Sync oemcrypto files from cdm udc-dev to Android

Changes included in this CL:

166806: Update OEMCrypto_GetDeviceInformation() | https://widevine-internal-review.googlesource.com/c/cdm/+/166806
166808: Update Android L3 after OEMCrypto_GetDeviceInformation() signature changes | https://widevine-internal-review.googlesource.com/c/cdm/+/166808
166809: Decode device info and write it to CSR payload | https://widevine-internal-review.googlesource.com/c/cdm/+/166809
167158: Fix Android include path and copy_files | https://widevine-internal-review.googlesource.com/c/cdm/+/167158
167159: Fix common typos and use inclusive language suggested by Android linter | https://widevine-internal-review.googlesource.com/c/cdm/+/167159

165618: Explicitly state python3 where needed. | https://widevine-internal-review.googlesource.com/c/cdm/+/165618

166757: Update Android.bp for Android | https://widevine-internal-review.googlesource.com/c/cdm/+/166757
164993: Refactor basic oemcrypto unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/164993
164978: Update OEMCrypto Unit Test Docs | https://widevine-internal-review.googlesource.com/c/cdm/+/164978
166941: Update make files for OEMCrypto | https://widevine-internal-review.googlesource.com/c/cdm/+/166941

165279: Refactor license unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/165279
165318: Refactor provisioning unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/165318
164800: Add extra check for renew on license load unit test | https://widevine-internal-review.googlesource.com/c/cdm/+/164800
165860: Remove duplicate definition of MaybeHex() | https://widevine-internal-review.googlesource.com/c/cdm/+/165860

164889: Updated CoreCommonRequestFromMessage and fix test | https://widevine-internal-review.googlesource.com/c/cdm/+/164889
164967: Add OPK pre-hook and post-hook error codes | https://widevine-internal-review.googlesource.com/c/cdm/+/164967
165140: Add hidden device_id_length to v18 provisioning message | https://widevine-internal-review.googlesource.com/c/cdm/+/165140
165204: Fix memory leak in oemcrypto test | https://widevine-internal-review.googlesource.com/c/cdm/+/165204

165958: Fix oemcrypto_generic_verify_fuzz mutator signature offset | https://widevine-internal-review.googlesource.com/c/cdm/+/165958

166037: Support SHA-256 in OEMCrypto Session Util | https://widevine-internal-review.googlesource.com/c/cdm/+/166037

Test: Run GtsMediaTests on Pixel 7
Bug: 270612144

Change-Id: Iff0820a2de7d043a820470a130af65b0dcadb759

libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h

@@ -711,6 +711,7 @@ typedef enum OEMCrypto_SignatureHashAlgorithm {
 #define OEMCrypto_Generic_Verify              _oecc138
 #define OEMCrypto_GetSignatureHashAlgorithm   _oecc139
 #define OEMCrypto_EnterTestMode               _oecc140
+#define OEMCrypto_GetDeviceSignedCsrPayload   _oecc141
 // clang-format on
 
 /// @addtogroup initcontrol
@@ -4056,8 +4057,8 @@ OEMCryptoResult OEMCrypto_LoadDRMPrivateKey(OEMCrypto_SESSION session,
  * on a production device without permanently changing the key. Using the
  * test key is not persistent.
  *
- * The test key can be found in the unit test code, oemcrypto_test.cpp, in
- * PKCS8 form as the constant kTestRSAPKCS8PrivateKeyInfo2_2048.
+ * The test key can be found in the OEMCrypto unit test, in PKCS8 form as the
+ * constant kTestRSAPKCS8PrivateKeyInfo2_2048.
  *
  * @retval OEMCrypto_SUCCESS success
  * @retval OEMCrypto_ERROR_INSUFFICIENT_RESOURCES
@@ -4844,8 +4845,7 @@ OEMCryptoResult OEMCrypto_GenerateCertificateKeyPair(
     OEMCrypto_PrivateKeyType* key_type);
 
