HAT validity check should be performed early
in enrollment HAL operation.
Bug: 293206206
Test: atest --no-bazel-mode VtsHalBiometricsFingerprintTargetTest
Change-Id: I223615bbbd86d3f918f976c0d46e9ee93338f2a8
diff --git a/biometrics/fingerprint/aidl/default/FakeFingerprintEngine.cpp b/biometrics/fingerprint/aidl/default/FakeFingerprintEngine.cpp
index 9f9ca96..ec28846 100644
--- a/biometrics/fingerprint/aidl/default/FakeFingerprintEngine.cpp
+++ b/biometrics/fingerprint/aidl/default/FakeFingerprintEngine.cpp
@@ -52,6 +52,14 @@
const keymaster::HardwareAuthToken& hat,
const std::future<void>& cancel) {
BEGIN_OP(0);
+
+ // Do proper HAT verification in the real implementation.
+ if (hat.mac.empty()) {
+ LOG(ERROR) << "Fail: hat";
+ cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorError */);
+ return;
+ }
+
updateContext(WorkMode::kEnroll, cb, const_cast<std::future<void>&>(cancel), 0, hat);
}
@@ -112,17 +120,10 @@
}
bool FakeFingerprintEngine::onEnrollFingerDown(ISessionCallback* cb,
- const keymaster::HardwareAuthToken& hat,
+ const keymaster::HardwareAuthToken&,
const std::future<void>& cancel) {
BEGIN_OP(getLatency(FingerprintHalProperties::operation_enroll_latency()));
- // Do proper HAT verification in the real implementation.
- if (hat.mac.empty()) {
- LOG(ERROR) << "Fail: hat";
- cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorError */);
- return true;
- }
-
// Force error-out
auto err = FingerprintHalProperties::operation_enroll_error().value_or(0);
if (err != 0) {