Merge cdm changes to android repo

Bug: 251924225
Test: GtsMediaTestCases
Change-Id: I1b4e64c0abf701fe1f5017f14dc72b72c3ea6770

libwvdrmengine/cdm/Android.bp

@@ -77,4 +77,5 @@ cc_library_static {
     ],
 
     proprietary: true,
+
 }

libwvdrmengine/cdm/core/include/properties.h

@@ -78,7 +78,7 @@ class Properties {
   static bool GetDeviceFilesBasePath(CdmSecurityLevel security_level,
                                      std::string* base_path);
   static bool GetFactoryKeyboxPath(std::string* keybox);
-  static bool GetOEMCryptoPath(std::string* library_name);
+  static bool GetOEMCryptoPaths(std::vector<std::string>* library_name);
   static bool GetSandboxId(std::string* sandbox_id);
   static bool AlwaysUseKeySetIds();
   static bool UseProviderIdInProvisioningRequest();

libwvdrmengine/cdm/core/src/certificate_provisioning.cpp

@@ -566,7 +566,8 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
     const bool result =
         ExtractAndDecodeSignedMessage(response_message, &response);
     if (!result || response.empty()) {
-      LOGE("Provisioning response message is an invalid JSON/base64 string");
+      LOGE("Provisioning response message is an invalid JSON/base64 string: %s",
+           response.c_str());
       return CERT_PROVISIONING_RESPONSE_ERROR_1;
     }
   }
@@ -733,7 +734,7 @@ bool CertificateProvisioning::ExtractAndDecodeSignedMessage(
 
   if (start == provisioning_response.npos) {
     // Message is not properly wrapped - reject it.
-    LOGE("Cannot locate start substring");
+    LOGE("Cannot locate start substring '%s'", json_start_substr.c_str());
     result->clear();
     return false;
   }
@@ -742,7 +743,7 @@ bool CertificateProvisioning::ExtractAndDecodeSignedMessage(
   const size_t end = provisioning_response.find(
       json_end_substr, start + json_start_substr.length());
   if (end == provisioning_response.npos) {
-    LOGE("Cannot locate end substring");
+    LOGE("Cannot locate end substring '%s'", json_end_substr.c_str());
     result->clear();
     return false;
   }

libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp

@@ -924,30 +924,23 @@ class Adapter {
       return result;
     }
     LOGI("L3 Initialized. Trying L1.");
-    std::string library_name;
-    if (!wvcdm::Properties::GetOEMCryptoPath(&library_name)) {
+    std::vector<std::string> library_names;
+    if (!wvcdm::Properties::GetOEMCryptoPaths(&library_names)) {
       LOGW("L1 library not specified. Falling back to L3");
       metrics.OemCryptoDynamicAdapterMetrics::SetInitializationMode(
           wvcdm::metrics::OEMCrypto_INITIALIZED_USING_L3_NO_L1_LIBRARY_PATH);
       return result;
     }
     if (level1_library_ == nullptr) {
-      vector<string> library_paths = {"/vendor/", "/system/", "/odm/"};
-      string sub_dir;
-      #if __LP64__
-            sub_dir = "lib64/";
-      #else
-            sub_dir = "lib/";
-      #endif
-
-      for (auto& path : library_paths) {
-        level1_library_ = dlopen((path + sub_dir + library_name).c_str(), RTLD_NOW);
-        if (level1_library_) break;
+      for (auto& name : library_names) {
+        level1_library_ = dlopen((name.c_str()), RTLD_NOW);
+        if (level1_library_) {
+          LOGV("Using oemcrypto path %s", name.c_str());
+          break;
+        }
       }
-
       if (level1_library_ == nullptr) {
-        LOGW("Could not load %s. Falling back to L3.  %s", library_name.c_str(),
-             dlerror());
+        LOGW("Could not load oemcrypto. Falling back to L3.  %s", dlerror());
         metrics.OemCryptoDynamicAdapterMetrics::SetInitializationMode(
             wvcdm::metrics::OEMCrypto_INITIALIZED_USING_L3_L1_OPEN_FAILED);
         return result;

libwvdrmengine/cdm/core/test/test_base.cpp

@@ -177,6 +177,57 @@ bool ExtractSignedMessage(const std::string& response,
   return true;
 }
 
