Sync oemcrypto files from cdm udc-dev to Android

Changes included in this CL: 166806: Update OEMCrypto_GetDeviceInformation() | https://widevine-internal-review.googlesource.com/c/cdm/+/166806 166808: Update Android L3 after OEMCrypto_GetDeviceInformation() signature changes | https://widevine-internal-review.googlesource.com/c/cdm/+/166808 166809: Decode device info and write it to CSR payload | https://widevine-internal-review.googlesource.com/c/cdm/+/166809 167158: Fix Android include path and copy_files | https://widevine-internal-review.googlesource.com/c/cdm/+/167158 167159: Fix common typos and use inclusive language suggested by Android linter | https://widevine-internal-review.googlesource.com/c/cdm/+/167159 165618: Explicitly state python3 where needed. | https://widevine-internal-review.googlesource.com/c/cdm/+/165618 166757: Update Android.bp for Android | https://widevine-internal-review.googlesource.com/c/cdm/+/166757 164993: Refactor basic oemcrypto unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/164993 164978: Update OEMCrypto Unit Test Docs | https://widevine-internal-review.googlesource.com/c/cdm/+/164978 166941: Update make files for OEMCrypto | https://widevine-internal-review.googlesource.com/c/cdm/+/166941 165279: Refactor license unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/165279 165318: Refactor provisioning unit tests | https://widevine-internal-review.googlesource.com/c/cdm/+/165318 164800: Add extra check for renew on license load unit test | https://widevine-internal-review.googlesource.com/c/cdm/+/164800 165860: Remove duplicate definition of MaybeHex() | https://widevine-internal-review.googlesource.com/c/cdm/+/165860 164889: Updated CoreCommonRequestFromMessage and fix test | https://widevine-internal-review.googlesource.com/c/cdm/+/164889 164967: Add OPK pre-hook and post-hook error codes | https://widevine-internal-review.googlesource.com/c/cdm/+/164967 165140: Add hidden device_id_length to v18 provisioning message | https://widevine-internal-review.googlesource.com/c/cdm/+/165140 165204: Fix memory leak in oemcrypto test | https://widevine-internal-review.googlesource.com/c/cdm/+/165204 165958: Fix oemcrypto_generic_verify_fuzz mutator signature offset | https://widevine-internal-review.googlesource.com/c/cdm/+/165958 166037: Support SHA-256 in OEMCrypto Session Util | https://widevine-internal-review.googlesource.com/c/cdm/+/166037 Test: Run GtsMediaTests on Pixel 7 Bug: 270612144 Change-Id: Iff0820a2de7d043a820470a130af65b0dcadb759
2023-02-27 18:25:02 -08:00
parent 3f7ecbc43e
commit e8add8eed8
44 changed files with 302003 additions and 298675 deletions
--- a/libwvdrmengine/oemcrypto/util/include/oemcrypto_rsa_key.h
+++ b/libwvdrmengine/oemcrypto/util/include/oemcrypto_rsa_key.h
@@ -122,6 +122,8 @@ class RsaPublicKey {
  // private equivalent of this public key.
  // The signature algorithm can be specified via the |algorithm| field.
  // See RsaSignatureAlgorithm for details on each algorithm.
+  // For RSASSA-PSS, the hash algorithm can be specified via |hash_algorithm|.
+  // This parameter is ignored for other signature algorithms.
  //
  // Returns:
  //    OEMCrypto_SUCCESS if signature is valid
@@ -129,15 +131,17 @@ class RsaPublicKey {
  //    OEMCrypto_ERROR_UNKNOWN_FAILURE if any error occurs
  OEMCryptoResult VerifySignature(
      const uint8_t* message, size_t message_length, const uint8_t* signature,
-      size_t signature_length,
-      RsaSignatureAlgorithm algorithm = kRsaPssDefault) const;
+      size_t signature_length, RsaSignatureAlgorithm algorithm = kRsaPssDefault,
+      OEMCrypto_SignatureHashAlgorithm hash_algorithm = OEMCrypto_SHA1) const;
  OEMCryptoResult VerifySignature(
      const std::string& message, const std::string& signature,
-      RsaSignatureAlgorithm algorithm = kRsaPssDefault) const;
+      RsaSignatureAlgorithm algorithm = kRsaPssDefault,
+      OEMCrypto_SignatureHashAlgorithm hash_algorithm = OEMCrypto_SHA1) const;
  OEMCryptoResult VerifySignature(
      const std::vector<uint8_t>& message,
      const std::vector<uint8_t>& signature,
-      RsaSignatureAlgorithm algorithm = kRsaPssDefault) const;
+      RsaSignatureAlgorithm algorithm = kRsaPssDefault,
+      OEMCrypto_SignatureHashAlgorithm hash_algorithm = OEMCrypto_SHA1) const;

  // Encrypts the OEMCrypto session key used for deriving other keys.
  // On success, |enc_session_key_size| is populated with the number
@@ -195,10 +199,10 @@ class RsaPublicKey {
  bool InitFromSslHandle(const RSA* rsa_handle, uint32_t allowed_schemes);

  // Signature specialization functions.
-  OEMCryptoResult VerifySignaturePss(const uint8_t* message,
-                                     size_t message_length,
-                                     const uint8_t* signature,
-                                     size_t signature_length) const;
+  OEMCryptoResult VerifySignaturePss(
+      const uint8_t* message, size_t message_length, const uint8_t* signature,
+      size_t signature_length,
+      OEMCrypto_SignatureHashAlgorithm hash_algorithm) const;
  OEMCryptoResult VerifySignaturePkcs1Cast(const uint8_t* message,
                                           size_t message_length,
                                           const uint8_t* signature,