Move ASOP factory extraction tool to its own directory

Moved some source to common folder.
Added uploading script which is also shared by CE CDM partners.
Added README.

Test: m wv_factory_extraction_tool
Bug: 414642286
Change-Id: I565027b75528ab28f9f1eb8d9086c0213de992d0

libwvdrmengine/tools/factory_upload_tool/aosp/include/BccParser.h

@@ -0,0 +1,49 @@
+// Copyright 2023 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine License
+// Agreement.
+
+#ifndef BCC_PARSER_H_
+#define BCC_PARSER_H_
+
+#include <cppbor.h>
+#include <stddef.h>
+#include <stdint.h>
+
+#include <sstream>
+#include <string>
+#include <utility>
+#include <vector>
+
+namespace widevine {
+
+// BccParser processes a Provisioning 4.0 device root of trust. It extracts
+// relevant pieces of information and outputs to std::string.
+// Relevant documents:
+// Android definition: go/remote-provisioning-hal#bcc.
+// Google Dice Profile: go/dice-profile
+class BccParser {
+ public:
+  explicit BccParser() {}
+  virtual ~BccParser() = default;
+  BccParser(const BccParser&) = delete;
+  BccParser& operator=(const BccParser&) = delete;
+  // Parse and verify a client generated root of trust. This message is part of
+  // an attestation model conforming to the Google Open Dice Profile. This
+  // message is received from a client device to attest it is a valid Widevine
+  // device.
+  virtual std::string Parse(const std::vector<uint8_t>& bcc);
+
+ private:
+  // Process and print CoseKey PubKeyEd25519 / PubKeyECDSA256.
+  bool ProcessDevicePublicKeyInfo(std::stringstream& ss,
+                                  const cppbor::Map& public_key_info_map);
+
+  // Process and print the DiceChainEntryPayload, which contains subject public
+  // key.
+  bool ProcessDiceChainEntryPayload(std::stringstream& ss,
+                                    std::string& payload);
+};
+
+}  // namespace widevine
+
+#endif  // BCC_PARSER_H_

libwvdrmengine/tools/factory_upload_tool/aosp/include/DiceCborConstants.h

@@ -0,0 +1,54 @@
+// Copyright 2023 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine License
+// Agreement.
+
+#ifndef DICE_CBOR_CONSTANTS_H_
+#define DICE_CBOR_CONSTANTS_H_
+
+namespace widevine {
+
+// The BCC is encoded using RFC 8949- Concise Binary Object Representation
+// (CBOR).
+
+// The full definition of the following enums can be found here:
+// go/remote-provisioning-hal#bcc.
+
+// The device key is encoded in a cbor map. The key values are a mix of
+// positive and negative integer values.
+enum {
+  MAP_KEY_DEVICE_KEY_TYPE = 1,
+  MAP_KEY_DEVICE_KEY_ALGORITHM = 3,
+  MAP_KEY_DEVICE_KEY_OPS = 4,
+  MAP_KEY_DEVICE_KEY_CURVE = -1,
+  MAP_KEY_DEVICE_KEY_BYTES_0 = -2,
+  MAP_KEY_DEVICE_KEY_BYTES_1 = -3,
+};
+
+// The device key may be encoded in the BCC as either X,Y elliptic curve
+// coordinates, or as raw bytes. The value is identified using
+// MAP_KEY_DEVICE_KEY_TYPE.
+enum {
+  DEVICE_KEY_ENCODING_UNKNOWN = 0,
+  DEVICE_KEY_BYTE_STRING = 1,
+  DEVICE_KEY_OCTET_PAIR = 2,
+};
+
+// Android/Widevine Dice Attestation allows two signing models. This is
+// identified using MAP_KEY_DEVICE_KEY_ALGORITHM.
+enum {
+  DEVICE_KEY_ALGORITHM_ES256 = -7,   // EC key with SHA-256
+  DEVICE_KEY_ALGORITHM_EDDSA = -8,   // Pure ED25519.
+  DEVICE_KEY_ALGORITHM_ES384 = -35,  // EC key with SHA-384
+};
+
+// The curve used to generate the device public key is identified using the
+// MAP_KEY_DEVICE_KEY_CURVE.
+enum {
+  DEVICE_KEY_CURVE_P256 = 1,
+  DEVICE_KEY_CURVE_P384 = 2,
+  DEVICE_KEY_CURVE_ED25519 = 6,
+};
+
+}  // namespace widevine
+
+#endif  // DICE_CBOR_CONSTANTS_H_

libwvdrmengine/tools/factory_upload_tool/aosp/include/WidevineProvisioner.h

@@ -0,0 +1,62 @@
+// Copyright 2021 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine License
+// Agreement.
+
+#ifndef WIDEVINE_PROVISIONER_H_
+#define WIDEVINE_PROVISIONER_H_
+
+#include <cppbor.h>
+
+#include <cstddef>
+#include <cstdint>
+#include <map>
+#include <memory>
+#include <string>
+#include <vector>
+
+#include "WidevineOemcryptoInterface.h"
+
+namespace widevine {
+
+class WidevineProvisioner {
+ public:
+  WidevineProvisioner();
+  WidevineProvisioner(const WidevineProvisioner&) = delete;
+  WidevineProvisioner& operator=(const WidevineProvisioner&) = delete;
+  virtual ~WidevineProvisioner() = default;
+
+  std::vector<uint8_t> GetBcc();
+
+  bool GenerateCertificateRequest(
+      bool testMode, const std::vector<uint8_t>& endpointEncCertChain,
+      std::vector<uint8_t>& deviceInfo, std::vector<uint8_t>& protectedData);
+  bool GenerateCertificateRequestV2(const std::vector<uint8_t>& challenge,
+                                    std::vector<uint8_t>* csr);
+  bool GetDeviceInfo(std::vector<uint8_t>& device_info);
+  bool GenerateWidevineUploadRequest(std::string& request);
+
+ private:
+  bool GenerateProtectedData(
+      bool test_mode,
+      const std::vector<uint8_t>& endpoint_encryption_cert_chain,
+      std::vector<uint8_t> bcc, std::vector<uint8_t>& protected_data) const;
+  bool ValidateAndExtractEekPubAndId(
+      bool test_mode,
+      const std::vector<uint8_t>& endpoint_encryption_cert_chain,
+      std::vector<uint8_t>* eek_pub, std::vector<uint8_t>* eek_id) const;
+  cppbor::Array BuildCertReqRecipients(const std::vector<uint8_t>& pubkey,
+                                       const std::vector<uint8_t>& kid) const;
+  void InitializeCryptoInterface();
+  bool GetDeviceInfoCommon(cppbor::Map& device_info_map);
+  bool TryAddVerifiedDeviceInfo(cppbor::Map& device_info_map);
+  bool GetDeviceInfoV2(cppbor::Map& device_info_map);
+  void PopulateDeviceInfoFromCborMap(
+      const cppbor::Map& device_info_map,
+      std::map<std::string, std::string>& request_map);
+
+  std::unique_ptr<OEMCryptoInterface> crypto_interface_;
+};
+
+}  // namespace widevine
+
+#endif  // WIDEVINE_PROVISIONER_H_