HAT validity check should be performed early

in enrollment HAL operation.
Bug: 293206206
Test: atest --no-bazel-mode VtsHalBiometricsFingerprintTargetTest

Change-Id: I223615bbbd86d3f918f976c0d46e9ee93338f2a8
diff --git a/biometrics/fingerprint/aidl/default/FakeFingerprintEngine.cpp b/biometrics/fingerprint/aidl/default/FakeFingerprintEngine.cpp
index 9f9ca96..ec28846 100644
--- a/biometrics/fingerprint/aidl/default/FakeFingerprintEngine.cpp
+++ b/biometrics/fingerprint/aidl/default/FakeFingerprintEngine.cpp
@@ -52,6 +52,14 @@
                                        const keymaster::HardwareAuthToken& hat,
                                        const std::future<void>& cancel) {
     BEGIN_OP(0);
+
+    // Do proper HAT verification in the real implementation.
+    if (hat.mac.empty()) {
+        LOG(ERROR) << "Fail: hat";
+        cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorError */);
+        return;
+    }
+
     updateContext(WorkMode::kEnroll, cb, const_cast<std::future<void>&>(cancel), 0, hat);
 }
 
@@ -112,17 +120,10 @@
 }
 
 bool FakeFingerprintEngine::onEnrollFingerDown(ISessionCallback* cb,
-                                               const keymaster::HardwareAuthToken& hat,
+                                               const keymaster::HardwareAuthToken&,
                                                const std::future<void>& cancel) {
     BEGIN_OP(getLatency(FingerprintHalProperties::operation_enroll_latency()));
 
-    // Do proper HAT verification in the real implementation.
-    if (hat.mac.empty()) {
-        LOG(ERROR) << "Fail: hat";
-        cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorError */);
-        return true;
-    }
-
     // Force error-out
     auto err = FingerprintHalProperties::operation_enroll_error().value_or(0);
     if (err != 0) {