+// TODO(b/242744857): This extra debugging may not be needed in all cases. When
+// provisioning fails, this dumps the cert and other information.
+std::string DumpProvAttempt(const std::string& url, const std::string& request,
+                            const std::string& http_message) {
+  std::stringstream info;
+  info << "Provisioning url: " << url << "\n";
+  info << "Request: " << wvutil::unlimited_b2a_hex(request) << "\n";
+  info << "http_message: " << wvutil::unlimited_b2a_hex(http_message) << "\n";
+  if (wvoec::global_features.derive_key_method ==
+      wvoec::DeviceFeatures::TEST_PROVISION_30) {
+    std::vector<uint8_t> cert;
+    size_t cert_length = 0;
+    OEMCryptoResult result = OEMCrypto_GetOEMPublicCertificate(
+        cert.data(), &cert_length, kLevelDefault);
+    if (result == OEMCrypto_ERROR_SHORT_BUFFER) {
+      cert.resize(cert_length);
+      result = OEMCrypto_GetOEMPublicCertificate(cert.data(), &cert_length,
+                                                 kLevelDefault);
+    }
+    if (result != OEMCrypto_SUCCESS) {
+      info << "--- ERROR GETTING CERT. result=" << result;
+    } else {
+      info << "OEM Cert = (len=" << cert_length << ") "
+           << wvutil::unlimited_b2a_hex(cert);
+    }
+  }
+  if (wvoec::global_features.derive_key_method ==
+      wvoec::DeviceFeatures::TEST_PROVISION_40) {
+    std::vector<uint8_t> bcc;
+    size_t bcc_length = 0;
+    std::vector<uint8_t> signature;
+    size_t signature_length = 0;
+    OEMCryptoResult result = OEMCrypto_GetBootCertificateChain(
+        bcc.data(), &bcc_length, signature.data(), &signature_length);
+    if (result == OEMCrypto_ERROR_SHORT_BUFFER) {
+      bcc.resize(bcc_length);
+      signature.resize(signature_length);
+      result = OEMCrypto_GetBootCertificateChain(
+          bcc.data(), &bcc_length, signature.data(), &signature_length);
+    }
+    if (result != OEMCrypto_SUCCESS) {
+      info << "--- ERROR GETTING BCC. result=" << result;
+    } else {
+      info << "BCC = (len=" << bcc_length << ") "
+           << wvutil::unlimited_b2a_hex(bcc) << "\n"
+           << "Additional Sig = (len=" << signature_length << ") "
+           << wvutil::unlimited_b2a_hex(signature) << "\n";
+    }
+  }
+  return info.str();
+}
 }  // namespace
 
 std::unique_ptr<ConfigTestEnv> WvCdmTestBase::default_config_;
@@ -443,11 +494,16 @@ void WvCdmTestBase::Provision() {
 
       ASSERT_EQ(NO_ERROR, cdm_engine.HandleProvisioningResponse(
                               binary_protobuf_response, kLevelDefault, &cert,
-                              &wrapped_key));
+                              &wrapped_key))
+          << "Binary provisioning failed. "
+          << DumpProvAttempt(provisioning_server_url, prov_request,
+                             http_message);
     } else {
-      ASSERT_EQ(NO_ERROR,
-                cdm_engine.HandleProvisioningResponse(
-                    http_message, kLevelDefault, &cert, &wrapped_key));
+      ASSERT_EQ(NO_ERROR, cdm_engine.HandleProvisioningResponse(
+                              http_message, kLevelDefault, &cert, &wrapped_key))
+          << "Non-binary provisioning failed. "
+          << DumpProvAttempt(provisioning_server_url, prov_request,
+                             http_message);
     }
   }
 }

libwvdrmengine/cdm/src/properties_android.cpp

@@ -175,12 +175,23 @@ bool Properties::GetFactoryKeyboxPath(std::string* keybox) {
   return true;
 }
 
-bool Properties::GetOEMCryptoPath(std::string* library_name) {
-  if (!library_name) {
+bool Properties::GetOEMCryptoPaths(std::vector<std::string>* library_names) {
+  if (!library_names) {
     LOGW("Properties::GetOEMCryptoPath: Invalid parameter");
     return false;
   }
-  *library_name = "liboemcrypto.so";
+  std::vector<std::string> library_paths = {"/vendor/", "/system/", "/odm/"};
+  std::string sub_dir;
+#if __LP64__
+  sub_dir = "lib64/";
+#else
+  sub_dir = "lib/";
+#endif
+
+  const std::string library_name = "liboemcrypto.so";
+  for (auto& path : library_paths) {
+    library_names->push_back(path + sub_dir + library_name);
+  }
   return true;
 }