Factory BCC extraction tool to consume verified device info
BCC extraction tool calls OEMCrypto_GetDeviceInformation() to read verified device info from TEE. If the verified device info is not available, (e.g. not implemented), it falls back to using OS properties. This CL is mostly identical to ag/20799640, which has the same change for our internal extraction tool. For historical reason, we keep two copies of the extraction tool which are slightly different from each other, one for factory use, one for debug use. Long term they will be merged. Test: Ran the tool on Pixel 7 w/wo verified device info being present Bug: 263312447 Change-Id: Ib9c77dee45e9ff996fc2dc2da14f16f60eaff77c
This commit is contained in:
Cong Lin
@@ -19,6 +19,7 @@
|
||||
#include <string>
|
||||
#include <utility>
|
||||
|
||||
#include "WidevineOemcryptoInterface.h"
|
||||
#include "log.h"
|
||||
#include "properties.h"
|
||||
|
||||
@@ -61,25 +62,87 @@ bool WidevineProvisioner::GenerateCertificateRequest(
|
||||
return true;
|
||||
}
|
||||
|
||||
bool WidevineProvisioner::GetDeviceInfo(std::vector<uint8_t>& device_info) {
|
||||
auto device_info_map = cppbor::Map();
|
||||
device_info_map.add(cppbor::Tstr("type"), cppbor::Tstr("widevine"));
|
||||
device_info_map.add(cppbor::Tstr("version"), cppbor::Uint(2));
|
||||
|
||||
std::string company_name;
|
||||
if (!wvcdm::Properties::GetCompanyName(&company_name) ||
|
||||
company_name.empty()) {
|
||||
LOGE("Failed to get company name.");
|
||||
bool WidevineProvisioner::TryAddVerifiedDeviceInfo(
|
||||
cppbor::Map& device_info_map) {
|
||||
VerifiedDeviceInfo verified_device_info;
|
||||
OEMCryptoResult result =
|
||||
crypto_interface_->GetVerifiedDeviceInformation(verified_device_info);
|
||||
if (result == OEMCrypto_ERROR_NOT_IMPLEMENTED) {
|
||||
// OEMCrypto v17 and earlier doesn't support GetDeviceInformation()
|
||||
LOGI("OEMCrypto_GetDeviceInformation is not implemented.");
|
||||
return true;
|
||||
}
|
||||
if (result != OEMCrypto_SUCCESS) {
|
||||
LOGE("Failed to get verified device information.");
|
||||
return false;
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("manufacturer"), cppbor::Tstr(company_name));
|
||||
|
||||
std::string model_name;
|
||||
if (!wvcdm::Properties::GetModelName(&model_name) || model_name.empty()) {
|
||||
LOGE("Failed to get model name.");
|
||||
auto [parsed, _, err] = cppbor::parse(
|
||||
reinterpret_cast<const uint8_t*>(verified_device_info.device_info.data()),
|
||||
verified_device_info.device_info.size());
|
||||
if (!parsed || !parsed->asMap()) {
|
||||
LOGE("Failed to parse the verified device info cbor: %s", err.c_str());
|
||||
return false;
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("model"), cppbor::Tstr(model_name));
|
||||
const cppbor::Map* verified_device_info_map = parsed->asMap();
|
||||
auto& make = verified_device_info_map->get("manufacturer");
|
||||
if (make && make->asTstr() && make->asTstr()->value() != "") {
|
||||
device_info_map.add("manufacturer", make->asTstr()->value());
|
||||
}
|
||||
auto& model = verified_device_info_map->get("model");
|
||||
if (model && model->asTstr() && model->asTstr()->value() != "") {
|
||||
device_info_map.add("model", model->asTstr()->value());
|
||||
}
|
||||
auto& fused = verified_device_info_map->get("fused");
|
||||
if (fused && fused->asUint()) {
|
||||
device_info_map.add("fused", fused->asUint()->value());
|
||||
}
|
||||
device_info_map.canonicalize();
|
||||
return true;
|
||||
}
|
||||
|
||||
