From 340810f77fdddc9f2d5fbfb482551d647581167f Mon Sep 17 00:00:00 2001
From: "John \"Juce\" Bruce" <juce@google.com>
Date: Wed, 15 Feb 2023 18:45:09 -0800
Subject: [PATCH] Remove hash algorithm from renewal requests

(Merged from http://go/wvgerrit/165859.)

Since renewal requests are signed with the MAC keys and not an
asymmetric key, it does not make sense to query OEMCrypto for the
asymmetric key hash algorithm nor to include the result in the renewal
request.

Bug: 262427121
Test: opk_ta
Change-Id: Ib309b63b79e553f4754c013718df242247ab9488
---
 libwvdrmengine/cdm/core/include/crypto_session.h |  3 +--
 libwvdrmengine/cdm/core/src/crypto_session.cpp   | 16 +---------------
 libwvdrmengine/cdm/core/src/license.cpp          | 13 +------------
 3 files changed, 3 insertions(+), 29 deletions(-)

diff --git a/libwvdrmengine/cdm/core/include/crypto_session.h b/libwvdrmengine/cdm/core/include/crypto_session.h
index 77799658..cc5e83bd 100644
--- a/libwvdrmengine/cdm/core/include/crypto_session.h
+++ b/libwvdrmengine/cdm/core/include/crypto_session.h
@@ -165,8 +165,7 @@ class CryptoSession {
   // Renewal request/responses
   virtual CdmResponseType PrepareAndSignRenewalRequest(
       const std::string& message, std::string* core_message,
-      std::string* signature, bool& should_specify_algorithm,
-      OEMCrypto_SignatureHashAlgorithm& algorithm);
+      std::string* signature);
   // V16 licenses.
   virtual CdmResponseType LoadRenewal(const std::string& signed_message,
                                       const std::string& core_message,
diff --git a/libwvdrmengine/cdm/core/src/crypto_session.cpp b/libwvdrmengine/cdm/core/src/crypto_session.cpp
index 5d36e53b..25b46b11 100644
--- a/libwvdrmengine/cdm/core/src/crypto_session.cpp
+++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp
@@ -1121,8 +1121,7 @@ CdmResponseType CryptoSession::LoadLicense(const std::string& signed_message,
 
 CdmResponseType CryptoSession::PrepareAndSignRenewalRequest(
     const std::string& message, std::string* core_message,
-    std::string* signature, bool& should_specify_algorithm,
-    OEMCrypto_SignatureHashAlgorithm& algorithm) {
+    std::string* signature) {
   LOGV("Preparing and signing renewal request: id = %u", oec_session_id_);
   if (signature == nullptr) {
     LOGE("Output parameter |signature| not provided");
@@ -1134,19 +1133,6 @@ CdmResponseType CryptoSession::PrepareAndSignRenewalRequest(
   }
 
   OEMCryptoResult sts;
-  WithOecSessionLock("GetSignatureHashAlgorithm", [&] {
-    sts = OEMCrypto_GetSignatureHashAlgorithm(oec_session_id_, &algorithm);
-  });
-  metrics_->oemcrypto_get_signature_hash_algorithm_.Increment(sts, algorithm);
-  if (sts == OEMCrypto_SUCCESS) {
-    should_specify_algorithm = true;
-  } else if (sts == OEMCrypto_ERROR_NOT_IMPLEMENTED) {
-    should_specify_algorithm = false;
-  } else {
-    return MapOEMCryptoResult(sts, GET_SIGNATURE_HASH_ALGORITHM_ERROR_2,
-                              "PrepareAndSignRenewalRequest");
-  }
-
   size_t signature_length = 0;
   size_t core_message_length = 0;
   *core_message = "";
diff --git a/libwvdrmengine/cdm/core/src/license.cpp b/libwvdrmengine/cdm/core/src/license.cpp
index 44c63126..28271d36 100644
--- a/libwvdrmengine/cdm/core/src/license.cpp
+++ b/libwvdrmengine/cdm/core/src/license.cpp
@@ -503,11 +503,8 @@ CdmResponseType CdmLicense::PrepareKeyUpdateRequest(
   // Construct signature and core message.
   std::string core_message;
   std::string license_request_signature;
-  bool should_specify_algorithm;
-  OEMCrypto_SignatureHashAlgorithm oec_algorithm = OEMCrypto_SHA1;
   const CdmResponseType status = crypto_session_->PrepareAndSignRenewalRequest(
-      serialized_license_req, &core_message, &license_request_signature,
-      should_specify_algorithm, oec_algorithm);
+      serialized_license_req, &core_message, &license_request_signature);
   if (status != NO_ERROR) return status;
 
   if (license_request_signature.empty()) {
@@ -521,14 +518,6 @@ CdmResponseType CdmLicense::PrepareKeyUpdateRequest(
   signed_message.set_signature(license_request_signature);
   signed_message.set_msg(serialized_license_req);
   signed_message.set_oemcrypto_core_message(core_message);
-  if (should_specify_algorithm) {
-    HashAlgorithmProto proto_algorithm =
-        HashAlgorithmProto::HASH_ALGORITHM_UNSPECIFIED;
-    if (!OecAlgorithmToProtoAlgorithm(oec_algorithm, proto_algorithm)) {
-      return CdmResponseType(UNSUPPORTED_SIGNATURE_HASH_ALGORITHM_2);
-    }
-    signed_message.set_hash_algorithm(proto_algorithm);
-  }
 
   signed_message.SerializeToString(signed_request);
   *server_url = server_url_;