A
Android Central Question
Referring to a documentation where it's stated;
... Such keys can only be generated or imported if at least one fingerprint is enrolled (see FingerprintManager.hasEnrolledFingerprints). These keys become permanently invalidated once a new fingerprint is enrolled or all fingerprints are unenrolled.
I get that keys are permanently invalidated when all the enrolled fingerprints get unenrolled but why it is so when there's a new fingerprint enrolled?
I thought Android Keystore abstracts the key usage from the fingerprints enrolled (when "authentication-required" set on a key) which would mean I can access the key(s) that require authentication defined by my application, regardless which enrolled fingerprint is used.
So, would that mean my keys will not be usable anymore once I enrol another fingerprint? Or I'm interpreting that statement (in bold) very wrongly?
... Such keys can only be generated or imported if at least one fingerprint is enrolled (see FingerprintManager.hasEnrolledFingerprints). These keys become permanently invalidated once a new fingerprint is enrolled or all fingerprints are unenrolled.
I get that keys are permanently invalidated when all the enrolled fingerprints get unenrolled but why it is so when there's a new fingerprint enrolled?
I thought Android Keystore abstracts the key usage from the fingerprints enrolled (when "authentication-required" set on a key) which would mean I can access the key(s) that require authentication defined by my application, regardless which enrolled fingerprint is used.
So, would that mean my keys will not be usable anymore once I enrol another fingerprint? Or I'm interpreting that statement (in bold) very wrongly?