webauthn: don't CHECK when collecting a touch from the profile authen…

…ticator. The linked bug triggers this by causing there to be no supported algorithms, but there are other paths too. Fixed: 362766319 Change-Id: Ibe4c55b9ff8bad2b8a4dff6a957bbc3b747384d1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5838409 Reviewed-by: Martin Kreichgauer <martinkr@google.com> Reviewed-by: Adam Langley <agl@chromium.org> Commit-Queue: Adam Langley <agl@chromium.org> Auto-Submit: Adam Langley <agl@chromium.org> Cr-Commit-Position: refs/heads/main@{#1351450}
JAJAJAwe · Sep 5, 2024 · 7640c14 · 7640c14
1 parent 54c1c79
commit 7640c14
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 1 deletion.
diff --git a/content/browser/webauth/authenticator_impl_unittest.cc b/content/browser/webauth/authenticator_impl_unittest.cc
@@ -9037,6 +9037,21 @@ TEST_F(TouchIdAuthenticatorImplTest, MakeCredential) {
   EXPECT_EQ(metadata.ToPublicKeyCredentialUserEntity(), expected_user);
 }
 
+TEST_F(TouchIdAuthenticatorImplTest, MakeCredentialUnsupportedAlgorithm) {
+  // crbug.com/362766319
+  NavigateAndCommit(GURL(kTestOrigin1));
+  mojo::Remote<blink::mojom::Authenticator> authenticator =
+      ConnectToAuthenticator();
+  auto options = GetTestPublicKeyCredentialCreationOptions();
+  options->authenticator_selection->authenticator_attachment =
+      device::AuthenticatorAttachment::kPlatform;
+  options->public_key_parameters = GetTestPublicKeyCredentialParameters(
+      static_cast<int32_t>(device::CoseAlgorithmIdentifier::kEdDSA));
+  touch_id_test_environment_.SimulateTouchIdPromptSuccess();
+  EXPECT_EQ(AuthenticatorMakeCredential(std::move(options)).status,
+            AuthenticatorStatus::NOT_ALLOWED_ERROR);
+}
+
 TEST_F(TouchIdAuthenticatorImplTest, OptionalUv) {
   NavigateAndCommit(GURL(kTestOrigin1));
   mojo::Remote<blink::mojom::Authenticator> authenticator =

diff --git a/device/fido/mac/authenticator.mm b/device/fido/mac/authenticator.mm
@@ -148,7 +148,9 @@ AuthenticatorSupportedOptions TouchIdAuthenticatorOptions() {
 }
 
 void TouchIdAuthenticator::GetTouch(base::OnceClosure callback) {
-  NOTREACHED_IN_MIGRATION();
+  // If at any point request processing wants to collect a "touch" from this
+  // authenticator, pretend that happens immediately because UI interaction
+  // already happened to trigger this authenticator.
   std::move(callback).Run();
 }