fido/bio: add support for cancelCurrentEnrollment and test

Builds out support for CTAP2.1 §5.7.5, cancelling an ongoing enrollment. The authenticator should always return success whether there is an enrollment or not. Change-Id: I1a99fb111c2f00d8fd016d2211e0fba9423dc1bb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1636227 Commit-Queue: Matthew Webb <noviv@google.com> Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org> Cr-Commit-Position: refs/heads/master@{#667294}

fido/bio: add support for cancelCurrentEnrollment and test
Builds out support for CTAP2.1 §5.7.5, cancelling an ongoing enrollment. The authenticator should always return success whether there is an enrollment or not. Change-Id: I1a99fb111c2f00d8fd016d2211e0fba9423dc1bb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1636227 Commit-Queue: Matthew Webb <noviv@google.com> Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org> Cr-Commit-Position: refs/heads/master@{#667294}
a8ac1fbc · Matthew Webb · Commit Bot · 455bc4d7 · a8ac1fbc · a8ac1fbc
Commit a8ac1fbc authored Jun 07, 2019 by Matthew Webb Committed by Commit Bot Jun 07, 2019
10 changed files
--- a/device/fido/bio/enrollment.cc
+++ b/device/fido/bio/enrollment.cc
@@ -61,6 +61,14 @@ BioEnrollmentRequest BioEnrollmentRequest::ForEnrollNextSample(
  return request;
 }

+// static
+BioEnrollmentRequest BioEnrollmentRequest::ForCancel() {
+  BioEnrollmentRequest request;
+  request.modality = BioEnrollmentModality::kFingerprint;
+  request.subcommand = BioEnrollmentSubCommand::kCancelCurrentEnrollment;
+  return request;
+}
+
 BioEnrollmentRequest::BioEnrollmentRequest(BioEnrollmentRequest&&) = default;
 BioEnrollmentRequest& BioEnrollmentRequest::operator=(BioEnrollmentRequest&&) =
    default;

--- a/device/fido/bio/enrollment.h
+++ b/device/fido/bio/enrollment.h
@@ -107,6 +107,7 @@ struct BioEnrollmentRequest {
  static BioEnrollmentRequest ForEnrollNextSample(
      const pin::TokenResponse& pin_token,
      std::vector<uint8_t> template_id);
+  static BioEnrollmentRequest ForCancel();

  base::Optional<BioEnrollmentModality> modality;
  base::Optional<BioEnrollmentSubCommand> subcommand;

--- a/device/fido/bio/enrollment_handler.cc
+++ b/device/fido/bio/enrollment_handler.cc
@@ -65,6 +65,14 @@ void BioEnrollmentHandler::Enroll(ResponseCallback callback) {
                                                weak_factory_.GetWeakPtr()));
 }

+void BioEnrollmentHandler::Cancel(base::OnceClosure callback) {
+  DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker);
+
+  status_callback_ = std::move(callback);
+  authenticator_->BioEnrollCancel(base::BindOnce(
+      &BioEnrollmentHandler::OnCancel, weak_factory_.GetWeakPtr()));
+}
+
 void BioEnrollmentHandler::DispatchRequest(FidoAuthenticator* authenticator) {
  DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker);
  authenticator->GetTouch(base::BindOnce(&BioEnrollmentHandler::OnTouch,
@@ -161,4 +169,9 @@ void BioEnrollmentHandler::OnEnroll(
  std::move(response_callback_).Run(code, std::move(response));
 }

+void BioEnrollmentHandler::OnCancel(CtapDeviceResponseCode,
+                                    base::Optional<BioEnrollmentResponse>) {
+  std::move(status_callback_).Run();
+}
+
 }  // namespace device
--- a/device/fido/bio/enrollment_handler.h
+++ b/device/fido/bio/enrollment_handler.h
@@ -42,6 +42,7 @@ class COMPONENT_EXPORT(DEVICE_FIDO) BioEnrollmentHandler
  void GetModality(ResponseCallback);
  void GetSensorInfo(ResponseCallback);
  void Enroll(ResponseCallback);
+  void Cancel(base::OnceClosure);

 private:
  // FidoRequestHandlerBase:
@@ -58,6 +59,7 @@ class COMPONENT_EXPORT(DEVICE_FIDO) BioEnrollmentHandler
  void OnHavePINToken(CtapDeviceResponseCode,
                      base::Optional<pin::TokenResponse>);
  void OnEnroll(CtapDeviceResponseCode, base::Optional<BioEnrollmentResponse>);
+  void OnCancel(CtapDeviceResponseCode, base::Optional<BioEnrollmentResponse>);

  SEQUENCE_CHECKER(sequence_checker);

