蘋果在2014年6月3日的WWDC2014開幕式上推出了新版iOS8系統,界面上iOS8與iOS7相比變化不大,不過在功能方面進行了完善。iOS8通知中心更加強大,支持消息直接回復操作,並支持QuickType和第三方輸入法。短信功能改進明顯,支持羣聊,發送語音、視頻,分享地理位置等。從終端用戶的角度看,iOS8的許多新功能早已出現在其他平臺中。iOS8會向第三方軟件開放TouchID訪問,這意味着可以使用該感應器登陸銀行應用等。
第三方應用可以使用TouchID接口,意味着未來的很多應用都可以用指紋識別功能了。你可以選擇Touch ID登陸第三方應用程序,不需要輸入密碼,你的指紋數據是被保護的,在沒有被允許的情況下別的程序是訪問不到它的。
根據蘋果的解釋,一個單一的註冊指紋與別人指紋出現隨機匹配的概率爲五萬分之一。
蘋果聲稱“Secure Enclave”模塊系統能夠安全地管理並識別用戶的指紋,並將用戶的指紋信息獨立地保存在別的系統中,同時通過加密內存和一個硬件隨機數字密碼發生器進行管理。
每個“Secure Enclave”是單獨設置的,不能訪問系統其他部分的,擁有自己的獨立的UID(唯一的ID),連蘋果也不知道這些UID。當設備啓動時,Touch ID會臨時創建一個祕鑰,與“Secure Enclave”的UID配合,對設備的內存空間進行加密。
而在蘋果發佈的文件中,蘋果對A7處理器進行指紋識別授權的描述是:A7和Touch ID之間通過一個串行外設接口總線進行通信。A7處理器將數據發到“Secure Enclave”,但並不對數據內容進行讀取。加密和身份驗證都是使用Touch ID和“Secure Enclave”之間的共享密鑰。通信密鑰交換使用雙方提供的一個隨機AES密鑰,並隨機建立會話密鑰和使用AES-CCM傳輸加密。
據瞭解:iPhone 5s中的指紋傳感器檢測到的表皮上突起的紋線。它檢測到的不是用戶手指外部的死皮指紋,這種指紋很容易被複制。iPhone 5s的指紋傳感器利用射頻信號,檢測用戶手指表面下方那一層皮膚的“活”指紋。如果手指與人的身體分離,那麼傳感器是無法檢測到這種指紋的。所以用戶不用擔心自己的指紋被複制或盜竊之後,被用於解鎖設備,因爲傳感器是無法識別這種“死”指紋的。
最近研究了下iOS8的文檔,對指紋識別瞭解了下,並下載了一個官方提供的Demo。但是
NS_CLASS_AVAILABLE(10_10, 8_0)
從這句中可以看出,要想使用TouchID的接口,電腦的mac系統必須是10.10的,手機iOS系統必須是8.0,所以爲了這個Demo我也沒有升級電腦系統(畢竟還不穩定)。但根據Demo中的代碼和文檔可以看出,TouchID的基本用法。
1.首先要使用TouchID,要先導入依賴包:LocalAuthentication.framework。
2.檢查設備是否能用TouchID,返回檢查結果BOOL類型success:
- LAContext *context = [[LAContext alloc] init];
- __block NSString *msg;
- NSError *error;
- BOOL success;
- // test if we can evaluate the policy, this test will tell us if Touch ID is available and enrolled
- success = [context canEvaluatePolicy: LAPolicyDeviceOwnerAuthenticationWithBiometrics error:&error];
- if (success) {
- msg =[NSString stringWithFormat:NSLocalizedString(@"TOUCH_ID_IS_AVAILABLE", nil)];
- } else {
- msg =[NSString stringWithFormat:NSLocalizedString(@"TOUCH_ID_IS_NOT_AVAILABLE", nil)];
- }
3.如果設備能使用TouchID,代碼塊中返回識別結果BOOL類型的success:
- LAContext *context = [[LAContext alloc] init];
- __block NSString *msg;
- // show the authentication UI with our reason string
- [context evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics localizedReason:NSLocalizedString(@"UNLOCK_ACCESS_TO_LOCKED_FATURE", nil) reply:
- ^(BOOL success, NSError *authenticationError) {
- if (success) {
- msg =[NSString stringWithFormat:NSLocalizedString(@"EVALUATE_POLICY_SUCCESS", nil)];
- } else {
- msg = [NSString stringWithFormat:NSLocalizedString(@"EVALUATE_POLICY_WITH_ERROR", nil), authenticationError.localizedDescription];
- }
- }];
4.對於檢查和識別的兩個方法在 LocalAuthentication.framework/Headers/LAContext.h 中定義的:
- /// Determines if a particular policy can be evaluated.
