Merge latest oemcrypto-v17 change

No-Typo-Check: Not related to this change.

Bug: 161477208
Change-Id: I99e4780f6855b7045aa0cd5a49c13d2d0d51ed64

libwvdrmengine/oemcrypto/test/oec_device_features.cpp

@@ -48,7 +48,8 @@ void DeviceFeatures::Initialize() {
   // If the device uses a keybox, check to see if loading a certificate is
   // installed.
   if (provisioning_method == OEMCrypto_Keybox ||
-      provisioning_method == OEMCrypto_OEMCertificate) {
+      provisioning_method == OEMCrypto_OEMCertificate ||
+      provisioning_method == OEMCrypto_BootCertificateChain) {
     // Devices with a keybox or OEM Certificate are required to support loading
     // a DRM certificate.
     loads_certificate = true;
@@ -81,8 +82,8 @@ void DeviceFeatures::Initialize() {
   }
   printf("cast_receiver = %s.\n", cast_receiver ? "true" : "false");
   resource_rating = OEMCrypto_ResourceRatingTier();
-  printf("resource_rating = %u, security level %s.\n", resource_rating,
-         OEMCrypto_SecurityLevel());
+  printf("resource_rating = %u, security level %u.\n", resource_rating,
+         static_cast<unsigned int>(OEMCrypto_SecurityLevel()));
   uint32_t decrypt_hash_type = OEMCrypto_SupportsDecryptHash();
   supports_crc = (decrypt_hash_type == OEMCrypto_CRC_Clear_Buffer);
   if (supports_crc) {
@@ -109,13 +110,17 @@ void DeviceFeatures::Initialize() {
       printf("LOAD_TEST_RSA_KEY: Call LoadTestRSAKey before deriving keys.\n");
       break;
     case TEST_PROVISION_30:
-      printf("TEST_PROVISION_30: Device provisioed with OEM Cert.\n");
+      printf("TEST_PROVISION_30: Device provisioned with OEM Cert.\n");
+      break;
+    case TEST_PROVISION_40:
+      printf("TEST_PROVISION_40: Device has boot certificate chain.\n");
       break;
   }
-  std::string security_level = OEMCrypto_SecurityLevel();
-  supports_level_1 = (security_level == "L1");
-  printf("SecurityLevel is %s (%s)\n",
-         supports_level_1 ? "Level 1" : "Not Level 1", security_level.c_str());
+  OEMCrypto_Security_Level security_level = OEMCrypto_SecurityLevel();
+  supports_level_1 = (security_level == OEMCrypto_Level1);
+  printf("SecurityLevel is %s (L%u)\n",
+         supports_level_1 ? "Level 1" : "Not Level 1",
+         static_cast<unsigned int>(security_level));
   CheckSecureBuffers();
   OEMCrypto_Terminate();
   initialized_ = true;
@@ -125,14 +130,18 @@ std::string DeviceFeatures::RestrictFilter(const std::string& initial_filter) {
   std::string filter = initial_filter;
   // clang-format off
   if (!uses_keybox)                   FilterOut(&filter, "*KeyboxTest*");
-  if (!loads_certificate)             FilterOut(&filter, "OEMCryptoLoadsCert*");
+  // TODO(b/197141970): Need to revisit OEMCryptoLoadsCert* tests for
+  // provisioning 4. Disabled here temporarily.
+  if (!loads_certificate ||
+      provisioning_method == OEMCrypto_BootCertificateChain)
+                                      FilterOut(&filter, "OEMCryptoLoadsCert*");
   if (!generic_crypto)                FilterOut(&filter, "*GenericCrypto*");
   if (!cast_receiver)                 FilterOut(&filter, "*CastReceiver*");
-  if (!usage_table)                   FilterOut(&filter, "*UsageTable*");
-  if (!usage_table)                   FilterOut(&filter, "*BadRange_pst*");
   if (derive_key_method == NO_METHOD) FilterOut(&filter, "*SessionTest*");
   if (provisioning_method
       != OEMCrypto_OEMCertificate)    FilterOut(&filter, "*Prov30*");
+  if (provisioning_method != OEMCrypto_BootCertificateChain)
+                                      FilterOut(&filter, "*Prov40*");
   if (!supports_rsa_3072)             FilterOut(&filter, "*RSAKey3072*");
   if (api_version <  9)               FilterOut(&filter, "*API09*");
   if (api_version < 10)               FilterOut(&filter, "*API10*");
@@ -142,10 +151,11 @@ std::string DeviceFeatures::RestrictFilter(const std::string& initial_filter) {
   if (api_version < 14)               FilterOut(&filter, "*API14*");
   if (api_version < 15)               FilterOut(&filter, "*API15*");
   if (api_version < 16)               FilterOut(&filter, "*API16*");
+  if (api_version < 17)               FilterOut(&filter, "*API17*");
   // clang-format on
   // Some tests may require root access. If user is not root, filter these tests
   // out.
-  if (!wvcdm::TestSleep::CanChangeSystemTime()) {
+  if (!wvutil::TestSleep::CanChangeSystemTime()) {
     printf("Filtering out TimeRollbackPrevention.\n");
     FilterOut(&filter, "*TimeRollbackPrevention*");
   } else {
@@ -173,6 +183,9 @@ void DeviceFeatures::PickDerivedKey() {
       case OEMCrypto_Keybox:
         // Fall through to api_version < 12 case.
         break;
+      case OEMCrypto_BootCertificateChain:
+        derive_key_method = TEST_PROVISION_40;
+        return;
       case OEMCrypto_ProvisioningError:
         printf(
             "ERROR: OEMCrypto_GetProvisioningMethod() returns "
@@ -252,6 +265,8 @@ const char* ProvisioningMethodName(OEMCrypto_ProvisioningMethod method) {
       return "OEMCrypto_Keybox";
     case OEMCrypto_OEMCertificate:
       return "OEMCrypto_OEMCertificate";
+    case OEMCrypto_BootCertificateChain:
+      return "OEMCrypto_BootCertificateChain";
   }
   // Not reachable
   return "";