Sync oemcrypto files from cdm udc-dev to Android

Changes included in this CL: 166806: Update OEMCrypto_GetDeviceInformation() | https://widevine-internal-review.googlesource.com/c/cdm/+/166806 166808: Update Android L3 after OEMCrypto_GetDeviceInformation() signature changes | https://widevine-internal-review.googlesource.com/c/cdm/+/166808 166809: Decode device info and write it to CSR payload | https://widevine-internal-review.googlesource.com/c/cdm/+/166809 167158: Fix Android include path and copy_files | https://widevine-internal-review.googlesource.com/c/cdm/+/167158 167159: Fix common typos and use inclusive language suggested by Android linter | https://widevine-internal-review.googlesource.com/c/cdm/+/167159 165618: Explicitly state python3 where needed. | https://widevine-internal-review.googlesource.com/c/cdm/+/165618 166757: Update Android.bp for Android | https://widevine-internal-review.googlesource.com/c/cdm/+/166757 164993: Refactor basic oemcrypto unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/164993 164978: Update OEMCrypto Unit Test Docs | https://widevine-internal-review.googlesource.com/c/cdm/+/164978 166941: Update make files for OEMCrypto | https://widevine-internal-review.googlesource.com/c/cdm/+/166941 165279: Refactor license unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/165279 165318: Refactor provisioning unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/165318 164800: Add extra check for renew on license load unit test | https://widevine-internal-review.googlesource.com/c/cdm/+/164800 165860: Remove duplicate definition of MaybeHex() | https://widevine-internal-review.googlesource.com/c/cdm/+/165860 164889: Updated CoreCommonRequestFromMessage and fix test | https://widevine-internal-review.googlesource.com/c/cdm/+/164889 164967: Add OPK pre-hook and post-hook error codes | https://widevine-internal-review.googlesource.com/c/cdm/+/164967 165140: Add hidden device_id_length to v18 provisioning message | https://widevine-internal-review.googlesource.com/c/cdm/+/165140 165204: Fix memory leak in oemcrypto test | https://widevine-internal-review.googlesource.com/c/cdm/+/165204 165958: Fix oemcrypto_generic_verify_fuzz mutator signature offset | https://widevine-internal-review.googlesource.com/c/cdm/+/165958 166037: Support SHA-256 in OEMCrypto Session Util | https://widevine-internal-review.googlesource.com/c/cdm/+/166037 Test: Run GtsMediaTests on Pixel 7 Bug: 270612144 Change-Id: Iff0820a2de7d043a820470a130af65b0dcadb759
2023-02-27 18:25:02 -08:00
parent 3f7ecbc43e
commit e8add8eed8
44 changed files with 302003 additions and 298675 deletions
--- a/libwvdrmengine/oemcrypto/odk/test/odk_core_message_test.cpp
+++ b/libwvdrmengine/oemcrypto/odk/test/odk_core_message_test.cpp
@@ -3,13 +3,22 @@
 // License Agreement.

 #include <string>
+#include <vector>

 #include "OEMCryptoCENCCommon.h"
+#include "core_message_deserialize.h"
+#include "core_message_types.h"
 #include "gtest/gtest.h"
 #include "odk.h"
 #include "third_party/absl/strings/escaping.h"

