Merge "Fix CSR in wv factory upload tool" into udc-dev am: b7280404bd

Original change: https://googleplex-android-review.googlesource.com/c/platform/vendor/widevine/+/22294062

Change-Id: I887c673683d3e55813d01a0f9a7ad3f6a3c76e13
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

libwvdrmengine/tools/factory_upload_tool/cli.cpp

@@ -6,6 +6,8 @@
 
 #define LOG_TAG "wv_factory_extraction_tool"
 
+#include <cppbor.h>
+#include <cppbor_parse.h>
 #include <sys/random.h>
 
 #include <algorithm>
@@ -18,8 +20,10 @@
 #include <vector>
 
 #include "WidevineProvisioner.h"
+#include "log.h"
+#include "properties.h"
 
-constexpr size_t kChallengeSize = 32;
+constexpr size_t kChallengeSize = 64;
 
 // The Google root key for the Endpoint Encryption Key chain, encoded as
 // COSE_Sign1
@@ -121,15 +125,38 @@ cppbor::Array getCsr(widevine::WidevineProvisioner& provisioner) {
   return csr;
 }
 
-std::vector<uint8_t> getCsrV3(widevine::WidevineProvisioner& provisioner) {
+std::unique_ptr<cppbor::Array> composeCertificateRequestV3(
+    const std::vector<uint8_t>& csr) {
+  auto [parsedCsr, _, csrErrMsg] = cppbor::parse(csr);
+  if (!parsedCsr) {
+    LOGE("Failed to parse input CSR.");
+    return nullptr;
+  }
+  if (!parsedCsr->asArray()) {
+    LOGE("Input CSR is not a CBOR array.");
+    return nullptr;
+  }
+  std::string fingerPrint;
+  if (!wvcdm::Properties::GetBuildInfo(&fingerPrint)) {
+    LOGE("Failed to get finger print.");
+    return nullptr;
+  }
+
+  cppbor::Map unverifiedDeviceInfo =
+      cppbor::Map().add("fingerprint", cppbor::Tstr(fingerPrint));
+  parsedCsr->asArray()->add(std::move(unverifiedDeviceInfo));
+  return std::unique_ptr<cppbor::Array>(parsedCsr.release()->asArray());
+}
+
+std::unique_ptr<cppbor::Array> getCsrV3(
+    widevine::WidevineProvisioner& provisioner) {
   const std::vector<uint8_t> challenge = generateChallenge();
   std::vector<uint8_t> csr;
-
   if (!provisioner.GenerateCertificateRequestV2(challenge, &csr)) {
     std::cerr << "Failed to generate certificate request v2." << std::endl;
     exit(-1);
   }
-  return csr;
+  return composeCertificateRequestV3(csr);
 }
 
 int main(int argc, char** argv) {
@@ -155,7 +182,11 @@ int main(int argc, char** argv) {
               std::ostream_iterator<char>(std::cout));
   } else if (!std::strcmp(argv[1], "csr_v3")) {
     auto csr = getCsrV3(provisioner);
-    std::copy(csr.begin(), csr.end(), std::ostream_iterator<char>(std::cout));
+    if (csr != nullptr) {
+      auto bytes = csr->encode();
+      std::copy(bytes.begin(), bytes.end(),
+                std::ostream_iterator<char>(std::cout));
+    }
   }
   return 0;
 }