bool WidevineProvisioner::GetDeviceInfoCommon(cppbor::Map& device_info_map) {
|
||||
if (!TryAddVerifiedDeviceInfo(device_info_map)) return false;
|
||||
// Add device information from OS properties if the verified device info is
|
||||
// not present
|
||||
if (device_info_map.get("manufacturer") == nullptr) {
|
||||
std::string company_name;
|
||||
if (!wvcdm::Properties::GetCompanyName(&company_name) ||
|
||||
company_name.empty()) {
|
||||
LOGE("Failed to get company name.");
|
||||
return false;
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("manufacturer"),
|
||||
cppbor::Tstr(company_name));
|
||||
}
|
||||
|
||||
if (device_info_map.get("model") == nullptr) {
|
||||
std::string model_name;
|
||||
if (!wvcdm::Properties::GetModelName(&model_name) || model_name.empty()) {
|
||||
LOGE("Failed to get model name.");
|
||||
return false;
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("model"), cppbor::Tstr(model_name));
|
||||
}
|
||||
|
||||
if (device_info_map.get("device") == nullptr) {
|
||||
std::string device_name;
|
||||
if (!wvcdm::Properties::GetDeviceName(&device_name) ||
|
||||
device_name.empty()) {
|
||||
LOGE("Failed to get device name.");
|
||||
return false;
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("device"), cppbor::Tstr(device_name));
|
||||
}
|
||||
|
||||
if (device_info_map.get("product") == nullptr) {
|
||||
std::string product_name;
|
||||
if (!wvcdm::Properties::GetProductName(&product_name) ||
|
||||
product_name.empty()) {
|
||||
LOGE("Failed to get product name.");
|
||||
return false;
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("product"), cppbor::Tstr(product_name));
|
||||
}
|
||||
|
||||
std::string arch_name;
|
||||
if (!wvcdm::Properties::GetArchitectureName(&arch_name) ||
|
||||
@@ -89,21 +152,6 @@ bool WidevineProvisioner::GetDeviceInfo(std::vector<uint8_t>& device_info) {
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("architecture"), cppbor::Tstr(arch_name));
|
||||
|
||||
std::string device_name;
|
||||
if (!wvcdm::Properties::GetDeviceName(&device_name) || device_name.empty()) {
|
||||
LOGE("Failed to get device name.");
|
||||
return false;
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("device"), cppbor::Tstr(device_name));
|
||||
|
||||
std::string product_name;
|
||||
if (!wvcdm::Properties::GetProductName(&product_name) ||
|
||||
product_name.empty()) {
|
||||
LOGE("Failed to get product name.");
|
||||
return false;
|
||||
}
|
||||
device_info_map.add(cppbor::Tstr("product"), cppbor::Tstr(product_name));
|
||||
|
||||
std::string build_info;
|
||||
if (!wvcdm::Properties::GetBuildInfo(&build_info) || build_info.empty()) {
|
||||
LOGE("Failed to get build info.");
|
||||
@@ -121,6 +169,16 @@ bool WidevineProvisioner::GetDeviceInfo(std::vector<uint8_t>& device_info) {
|
||||
device_info_map.add(cppbor::Tstr("oemcrypto_build_info"),
|
||||
cppbor::Tstr(oemcrypto_build_info));
|
||||
|
||||
device_info_map.canonicalize();
|
||||
return true;
|
||||
}
|
||||
|
||||
bool WidevineProvisioner::GetDeviceInfo(std::vector<uint8_t>& device_info) {
|
||||
auto device_info_map = cppbor::Map();
|
||||
device_info_map.add(cppbor::Tstr("type"), cppbor::Tstr("widevine"));
|
||||
device_info_map.add(cppbor::Tstr("version"), cppbor::Uint(2));
|
||||
device_info_map.canonicalize();
|
||||
if (!GetDeviceInfoCommon(device_info_map)) return false;
|
||||
device_info = device_info_map.canonicalize().encode();
|
||||
return true;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user