 namespace wvodk_test {
+
+using oemcrypto_core_message::ODK_CommonRequest;
+using oemcrypto_core_message::ODK_ProvisioningRequest;
+using oemcrypto_core_message::deserialize::CoreCommonRequestFromMessage;
+using oemcrypto_core_message::deserialize::CoreProvisioningRequestFromMessage;
+
 TEST(CoreMessageTest, RenwalRequest) {
  std::string oem =
      "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrst"
@@ -36,4 +45,64 @@ TEST(CoreMessageTest, RenwalRequest) {
  char* m = reinterpret_cast<char*>(message);
  VLOG(0) << absl::BytesToHexString(std::string(m, core_message_length));
 }
+
+TEST(CoreMessageTest, ParseCoreCommonRequestFromMessage) {
+  // Core message header format:
+  //   message_type   : 4 bytes
+  //   message_length : 4 bytes
+  //   minor_version  : 2 bytes
+  //   major_version  : 2 bytes
+  //   nonce          : 4 bytes
+  //   session_id     : 4 bytes
+  const char kv16CoreMessageLicenseRequest[] =
+      "0000000100000014000300100000000100000001";
+  std::string oemcrypto_core_message =
+      absl::HexStringToBytes(kv16CoreMessageLicenseRequest);
+  ODK_CommonRequest odk_common_request;
+  ASSERT_TRUE(CoreCommonRequestFromMessage(oemcrypto_core_message,
+                                           &odk_common_request));
+  EXPECT_EQ(odk_common_request.message_type, 1);
+  EXPECT_EQ(odk_common_request.message_length, 20);
+  EXPECT_EQ(odk_common_request.api_minor_version, 3);
+  EXPECT_EQ(odk_common_request.api_major_version, 16);
+  EXPECT_EQ(odk_common_request.nonce, 1);
+  EXPECT_EQ(odk_common_request.session_id, 1);
+}
+
+// Make sure that the first version of the V18 provisioning request (no hidden
+// 4-byte value, all 0s in message counter struct) will still parse with current
+// v18 code.
+TEST(CoreMessageTest, ProvisionRequestRoundtrip_V18_Initial) {
+  std::vector<std::string> should_pass = {
+      // Pulled from ODKTest provision round trip, extra 4 bytes removed
+      "000000050000005e00000012deadbeefcafebabe000000000000000000000000"
+      "000000000000000000000000000000000000000000000000000000000000000000000000"
+      "00000000000000000000000000000000000000000000",
+      // Same thing but v17 in nonce. Almost like testing on the v17 server (but
+      // not quite since the v17 parsing code has been slightly changed anyway)
+      "000000050000005e00000011deadbeefcafebabe000000000000000000000000"
+      "000000000000000000000000000000000000000000000000000000000000000000000000"
+      "00000000000000000000000000000000000000000000",
+  };
+
+  ODK_ProvisioningRequest request;
+  for (auto& tc : should_pass) {
+    ASSERT_TRUE(CoreProvisioningRequestFromMessage(absl::HexStringToBytes(tc),
+                                                   &request));
+  }
+
+  // Fail cases have non-zero values after the bytes interpreted as length
+  std::vector<std::string> should_fail = {
+      // Change a 0 to a 1 in the message counter
+      "000000050000005e00000012deadbeefcafebabe000000000000000100000000"
+      "000000000000000000000000000000000000000000000000000000000000000000000000"
+      "00000000000000000000000000000000000000000000",
+  };
+
+  for (auto& tc : should_fail) {
+    ASSERT_FALSE(CoreProvisioningRequestFromMessage(absl::HexStringToBytes(tc),
+                                                    &request));
+  }
+}
+
 }  // namespace wvodk_test
--- a/libwvdrmengine/oemcrypto/odk/test/odk_test.cpp
+++ b/libwvdrmengine/oemcrypto/odk/test/odk_test.cpp
@@ -25,11 +25,14 @@ namespace wvodk_test {

 namespace {

+using oemcrypto_core_message::ODK_CommonRequest;
 using oemcrypto_core_message::ODK_LicenseRequest;
+using oemcrypto_core_message::ODK_MessageCounter;
 using oemcrypto_core_message::ODK_Provisioning40Request;
 using oemcrypto_core_message::ODK_ProvisioningRequest;
 using oemcrypto_core_message::ODK_RenewalRequest;

+using oemcrypto_core_message::deserialize::CoreCommonRequestFromMessage;
 using oemcrypto_core_message::deserialize::CoreLicenseRequestFromMessage;
 using oemcrypto_core_message::deserialize::CoreProvisioning40RequestFromMessage;
 using oemcrypto_core_message::deserialize::CoreProvisioningRequestFromMessage;
@@ -79,6 +82,29 @@ void SetDefaultSerializedProvisioningResponse(std::string* serialized_message) {
  }
 }

