been disabled or reset after the key was generated, or if a fingerprint got enrolled after
	* the key was generated.
	*/
	private boolean initCipher(Cipher cipher, String keyName) {
	try {
	mKeyStore.load(null);
	SecretKey key = (SecretKey) mKeyStore.getKey(keyName, null);
	cipher.init(Cipher.ENCRYPT_MODE, key);
	return true;
	} catch (KeyPermanentlyInvalidatedException e) {
	return false;
	} catch (KeyStoreException \| CertificateException \| UnrecoverableKeyException \| IOException
	\| NoSuchAlgorithmException \| InvalidKeyException e) {
	throw new RuntimeException("Failed to init Cipher", e);
	}
	}

	/**
	* Proceed the purchase operation
	*
	* @param withFingerprint {@code true} if the purchase was made by using a fingerprint
	* @param cryptoObject the Crypto object
	*/
	public void onPurchased(boolean withFingerprint,
	@Nullable FingerprintManager.CryptoObject cryptoObject) {
	if (withFingerprint) {
	// If the user has authenticated with fingerprint, verify that using cryptography and
	// then show the confirmation message.
	assert cryptoObject != null;
	tryEncrypt(cryptoObject.getCipher());
	} else {
	// Authentication happened with backup password. Just show the confirmation message.
	showConfirmation(null);
	}
	}

	// Show confirmation, if fingerprint was used show crypto information.
	private void showConfirmation(byte[] encrypted) {
	findViewById(R.id.confirmation_message).setVisibility(View.VISIBLE);
	if (encrypted != null) {
	TextView v = (TextView) findViewById(R.id.encrypted_message);
	v.setVisibility(View.VISIBLE);
	v.setText(Base64.encodeToString(encrypted, 0 /* flags */));
	}
	}

	/**
	* Tries to encrypt some data with the generated key in {@link #createKey} which is
	* only works if the user has just authenticated via fingerprint.
	*/
	private void tryEncrypt(Cipher cipher) {
	try {
	byte[] encrypted = cipher.doFinal(SECRET_MESSAGE.getBytes());
	showConfirmation(encrypted);
	} catch (BadPaddingException \| IllegalBlockSizeException e) {
	Toast.makeText(this, "Failed to encrypt the data with the generated key. "
	+ "Retry the purchase", Toast.LENGTH_LONG).show();
	Log.e(TAG, "Failed to encrypt the data with the generated key." + e.getMessage());
	}
	}

	/**
	* Creates a symmetric key in the Android Key Store which can only be used after the user has
	* authenticated with fingerprint.
	*
	* @param keyName the name of the key to be created
	* @param invalidatedByBiometricEnrollment if {@code false} is passed, the created key will not
	* be invalidated even if a new fingerprint is enrolled.
	* The default value is {@code true}, so passing
	* {@code true} doesn't change the behavior
	* (the key will be invalidated if a new fingerprint is
	* enrolled.). Note that this parameter is only valid if
	* the app works on Android N developer preview.
	*
	*/
	public void createKey(String keyName, boolean invalidatedByBiometricEnrollment) {
	// The enrolling flow for fingerprint. This is where you ask the user to set up fingerprint
	// for your flow. Use of keys is necessary if you need to know if the set of
	// enrolled fingerprints has changed.
	try {
	mKeyStore.load(null);
	// Set the alias of the entry in Android KeyStore where the key will appear
	// and the constrains (purposes) in the constructor of the Builder

	KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(keyName,
	KeyProperties.PURPOSE_ENCRYPT \|
	KeyProperties.PURPOSE_DECRYPT)
	.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
	// Require the user to authenticate with a fingerprint to authorize every use
	// of the key
	.setUserAuthenticationRequired(true)
	.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7);

	// This is a workaround to avoid crashes on devices whose API level is < 24
	// because KeyGenParameterSpec.Builder#setInvalidatedByBiometricEnrollment is only
	// visible on API level +24.
	// Ideally there should be a compat library for KeyGenParameterSpec.Builder but
	// which isn't available yet.
	if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
	builder.setInvalidatedByBiometricEnrollment(invalidatedByBiometricEnrollment);
	}
	mKeyGenerator.init(builder.build());
	mKeyGenerator.generateKey();
	} catch (NoSuchAlgorithmException \| InvalidAlgorithmParameterException
	\| CertificateException \| IOException e) {
	throw new RuntimeException(e);
	}
	}

	@Override
	public boolean onCreateOptionsMenu(Menu menu) {
	getMenuInflater().inflate(R.menu.menu_main, menu);
	return true;
	}

	@Override
	public boolean onOptionsItemSelected(MenuItem item) {
	int id = item.getItemId();

	if (id == R.id.action_settings) {
	Intent intent = new Intent(this, SettingsActivity.class);
	startActivity(intent);
	return true;
	}
	return super.onOptionsItemSelected(item);
	}

	private class PurchaseButtonClickListener implements View.OnClickListener {

	Cipher mCipher;
	String mKeyName;

	PurchaseButtonClickListener(Cipher cipher, String keyName) {
	mCipher = cipher;
	mKeyName = keyName;
	}

	@Override
	public void onClick(View view) {
	findViewById(R.id.confirmation_message).setVisibility(View.GONE);
	findViewById(R.id.encrypted_message).setVisibility(View.GONE);

	// Set up the crypto object for later. The object will be authenticated by use
	// of the fingerprint.
	if (initCipher(mCipher, mKeyName)) {

	// Show the fingerprint dialog. The user has the option to use the fingerprint with
	// crypto, or you can fall back to using a server-side verified password.
	FingerprintAuthenticationDialogFragment fragment
	= new FingerprintAuthenticationDialogFragment();
	fragment.setCryptoObject(new FingerprintManager.CryptoObject(mCipher));
	boolean useFingerprintPreference = mSharedPreferences
	.getBoolean(getString(R.string.use_fingerprint_to_authenticate_key),
	true);
	if (useFingerprintPreference) {
	fragment.setStage(
	FingerprintAuthenticationDialogFragment.Stage.FINGERPRINT);
	} else {
	fragment.setStage(
	FingerprintAuthenticationDialogFragment.Stage.PASSWORD);
	}
	fragment.show(getFragmentManager(), DIALOG_FRAGMENT_TAG);
	} else {
	// This happens if the lock screen has been disabled or or a fingerprint got
	// enrolled. Thus show the dialog to authenticate with their password first
	// and ask the user if they want to authenticate with fingerprints in the
	// future
	FingerprintAuthenticationDialogFragment fragment
	= new FingerprintAuthenticationDialogFragment();
	fragment.setCryptoObject(new FingerprintManager.CryptoObject(mCipher));
	fragment.setStage(
	FingerprintAuthenticationDialogFragment.Stage.NEW_FINGERPRINT_ENROLLED);
	fragment.show(getFragmentManager(), DIALOG_FRAGMENT_TAG);
	}
	}
	}
	}