The default value for canUnlockViaBiometrics, which determines if we
are able to show a bio prompt, is true. However, if there are 0
biometric authenticator IDs, then it's impossible for the user to
satisfy a bio prompt. In this case, we should set canUnlockViaBiometrics
to false.
The loop that is normally expected to invert canUnlockViaBiometrics was
never run in the case of 0 bio authenticator ids, so we mistakenly
let the crypto init operation succeed when we should have blocked it.
Bug: 188864794
Test: Manual, using sample app that displays a biometric prompt.
Change-Id: Ib95b0564aa098157718b8d4a45b11baa69dad71b
c78e369c4c