+bool CheckCounterInfoIsEqual(ODK_MessageCounterInfo* a, ODK_MessageCounter* b) {
+  if (!a || !b) return false;
+
+  EXPECT_EQ(a->master_generation_number, b->master_generation_number);
+  EXPECT_EQ(a->provisioning_count, b->provisioning_count);
+  EXPECT_EQ(a->license_count, b->license_count);
+  EXPECT_EQ(a->decrypt_count, b->decrypt_count);
+  EXPECT_EQ(a->major_version, b->major_version);
+  EXPECT_EQ(a->minor_version, b->minor_version);
+  EXPECT_EQ(a->patch_version, b->patch_version);
+  for (size_t i = 0; i < sizeof(a->soc_vendor); i++) {
+    EXPECT_EQ(a->soc_vendor[i], b->soc_vendor[i]);
+  }
+  for (size_t i = 0; i < sizeof(a->chipset_model); i++) {
+    EXPECT_EQ(a->chipset_model[i], b->chipset_model[i]);
+  }
+  for (size_t i = 0; i < sizeof(a->extra); i++) {
+    EXPECT_EQ(a->extra[i], b->extra[i]);
+  }
+
+  return true;
+}
+
 template <typename T, typename F, typename G>
 void ValidateRequest(uint32_t message_type,
                     const std::vector<ODK_Field>& extra_fields,
@@ -610,7 +636,16 @@ TEST(OdkTest, LicenseRequestRoundtrip) {
    return ODK_PrepareCoreLicenseRequest(buf, SIZE_MAX, size, nonce_values,
                                         &counter_info);
  };
-  auto kdo_parse_func = CoreLicenseRequestFromMessage;
+  auto kdo_parse_func = [&](const std::string& oemcrypto_core_message,
+                            ODK_LicenseRequest* core_license_request) {
+    bool ok = CoreLicenseRequestFromMessage(oemcrypto_core_message,
+                                            core_license_request);
+    if (!ok) return false;
+
+    ok = CheckCounterInfoIsEqual(&counter_info,
+                                 &core_license_request->counter_info);
+    return ok;
+  };
  ValidateRequest<ODK_LicenseRequest>(ODK_License_Request_Type, extra_fields,
                                      odk_prepare_func, kdo_parse_func);
 }
@@ -652,7 +687,11 @@ TEST(OdkTest, ProvisionRequestRoundtrip) {
  memset(counter_info.soc_vendor, 0xff, sizeof(counter_info.soc_vendor));
  memset(counter_info.chipset_model, 0xdd, sizeof(counter_info.chipset_model));
  memset(counter_info.extra, 0xee, sizeof(counter_info.extra));
+  // Fake device_id_length for older servers, since we removed device id from
+  // the v18 request
+  uint32_t fake_device_id_length = 64;
  std::vector<ODK_Field> extra_fields = {
+      {ODK_UINT32, &(fake_device_id_length), "fake_device_id_length"},
      {ODK_MESSAGECOUNTER, &counter_info, "counter_info"},
  };

@@ -666,6 +705,9 @@ TEST(OdkTest, ProvisionRequestRoundtrip) {
          ODK_ProvisioningRequest* core_provisioning_request) {
        bool ok = CoreProvisioningRequestFromMessage(oemcrypto_core_message,
                                                     core_provisioning_request);
+        if (!ok) return false;
+        ok = CheckCounterInfoIsEqual(&counter_info,
+                                     &core_provisioning_request->counter_info);
        return ok;
      };
  ValidateRequest<ODK_ProvisioningRequest>(ODK_Provisioning_Request_Type,
@@ -704,6 +746,9 @@ TEST(OdkTest, ProvisionRequest40Roundtrip) {
          ODK_Provisioning40Request* core_provisioning_request) {
        bool ok = CoreProvisioning40RequestFromMessage(
            oemcrypto_core_message, core_provisioning_request);
+        if (!ok) return false;
+        ok = CheckCounterInfoIsEqual(&counter_info,
+                                     &core_provisioning_request->counter_info);
        return ok;
      };
  ValidateRequest<ODK_Provisioning40Request>(ODK_Provisioning40_Request_Type,
@@ -865,6 +910,34 @@ TEST(OdkTest, ProvisionResponseFromProto) {
      OEMCrypto_RSA_Private_Key, &oemcrypto_core_message));
 }

