-
Martin Kreichgauer authored
This changes TouchIdAuthenticator::IsAvailable to check whether the current executable is signed with a keychain-access-groups entitlement matching the value that the authenticator is instantiated with. Without it, calls to the keychain API to access credentials will fail. Some embedders seem to provide a TouchIdAuthenticatorConfig that attempts to configure Touch ID but don't entitle their binary as required. This results in Touch ID being available but MakeCredential/GetAssertion calls hanging until they time out. With this change, Touch ID will simply be unvavailable instead. Bug: 898577 Change-Id: I7b653a492661f36c921ab4fcd8785d90c92612ac Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1628734 Commit-Queue: Martin Kreichgauer <martinkr@google.com> Reviewed-by:
Greg Kerr <kerrnel@chromium.org> Reviewed-by:
Adam Langley <agl@chromium.org> Cr-Commit-Position: refs/heads/master@{#664837}
eaa8eb9d
