Pick widevine oemcrypto-v18 change

No-Typo-Check: From a third party header file Bug: 260918793 Test: unit tests Test: atp v2/widevine-eng/drm_compliance Change-Id: I36effd6a10a99bdb2399ab1f4a0fad026d607c70
2022-12-16 03:21:08 +00:00
parent 4586522c07
commit 11255b7426
105 changed files with 324641 additions and 299787 deletions
--- a/libwvdrmengine/oemcrypto/test/oec_device_features.cpp
+++ b/libwvdrmengine/oemcrypto/test/oec_device_features.cpp
@@ -24,13 +24,27 @@ void DeviceFeatures::Initialize() {
  generic_crypto = false;
  usage_table = false;
  supports_rsa_3072 = false;
+  supports_secp256r1 = false;
  api_version = 0;
  derive_key_method = NO_METHOD;
  OEMCrypto_SetSandbox(kTestSandbox, sizeof(kTestSandbox));
-  if (OEMCrypto_SUCCESS != OEMCrypto_Initialize()) {
-    printf("OEMCrypto_Initialize failed. All tests will fail.\n");
+  const OEMCryptoResult init_status = OEMCrypto_Initialize();
+  if (OEMCrypto_SUCCESS != init_status) {
+    printf("OEMCrypto_Initialize failed %d. All tests will fail.\n",
+           init_status);
    return;
  }
+  const OEMCryptoResult api_status = OEMCrypto_SetMaxAPIVersion(kCurrentAPI);
+  if (api_status != OEMCrypto_SUCCESS &&
+      api_status != OEMCrypto_ERROR_NOT_IMPLEMENTED) {
+    // Log error, but continue assuming no error.
+    printf("OEMCrypto_SetMaxAPIVersion returned %d\n", api_status);
+  }
+  const OEMCryptoResult test_mode_status = OEMCrypto_EnterTestMode();
+  if (OEMCrypto_SUCCESS != test_mode_status) {
+    printf("OEMCrypto_EnterTestMode returned %d. Tests might fail.\n",
+           test_mode_status);
+  };
  uint8_t buffer[1];
  uint8_t iv[16] = {};
  size_t size = 0;
@@ -60,7 +74,7 @@ void DeviceFeatures::Initialize() {
  printf("loads_certificate = %s.\n", loads_certificate ? "true" : "false");
  generic_crypto =
      (OEMCrypto_ERROR_NOT_IMPLEMENTED !=
-       OEMCrypto_Generic_Encrypt(session, buffer, 0, iv,
+       OEMCrypto_Generic_Encrypt(buffer, 0, buffer, 0, iv,
                                 OEMCrypto_AES_CBC_128_NO_PADDING, buffer));
  printf("generic_crypto = %s.\n", generic_crypto ? "true" : "false");
  supports_cas =
@@ -70,21 +84,28 @@ void DeviceFeatures::Initialize() {
  OEMCrypto_CloseSession(session);
  api_version = OEMCrypto_APIVersion();
  printf("api_version = %u.\n", api_version);
+  if (api_version < kCoreMessagesAPI) {
+    printf("--------- WARNING: minimum API is %d ----------\n", api_version);
+    printf("--------- Expect most tests will fail. --------\n");
+  }
  // These unit tests only work with new usage tables. We do not test v12
  // usage tables.