+// Verify de-serialize common request.
+TEST(OdkTest, ParseCoreCommonRequestFromMessage) {
+  std::string serialized_provisioning_resp;
+  EXPECT_NO_FATAL_FAILURE(
+      SetDefaultSerializedProvisioningResponse(&serialized_provisioning_resp));
+  ODK_ProvisioningRequest core_request = {
+      .api_minor_version = ODK_MINOR_VERSION,
+      .api_major_version = ODK_MAJOR_VERSION,
+      .nonce = 0xdeadbeef,
+      .session_id = 0xcafebabe,
+  };
+  const CoreMessageFeatures features =
+      CoreMessageFeatures::DefaultFeatures(ODK_MAJOR_VERSION);
+  std::string oemcrypto_core_message;
+  EXPECT_TRUE(CreateCoreProvisioningResponseFromProto(
+      features, serialized_provisioning_resp, core_request,
+      OEMCrypto_RSA_Private_Key, &oemcrypto_core_message));
+  ODK_CommonRequest odk_common_request;
+  ASSERT_TRUE(CoreCommonRequestFromMessage(oemcrypto_core_message,
+                                           &odk_common_request));
+  EXPECT_EQ(odk_common_request.message_type, 6u);
+  EXPECT_EQ(odk_common_request.message_length, 48u);
+  EXPECT_EQ(odk_common_request.api_minor_version, ODK_MINOR_VERSION);
+  EXPECT_EQ(odk_common_request.api_major_version, ODK_MAJOR_VERSION);
+  EXPECT_EQ(odk_common_request.nonce, 0xdeadbeef);
+  EXPECT_EQ(odk_common_request.session_id, 0xcafebabe);
+}
+
 class OdkVersionTest : public ::testing::Test,
                       public ::testing::WithParamInterface<VersionParameters> {
 protected:
@@ -1032,7 +1105,7 @@ std::vector<VersionParameters> TestCases() {
      // number.
      {16, ODK_MAJOR_VERSION, ODK_MINOR_VERSION, 16, 5},
      {17, ODK_MAJOR_VERSION, ODK_MINOR_VERSION, 17, 2},
-      {18, ODK_MAJOR_VERSION, ODK_MINOR_VERSION, 18, 0},
+      {18, ODK_MAJOR_VERSION, ODK_MINOR_VERSION, 18, 1},
      // Here are some known good versions. Make extra sure they work.
      {ODK_MAJOR_VERSION, 16, 3, 16, 3},
      {ODK_MAJOR_VERSION, 16, 4, 16, 4},
--- a/libwvdrmengine/oemcrypto/odk/test/odk_test_helper.h
+++ b/libwvdrmengine/oemcrypto/odk/test/odk_test_helper.h
@@ -103,8 +103,8 @@ OEMCryptoResult ODK_WriteSingleField(uint8_t* buf, const ODK_Field* field);
 // Load buf to ODK_Field
 OEMCryptoResult ODK_ReadSingleField(const uint8_t* buf, const ODK_Field* field);
 OEMCryptoResult ODK_DumpSingleField(const uint8_t* buf, const ODK_Field* field);
-OEMCryptoResult ODK_IterFields(ODK_FieldMode mode, uint8_t* buf,
-                               const size_t size_in, size_t* size_out,
+OEMCryptoResult ODK_IterFields(ODK_FieldMode mode, uint8_t* buf, size_t size_in,
+                               size_t* size_out,
                               const std::vector<ODK_Field>& fields);
 void ODK_ExpectEqualBuf(const void* s1, const void* s2, size_t n,
                        const std::vector<ODK_Field>& fields);