@@ -65,6 +67,7 @@ class COMPONENT_EXPORT(DEVICE_FIDO) BioEnrollmentHandler
  ReadyCallback ready_callback_;
  GetPINCallback get_pin_callback_;
  ResponseCallback response_callback_;
+  base::OnceClosure status_callback_;
  base::Optional<pin::TokenResponse> pin_token_response_;
  base::WeakPtrFactory<BioEnrollmentHandler> weak_factory_;


--- a/device/fido/bio/enrollment_handler_unittest.cc
+++ b/device/fido/bio/enrollment_handler_unittest.cc
@@ -176,5 +176,21 @@ TEST_F(BioEnrollmentHandlerTest, Enroll) {
  EXPECT_EQ(v->remaining_samples, 0);
 }

+// Tests cancelling fingerprint without an ongoing enrollment.
+TEST_F(BioEnrollmentHandlerTest, CancelNoEnroll) {
+  VirtualCtap2Device::Config config;
+  config.pin_support = true;
+  config.bio_enrollment_support = true;
+
+  virtual_device_factory_.SetCtap2Config(config);
+
+  auto handler = MakeHandler();
+  ready_callback_.WaitForCallback();
+
+  test::TestCallbackReceiver<> cb;
+  handler->Cancel(cb.callback());
+  cb.WaitForCallback();
+}
+
 }  // namespace
 }  // namespace device
--- a/device/fido/fido_authenticator.cc
+++ b/device/fido/fido_authenticator.cc
@@ -96,6 +96,10 @@ void FidoAuthenticator::BioEnrollFingerprint(pin::TokenResponse,
  NOTREACHED();
 }

+void FidoAuthenticator::BioEnrollCancel(BioEnrollmentCallback) {
+  NOTREACHED();
+}
+
 void FidoAuthenticator::Reset(ResetCallback callback) {
  std::move(callback).Run(CtapDeviceResponseCode::kCtap1ErrInvalidCommand,
                          base::nullopt);

--- a/device/fido/fido_authenticator.h
+++ b/device/fido/fido_authenticator.h
@@ -172,6 +172,7 @@ class COMPONENT_EXPORT(DEVICE_FIDO) FidoAuthenticator {
  virtual void GetModality(BioEnrollmentCallback callback);
  virtual void GetSensorInfo(BioEnrollmentCallback callback);
  virtual void BioEnrollFingerprint(pin::TokenResponse, BioEnrollmentCallback);
+  virtual void BioEnrollCancel(BioEnrollmentCallback);

  // Reset triggers a reset operation on the authenticator. This erases all
  // stored resident keys and any configured PIN.

--- a/device/fido/fido_device_authenticator.cc
+++ b/device/fido/fido_device_authenticator.cc
@@ -558,6 +558,19 @@ void FidoDeviceAuthenticator::OnBioEnroll(
  operation_->Start();
 }

+void FidoDeviceAuthenticator::BioEnrollCancel(BioEnrollmentCallback callback) {
+  DCHECK(
+      Options()->bio_enrollment_availability_preview !=
+      AuthenticatorSupportedOptions::BioEnrollmentAvailability::kNotSupported);
+
+  operation_ = std::make_unique<
+      Ctap2DeviceOperation<BioEnrollmentRequest, BioEnrollmentResponse>>(
+      device_.get(), BioEnrollmentRequest::ForCancel(), std::move(callback),
+      base::BindOnce(&BioEnrollmentResponse::Parse),
+      /*string_fixup_predicate=*/nullptr);
+  operation_->Start();
+}
+
 void FidoDeviceAuthenticator::Reset(ResetCallback callback) {
  DCHECK(device_->SupportedProtocolIsInitialized())
      << "InitializeAuthenticator() must be called first.";

--- a/device/fido/fido_device_authenticator.h
+++ b/device/fido/fido_device_authenticator.h
@@ -82,6 +82,7 @@ class COMPONENT_EXPORT(DEVICE_FIDO) FidoDeviceAuthenticator
  void GetModality(BioEnrollmentCallback callback) override;
  void GetSensorInfo(BioEnrollmentCallback callback) override;
  void BioEnrollFingerprint(pin::TokenResponse, BioEnrollmentCallback) override;
+  void BioEnrollCancel(BioEnrollmentCallback) override;

  void Reset(ResetCallback callback) override;
  void Cancel() override;

--- a/device/fido/virtual_ctap2_device.cc
+++ b/device/fido/virtual_ctap2_device.cc
@@ -1394,6 +1394,8 @@ CtapDeviceResponseCode VirtualCtap2Device::OnBioEnrollment(
      response_map.emplace(
          static_cast<int>(BioEnrollmentResponseKey::kRemainingSamples), 0);
      break;
+    case static_cast<int>(SubCmd::kCancelCurrentEnrollment):
+      return CtapDeviceResponseCode::kSuccess;
    default:
      // Handle all other commands as if they were unsupported (will change
      // when support is added).