-  if (api_version > 12) usage_table = OEMCrypto_SupportsUsageTable();
+  usage_table = OEMCrypto_SupportsUsageTable();
  printf("usage_table = %s.\n", usage_table ? "true" : "false");
  PickDerivedKey();
-  if (api_version >= 13) {
-    uint32_t supported_cert = OEMCrypto_SupportedCertificates();
-    if (supported_cert & OEMCrypto_Supports_RSA_CAST) {
-      cast_receiver = true;
-    }
-    if (supported_cert & OEMCrypto_Supports_RSA_3072bit) {
-      supports_rsa_3072 = true;
-    }
+  const uint32_t supported_cert = OEMCrypto_SupportedCertificates();
+  if (supported_cert & OEMCrypto_Supports_RSA_CAST) {
+    cast_receiver = true;
+  }
+  if (supported_cert & OEMCrypto_Supports_RSA_3072bit) {
+    supports_rsa_3072 = true;
+  }
+  if (supported_cert & OEMCrypto_Supports_ECC_secp256r1) {
+    supports_secp256r1 = true;
  }
  printf("cast_receiver = %s.\n", cast_receiver ? "true" : "false");
+  printf("supports_rsa_3072 = %s.\n", supports_rsa_3072 ? "true" : "false");
+  printf("supports_secp256r1 = %s.\n", supports_secp256r1 ? "true" : "false");
  resource_rating = OEMCrypto_ResourceRatingTier();
  printf("resource_rating = %u, security level %u.\n", resource_rating,
         static_cast<unsigned int>(OEMCrypto_SecurityLevel()));
@@ -148,15 +169,8 @@ std::string DeviceFeatures::RestrictFilter(const std::string& initial_filter) {
  if (provisioning_method != OEMCrypto_BootCertificateChain)
                                      FilterOut(&filter, "*Prov40*");
  if (!supports_rsa_3072)             FilterOut(&filter, "*RSAKey3072*");
-  if (api_version <  9)               FilterOut(&filter, "*API09*");
-  if (api_version < 10)               FilterOut(&filter, "*API10*");
-  if (api_version < 11)               FilterOut(&filter, "*API11*");
-  if (api_version < 12)               FilterOut(&filter, "*API12*");
-  if (api_version < 13)               FilterOut(&filter, "*API13*");
-  if (api_version < 14)               FilterOut(&filter, "*API14*");
-  if (api_version < 15)               FilterOut(&filter, "*API15*");
-  if (api_version < 16)               FilterOut(&filter, "*API16*");
  if (api_version < 17)               FilterOut(&filter, "*API17*");
+  if (api_version < 18)               FilterOut(&filter, "*API18*");
  // clang-format on
  // Some tests may require root access. If user is not root, filter these tests
  // out.
@@ -175,38 +189,32 @@ std::string DeviceFeatures::RestrictFilter(const std::string& initial_filter) {
 }

 void DeviceFeatures::PickDerivedKey() {
-  if (api_version >= 12) {
-    switch (provisioning_method) {
-      case OEMCrypto_OEMCertificate:
-        derive_key_method = TEST_PROVISION_30;
-        return;
-      case OEMCrypto_DrmCertificate:
-        if (OEMCrypto_ERROR_NOT_IMPLEMENTED != OEMCrypto_LoadTestRSAKey()) {
-          derive_key_method = LOAD_TEST_RSA_KEY;
-        }
-        return;
-      case OEMCrypto_Keybox:
-        // Fall through to api_version < 12 case.
-        break;
-      case OEMCrypto_BootCertificateChain:
-        derive_key_method = TEST_PROVISION_40;
-        return;
-      case OEMCrypto_ProvisioningError:
-        printf(
-            "ERROR: OEMCrypto_GetProvisioningMethod() returns "
-            "OEMCrypto_ProvisioningError\n");
-        // Then fall through to api_version < 12 case.
-        break;
-    }
-  }
-  if (uses_keybox) {
-    // If device uses a keybox, try to load the test keybox.
-    if (OEMCrypto_ERROR_NOT_IMPLEMENTED !=
-        OEMCrypto_LoadTestKeybox(nullptr, 0)) {
-      derive_key_method = LOAD_TEST_KEYBOX;
-    }
-  } else if (OEMCrypto_ERROR_NOT_IMPLEMENTED != OEMCrypto_LoadTestRSAKey()) {
-    derive_key_method = LOAD_TEST_RSA_KEY;
+  switch (provisioning_method) {
+    case OEMCrypto_OEMCertificate:
+      derive_key_method = TEST_PROVISION_30;
+      return;
+    case OEMCrypto_DrmCertificate:
+      if (OEMCrypto_ERROR_NOT_IMPLEMENTED != OEMCrypto_LoadTestRSAKey()) {
+        derive_key_method = LOAD_TEST_RSA_KEY;
+      }
+      return;
+    case OEMCrypto_Keybox:
+      if (OEMCrypto_ERROR_NOT_IMPLEMENTED !=
+          OEMCrypto_LoadTestKeybox(nullptr, 0)) {
+        derive_key_method = LOAD_TEST_KEYBOX;
+      }
+      return;
+    case OEMCrypto_BootCertificateChain:
+      derive_key_method = TEST_PROVISION_40;
+      return;
+    case OEMCrypto_ProvisioningError:
+      printf(
+          "ERROR: OEMCrypto_GetProvisioningMethod() returns "
+          "OEMCrypto_ProvisioningError\n");
+      if (OEMCrypto_ERROR_NOT_IMPLEMENTED != OEMCrypto_LoadTestRSAKey()) {
+        derive_key_method = LOAD_TEST_RSA_KEY;
+      }
+      return;
  }
 }