 /**
- * Get the serialized device information in CBOR map format, and the serialized
- * signed Certificate Signing Request (Csr) payload in COSE_Sign1 format.
+ * Get the serialized device information in CBOR map format.
  *
  * The device
  * information may contain, for example, device make and model, "fused" status,
@@ -4854,26 +4854,16 @@ OEMCryptoResult OEMCrypto_GenerateCertificateKeyPair(
  * provisioning request is coming from the expected device in the fields, based
  * on the values previously uploaded and registered.
  *
- * The signed CSR payload contains device information. It is only used in the
- * factory, uploaded along with the device information and validated during
- * device registration.
- *
  * This method is used by provisioning 4 only.
  *
  * @param[out] device_info: pointer to the buffer that receives the serialized
  * device information in CBOR map format.
  * @param[in,out] device_info_length: on input, size of the caller's
  * device_info buffer. On output, the number of bytes written into the buffer.
- * @param[out] signed_csr_payload: pointer to the buffer that receives the
- * serialized CSR payload in COSE_Sign1 format.
- * @param[in,out] signed_csr_payload_length: on input, size of the caller's
- * signed_csr_payload buffer. On output, the number of bytes written into the
- * buffer.
  *
  * @retval OEMCrypto_SUCCESS
  * @retval OEMCrypto_ERROR_SHORT_BUFFER if device_info_length is too small to
- *    return the device_info, or signed_csr_payload_length is too small to
- *    return the signed_csr_payload.
+ *    return the device_info.
  * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED if provisioning 4 is not supported,
  * or device information is not available on the platform.
  *
@@ -4886,8 +4876,52 @@ OEMCryptoResult OEMCrypto_GenerateCertificateKeyPair(
  * @version
  *   This method is new in API version 18.
  */
-OEMCryptoResult OEMCrypto_GetDeviceInformation(
-    uint8_t* device_info, size_t* device_info_length,
+OEMCryptoResult OEMCrypto_GetDeviceInformation(uint8_t* device_info,
+                                               size_t* device_info_length);
+
+/**
+ * Get the serialized signed Certificate Signing Request (Csr) payload in
+ * COSE_Sign1 format.
+ *
+ * The signed CSR payload contains challenge and device information. It is
+ * signed by the leaf cert of the boot certificate chain (BCC). It is only used
+ * in the factory, uploaded and validated during device registration.
+ *
+ * This method is used by provisioning 4 only.
+ *
+ * @param[in] challenge: pointer to the buffer containing a byte string to be
+ * signed.
+ * @param[in] challenge_length: size of the challenge buffer.
+ * @param[in] encoded_device_info: pointer to the buffer containing the
+ * serialized device information in CBOR map format.
+ * @param[in] encoded_device_info_length: size of the encoded_device_info
+ * buffer.
+ * @param[out] signed_csr_payload: pointer to the buffer that receives the
+ * serialized CSR payload in COSE_Sign1 format.
+ * @param[in,out] signed_csr_payload_length: on input, size of the caller's
+ * signed_csr_payload buffer. On output, the number of bytes written into the
+ * buffer.
+ *
+ * @retval OEMCrypto_SUCCESS
+ * @retval OEMCrypto_ERROR_INVALID_CONTEXT if challenge_length or
+ * encoded_device_info_length is 0, or any pointer is NULL
+ * @retval OEMCrypto_ERROR_SHORT_BUFFER if signed_csr_payload_length is too
+ * small to return the signed_csr_payload.
+ * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED if provisioning 4 is not supported,
+ * or device information is not available on the platform.
+ *
+ * @threading
+ *   This is a "Property Function" and may be called simultaneously with any
+ *   other property function or session function, but not any initialization or
+ *   usage table function, as if the CDM holds a read lock on the OEMCrypto
+ *   system.
+ *
+ * @version
+ *   This method is new in API version 18.
+ */
+OEMCryptoResult OEMCrypto_GetDeviceSignedCsrPayload(
+    const uint8_t* challenge, size_t challenge_length,
+    const uint8_t* encoded_device_info, size_t encoded_device_info_length,
     uint8_t* signed_csr_payload, size_t* signed_csr_payload_length);
 
 /**

libwvdrmengine/oemcrypto/include/level3.h

@@ -16,7 +16,6 @@
 
 #include "OEMCryptoCENC.h"
 #include "level3_file_system.h"
-#include "oemcrypto_adapter.h"
 
 namespace wvoec3 {
 
@@ -120,6 +119,7 @@ namespace wvoec3 {
 #define Level3_Generic_Verify              _lcc138
 #define Level3_GetSignatureHashAlgorithm   _lcc139
 #define Level3_EnterTestMode               _lcc140
+#define Level3_GetDeviceSignedCsrPayload   _lcc141
 #else
 #define Level3_Initialize                  _oecc01
 #define Level3_Terminate                   _oecc02
@@ -220,6 +220,7 @@ namespace wvoec3 {
 #define Level3_Generic_Verify              _oecc138
 #define Level3_GetSignatureHashAlgorithm   _oecc139
 #define Level3_EnterTestMode               _oecc140
+#define Level3_GetDeviceSignedCsrPayload   _oecc141
 #endif
 
 #define Level3_GetInitializationState     _oecl3o01
@@ -446,9 +447,11 @@ OEMCryptoResult Level3_GetOEMKeyToken(OEMCrypto_SESSION key_session,
                                       uint8_t* key_token,
                                       size_t* key_token_length);
 OEMCryptoResult Level3_GetDeviceInformation(uint8_t* device_info,
-                                            size_t* device_info_length,
-                                            uint8_t* signed_csr_payload,
-                                            size_t* signed_csr_payload_length);
+                                            size_t* device_info_length);
+OEMCryptoResult Level3_GetDeviceSignedCsrPayload(
+    const uint8_t* challenge, size_t challenge_length,
+    const uint8_t* encoded_device_info, size_t encoded_device_info_length,
+    uint8_t* signed_csr_payload, size_t* signed_csr_payload_length);
 OEMCryptoResult Level3_SetMaxAPIVersion(uint32_t max_version);
 OEMCryptoResult Level3_GetKeyHandle(OEMCrypto_SESSION session,
                                     const uint8_t* content_key_id,