webauthn: add tests for kAuthenticatorResponseInvalid.

This was requested as a follow-up in a previous review: https://chromium-review.googlesource.com/c/chromium/src/+/1033336/3/content/browser/webauth/authenticator_impl.cc#836 Change-Id: I672fa5ac74bed7c70c680a8cd1b88b4d0f059277 Reviewed-on: https://chromium-review.googlesource.com/1069707 Commit-Queue: Adam Langley <agl@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Cr-Commit-Position: refs/heads/master@{#561576}

webauthn: add tests for kAuthenticatorResponseInvalid.
This was requested as a follow-up in a previous review: https://chromium-review.googlesource.com/c/chromium/src/+/1033336/3/content/browser/webauth/authenticator_impl.cc#836 Change-Id: I672fa5ac74bed7c70c680a8cd1b88b4d0f059277 Reviewed-on: https://chromium-review.googlesource.com/1069707 Commit-Queue: Adam Langley <agl@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Cr-Commit-Position: refs/heads/master@{#561576}
dd978e31 · Adam Langley · Commit Bot · 91b4468d · dd978e31 · dd978e31
Commit dd978e31 authored May 24, 2018 by Adam Langley Committed by Commit Bot May 24, 2018
3 changed files
--- a/content/browser/webauth/authenticator_impl_unittest.cc
+++ b/content/browser/webauth/authenticator_impl_unittest.cc
@@ -1053,6 +1053,40 @@ TEST_F(AuthenticatorImplTest, GetAssertionPendingRequest) {
  EXPECT_EQ(AuthenticatorStatus::PENDING_REQUEST, callback_receiver2.status());
 }

+TEST_F(AuthenticatorImplTest, InvalidResponse) {
+  device::test::ScopedVirtualFidoDevice scoped_virtual_device;
+  TestServiceManagerContext service_manager_context;
+
+  scoped_virtual_device.mutable_state()->simulate_invalid_response = true;
+
+  SimulateNavigation(GURL(kTestOrigin1));
+  AuthenticatorPtr authenticator = ConnectToAuthenticator();
+
+  {
+    PublicKeyCredentialRequestOptionsPtr options =
+        GetTestPublicKeyCredentialRequestOptions();
+    TestGetAssertionCallback callback_receiver;
+    authenticator->GetAssertion(std::move(options),
+                                callback_receiver.callback());
+    callback_receiver.WaitForCallback();
+
+    EXPECT_EQ(AuthenticatorStatus::NOT_ALLOWED_ERROR,
+              callback_receiver.status());
+  }
+
+  {
+    PublicKeyCredentialCreationOptionsPtr options =
+        GetTestPublicKeyCredentialCreationOptions();
+    TestMakeCredentialCallback callback_receiver;
+    authenticator->MakeCredential(std::move(options),
+                                  callback_receiver.callback());
+    callback_receiver.WaitForCallback();
+
+    EXPECT_EQ(AuthenticatorStatus::NOT_ALLOWED_ERROR,
+              callback_receiver.status());
+  }
+}
+
 enum class IndividualAttestation {
  REQUESTED,
  NOT_REQUESTED,

--- a/device/fido/virtual_fido_device.h
+++ b/device/fido/virtual_fido_device.h
@@ -74,6 +74,9 @@ class COMPONENT_EXPORT(DEVICE_FIDO) VirtualFidoDevice : public FidoDevice {
    // tests to change the state of the world during processing.
    base::RepeatingCallback<void(void)> simulate_press_callback;

+    // If true, causes the response from the device to be invalid.
+    bool simulate_invalid_response = false;
+
    // Adds a registration for the specified credential ID with the application
    // parameter set to be valid for the given relying party ID (which would
    // typically be a domain, e.g. "example.com").

--- a/device/fido/virtual_u2f_device.cc
+++ b/device/fido/virtual_u2f_device.cc
@@ -68,6 +68,16 @@ void VirtualU2fDevice::DeviceTransact(std::vector<uint8_t> command,
    return;
  }

+  if (mutable_state()->simulate_invalid_response) {
+    std::vector<uint8_t> nonsense = {1, 2, 3};
+    auto response = apdu::ApduResponse(std::move(nonsense),
+                                       apdu::ApduResponse::Status::SW_NO_ERROR)
+                        .GetEncodedResponse();
+    base::ThreadTaskRunnerHandle::Get()->PostTask(
+        FROM_HERE, base::BindOnce(std::move(cb), std::move(response)));
+    return;
+  }
+
  base::Optional<std::vector<uint8_t>> response;

  switch (parsed_command->ins()) {