- ///
- /// @discussion Policies can have certain requirements which, when not satisfied, would always cause
- /// the policy evaluation to fail. Examples can be a passcode set or a fingerprint
- /// enrolled with Touch ID. This method allows easy checking for such conditions.
- ///
- /// Applications should consume the returned value immediately and avoid relying on it
- /// for an extensive period of time. At least, it is guaranteed to stay valid until the
- /// application enters background.
- ///
- /// @warning Do not call this method in the reply block of evaluatePolicy:reply: because it could
- /// lead to a deadlock.
- ///
- /// @param policy Policy for which the preflight check should be run.
- ///
- /// @param error Optional output parameter which is set to nil if the policy can be evaluated, or it
- /// contains error information if policy evaluation is not possible.
- ///
- /// @return YES if the policy can be evaluated, NO otherwise.
- - (BOOL)canEvaluatePolicy:(LAPolicy)policy error:(NSError * __autoreleasing *)error;
- /// Evaluates the specified policy.
- ///
- /// @discussion Policy evaluation may involve prompting user for various kinds of interaction
- /// or authentication. Actual behavior is dependent on evaluated policy, device type,
- /// and can be affected by installed configuration profiles.
- ///
- /// Be sure to keep a strong reference to the context while the evaluation is in progress.
- /// Otherwise, an evaluation would be canceled when the context is being deallocated.
- ///
- /// The method does not block. Instead, the caller must provide a reply block to be
- /// called asynchronously when evaluation finishes. The block is executed on a private
- /// queue internal to the framework in an unspecified threading context. Other than that,
- /// no guarantee is made about which queue, thread, or run-loop the block is executed on.
- ///
- /// Implications of successful policy evaluation are policy specific. In general, this
- /// operation is not idempotent. Policy evaluation may fail for various reasons, including
- /// user cancel, system cancel and others, see LAError codes.
- ///
- /// @param policy Policy to be evaluated.
- ///
- /// @param reply Reply block that is executed when policy evaluation finishes.
- ///
- /// @param localizedReason Application reason for authentication. This string must be provided in correct
- /// localization and should be short and clear. It will be eventually displayed in
- /// the authentication dialog subtitle. A name of the calling application will be
- /// already displayed in title, so it should not be duplicated here.
- ///
- /// @param success Reply parameter that is YES if the policy has been evaluated successfully or NO if
- /// the evaluation failed.
- ///
- /// @param error Reply parameter that is nil if the policy has been evaluated successfully, or it contains
- /// error information about the evaluation failure.
- ///
- /// @warning localizedReason parameter is mandatory and the call will throw NSInvalidArgumentException if
- /// nil or empty string is specified.
- ///
- /// @see LAError
- ///
- /// Typical error codes returned by this call are:
- /// @li LAErrorUserFallback if user tapped the fallback button
- /// @li LAErrorUserCancel if user has tapped the Cancel button
- /// @li LAErrorSystemCancel if some system event interrupted the evaluation (e.g. Home button pressed).
- - (void)evaluatePolicy:(LAPolicy)policy localizedReason:(NSString *)localizedReason reply:(void(^)(BOOL success, NSError *error))reply;