Merges to android Pi release (part 7)

These are a set of CLs merged from the wv cdm repo to the android repo.

* Resolve intermittent decrypt error.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/35720 ]

  The CdmSession's closed state was not properly
  initialized resulting in intermittent
  SESSION_NOT_FOUND_FOR_DECRYPT errors.

  In CdmEngine::Decrypt the session is looked up by
  the key id. A list of open sessions is acquired
  by calling CdmSessionMap::GetSessionList and each
  session in the list is queried to see if it has
  the key.

  In building the list in CdmSessionMap::GetSessionList,
  sessions are only added to the query list *if* the session
  is not closed.

  The closed status was not initialized and during testing
  the query list would not contain the session causing
  CdmEngine::Decrypt to return SESSION_NOT_FOUND_FOR_DECRYPT
  resulting in the ce cdm api returning widevine::Cdm::kNoKey.

* No support for pre- C++11 compilation.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/35381 ]

* Handle unaligned nonce pointer in RewrapDeviceRSAKey calls.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/35340 ]

  The pointer points into a message and it may not be aligned.
  Always copy the nonce into aligned memory before checking it.

  BUG: 38140370

  Add note to CHANGELOG for this.

* Compiler strictness: more checks and code cleanup.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/35300 ]

  Use the switches proposed in b/38033653 (as much as possible - some
  conflicts with protobufs and gtest prevent fully accepting them).

  Switch to clang for x32 build; ensure that both x86-64 and x86-32 builds
  compile and link cleanly.

  BUG: 38032429
  BUG: 38033653

  This partially resolves b/38458986

* Android build fixes

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/35102 ]

  These corrections address compile warnings and errors for android
  and unit tests.

* Embedded License: Add sub license key sessions.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/33680 ]

  NOTE: this adds the AddSubSession() method, but it is not yet being
  used. Use and proper cleanup is in an upcoming CL.

* Embedded license: Add track label field.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/33660 ]

  A new track label field (a string) is added to the key container and the
  sub session data objects.

  This field will be used in handling sub license requests.

* Embedded license: extract keys from init_data.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/33621 ]

* Embedded license: add protobuf messages.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/33620 ]

  also sync the widevine header definition with recent naming changes.

* Improve handling of provisioning response errors.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/33600 ]

  Separate out the case of no response and the case
  where the message is believed to be a JSON+base64
  message but it doesn't parse properly.

BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
  commit in the chain.

Change-Id: I3c86f1c54980b071aec7461ac58541836551f896

libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp

@@ -28,6 +28,20 @@
 
 namespace {
 const uint8_t kBakedInCertificateMagicBytes[] = {0xDE, 0xAD, 0xBE, 0xEF};
+
+// Return uint32 referenced through a potentially unaligned pointer.
+// If the pointer is NULL, return 0.
+uint32_t unaligned_dereference_uint32(const uint32_t* unaligned_ptr) {
+  if (unaligned_ptr == NULL) return 0;
+  uint32_t value;
+  const uint8_t* src = reinterpret_cast<const uint8_t*>(unaligned_ptr);
+  uint8_t* dest = reinterpret_cast<uint8_t*>(&value);
+  for (unsigned long i=0; i < sizeof(value); i++) {
+    dest[i] = src[i];
+  }
+  return value;
+}
+
 }  // namespace
 
 namespace wvoec_mock {
@@ -812,14 +826,20 @@ extern "C" OEMCryptoResult OEMCrypto_GetRandom(uint8_t* randomData,
 }
 
 extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(
-    OEMCrypto_SESSION session, const uint32_t* nonce,
+    OEMCrypto_SESSION session, const uint32_t* unaligned_nonce,
     const uint8_t* encrypted_message_key, size_t encrypted_message_key_length,
     const uint8_t* enc_rsa_key, size_t enc_rsa_key_length,
     const uint8_t* enc_rsa_key_iv, uint8_t* wrapped_rsa_key,
     size_t* wrapped_rsa_key_length) {
+  uint32_t nonce = unaligned_dereference_uint32(unaligned_nonce);
   if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls | kLoggingTraceNonce)) {
     LOGI("-- OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(%d)\n", session);
-    LOGI("nonce = %08X;\n", *nonce);
+    if (unaligned_nonce != NULL) {
+      LOGI("nonce = %08X;\n", nonce);
+    } else {
+      LOGI("nonce = NULL;\n");
+      return OEMCrypto_ERROR_INVALID_CONTEXT;
+    }
     if (wvcdm::g_cutoff >= wvcdm::LOG_VERBOSE) {
       dump_hex("encrypted_message_key", encrypted_message_key,
                encrypted_message_key_length);
@@ -859,13 +879,14 @@ extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(
     return OEMCrypto_ERROR_INVALID_SESSION;
   }
   if (encrypted_message_key == NULL || encrypted_message_key_length == 0 ||
-      enc_rsa_key == NULL || enc_rsa_key_iv == NULL) {
+      enc_rsa_key == NULL || enc_rsa_key_iv == NULL ||
+      unaligned_nonce == NULL) {
     LOGE("[OEMCrypto_RewrapDeviceRSAKey30(): OEMCrypto_ERROR_INVALID_CONTEXT]");
     return OEMCrypto_ERROR_INVALID_CONTEXT;
   }
 
   // Validate nonce
-  if (!session_ctx->CheckNonce(*nonce)) {
+  if (!session_ctx->CheckNonce(nonce)) {
     return OEMCrypto_ERROR_INVALID_NONCE;
   }
   session_ctx->FlushNonces();
@@ -943,17 +964,23 @@ extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(
 
 extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey(
     OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
-    const uint8_t* signature, size_t signature_length, const uint32_t* nonce,
-    const uint8_t* enc_rsa_key, size_t enc_rsa_key_length,
-    const uint8_t* enc_rsa_key_iv, uint8_t* wrapped_rsa_key,
-    size_t* wrapped_rsa_key_length) {
+    const uint8_t* signature, size_t signature_length,
+    const uint32_t* unaligned_nonce, const uint8_t* enc_rsa_key,
+    size_t enc_rsa_key_length, const uint8_t* enc_rsa_key_iv,
+    uint8_t* wrapped_rsa_key, size_t*  wrapped_rsa_key_length) {
+  uint32_t nonce = unaligned_dereference_uint32(unaligned_nonce);
   if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls | kLoggingTraceNonce)) {
     LOGI("-- OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey(%d)\n", session);
     if (wvcdm::g_cutoff >= wvcdm::LOG_VERBOSE) {
       dump_hex("message", message, message_length);
       dump_hex("signature", signature, signature_length);
     }
-    LOGI("nonce = %08X;\n", *nonce);
+    if (unaligned_nonce != NULL) {
+      LOGI("nonce = %08X;\n", nonce);
+    } else {
+      LOGI("nonce = NULL;\n");
+      return OEMCrypto_ERROR_INVALID_CONTEXT;
+    }
     if (wvcdm::g_cutoff >= wvcdm::LOG_VERBOSE) {
       dump_hex("enc_rsa_key", enc_rsa_key, enc_rsa_key_length);
       dump_hex("enc_rsa_key_iv", enc_rsa_key_iv, wvcdm::KEY_IV_SIZE);
@@ -994,15 +1021,15 @@ extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey(
     return OEMCrypto_ERROR_INVALID_SESSION;
   }
   if (message == NULL || message_length == 0 || signature == NULL ||
-      signature_length == 0 || nonce == NULL || enc_rsa_key == NULL) {
+      signature_length == 0 || unaligned_nonce == NULL || enc_rsa_key == NULL) {
     LOGE("[OEMCrypto_RewrapDeviceRSAKey(): OEMCrypto_ERROR_INVALID_CONTEXT]");
     return OEMCrypto_ERROR_INVALID_CONTEXT;
   }
 
   // Range check
   if (!RangeCheck(message, message_length,
-                  reinterpret_cast<const uint8_t*>(nonce), sizeof(uint32_t),
-                  true) ||
+                  reinterpret_cast<const uint8_t*>(unaligned_nonce),
+                  sizeof(uint32_t), true) ||
       !RangeCheck(message, message_length, enc_rsa_key, enc_rsa_key_length,
                   true) ||
       !RangeCheck(message, message_length, enc_rsa_key_iv, wvcdm::KEY_IV_SIZE,
@@ -1012,7 +1039,7 @@ extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey(
   }
 
   // Validate nonce
-  if (!session_ctx->CheckNonce(*nonce)) {
+  if (!session_ctx->CheckNonce(nonce)) {
     return OEMCrypto_ERROR_INVALID_NONCE;
   }
   session_ctx->FlushNonces();