Merges to android Pi release (part 6)

These are a set of CLs merged from the wv cdm repo to the android repo.

* Enable Cast for Android Things build.

  Author: Thoren Paulson <thoren@google.com>

  [ Merge of http://go/wvgerrit/29941 ]

  Added a path to make_cast_libwvlevel3 for Android Things. Added the new
  system id to the preprocessor guards in android_keybox.cpp. Guarded the
  references to stderr in page_allocator.cpp because for some reason they
  don't get resolved when we link against the resulting library.

  BUG: 63443584

* Resolve memory leaks in use of OpenSSL.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/32700 ]

  Use of EVP_CIPHER_CTX requires a call to EVP_CIPHER_CTX_cleanup().

* Memory leak in OpenSSL RSA key handling.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/32621 ]

  This fixes a range of tests. --gtest_filter="CdmDecrypt*" runs
  five tests and still loses 5 objects totalling 1320 bytes (down
  from 6200 bytes).

* Unit test and mock OEMCrypto memory leaks.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/32640 ]

  More memory leak cleanup. All remaining leaks are due
  to calls to CRYPTO_malloc() without the matching free
  (i.e., calls into openssl).

* Clean up memory leaks in tests.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/32600 ]

  This is the first pass at cleaning up memory leaks. These leaks
  were affecting a lot of tests, making it hard to identify more
  serious leaks.

  Switch to unique_ptr<> pointers for CdmEngine in
  generic_crypto_unittest tests for FileSystem object in
  mock OEMCrypto's CryptoEngine object.

* Fix broken tests - linux-only & address sanitizer failures.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/32460 ]

  Fix broken test:
    WvCdmEnginePreProvTestStaging.ServiceCertificateInitialNoneTest

  Fix failures found by address sanitizer:
    DeviceFilesUsageInfoTest.RetrieveByProviderSessionToken
    DeviceFilesUsageInfoTest.UpdateUsageInfo

  NOTE: address sanitizer cannot handle EXPECT_CALL macros containing
  a call with a Contains matcher as an argument, e.g.:

  EXPECT_CALL(file,
              Write(Contains(certificate, wrapped_private_key, 0),
                    Gt(certificate.size() + wrapped_private_key.size())))

  The address sanitizer reports a crash, issues a report, and stops. A
  temporary fix is to replace the "Contains()" argument with "_".

* Usage license handling corrections

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/28540 ]

  Validate that offline licenses that do not contain a provider session
  token are not handled by the TEE.

  BUG: 38490468

  Test: WV Unit/integration tests, GtsMediaTestCases,
        WvCdmRequestLicenseTest.ReleaseRetryL3OfflineKeySessionUsageDisabledTest

* UsageTableEntry::CopyOldUsageEntry memcpy read out of range.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/32220 ]

  The function copies the pst from a variable length input vector
  into a 256 byte character array. But the length argument was a
  fixed value - MAC_KEY_SIZE. Depending on the actual PST length this
  can lead to memcpy reading out of bounds or the PST getting truncated.

BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
  commit in the chain.

Change-Id: I81a4593d7d04d0ef6069ce48d0601b6fbdd85de9

libwvdrmengine/cdm/core/src/crypto_session.cpp

@@ -12,7 +12,6 @@
 
 #include "crypto_key.h"
 #include "log.h"
-#include "metrics_front_end.h"
 #include "openssl/sha.h"
 #include "properties.h"
 #include "pst_report.h"
@@ -45,7 +44,7 @@ uint64_t CryptoSession::request_id_index_ = 0;
 UsageTableHeader* CryptoSession::usage_table_header_l1_ = NULL;
 UsageTableHeader* CryptoSession::usage_table_header_l3_ = NULL;
 
-CryptoSession::CryptoSession(metrics::MetricsGroup* metrics)
+CryptoSession::CryptoSession(metrics::CryptoMetrics* metrics)
     : metrics_(metrics),
       open_(false),
       update_usage_table_after_close_session_(false),
@@ -234,34 +233,43 @@ bool CryptoSession::GetProvisioningToken(std::string* token) {
 CdmSecurityLevel CryptoSession::GetSecurityLevel() {
   LOGV("CryptoSession::GetSecurityLevel");
   if (!initialized_) {
+    M_RECORD(metrics_, oemcrypto_security_level_, 0,
+             kSecurityLevelUninitialized, requested_security_level_);
     return kSecurityLevelUninitialized;
   }
 
-  std::string security_level;
-  M_TIME(
-      security_level = OEMCrypto_SecurityLevel(
-          requested_security_level_),
-      metrics_,
-      oemcrypto_security_level_,
-      security_level,
-      requested_security_level_);
+  wvcdm::metrics::TimerMetric timer;
+  timer.Start();
+
+  std::string security_level =
+      OEMCrypto_SecurityLevel(requested_security_level_);
+  double clock_time = timer.AsUs();
 
   if ((security_level.size() != 2) || (security_level.at(0) != 'L')) {
+    M_RECORD(metrics_, oemcrypto_security_level_, clock_time,
+             kSecurityLevelUnknown, requested_security_level_);
     return kSecurityLevelUnknown;
   }
 
+  CdmSecurityLevel cdm_security_level;
   switch (security_level.at(1)) {
     case '1':
-      return kSecurityLevelL1;
+      cdm_security_level = kSecurityLevelL1;
+      break;
     case '2':
-      return kSecurityLevelL2;
+      cdm_security_level = kSecurityLevelL2;
+      break;
     case '3':
-      return kSecurityLevelL3;
+      cdm_security_level = kSecurityLevelL3;
+      break;
     default:
-      return kSecurityLevelUnknown;
+      cdm_security_level = kSecurityLevelUnknown;
+      break;
   }
 
-  return kSecurityLevelUnknown;
+  M_RECORD(metrics_, oemcrypto_security_level_, clock_time,
+           cdm_security_level, requested_security_level_);
+  return cdm_security_level;
 }
 
 bool CryptoSession::GetInternalDeviceUniqueId(std::string* device_id) {
@@ -444,8 +452,10 @@ uint8_t CryptoSession::GetSecurityPatchLevel() {
 }
 
 CdmResponseType CryptoSession::Open(SecurityLevel requested_security_level) {
-  LOGV("CryptoSession::Open: Lock: requested_security_level: %d",
-       requested_security_level);
+  LOGD("CryptoSession::Open: Lock: requested_security_level: %s",
+       requested_security_level == kLevel3
+       ? QUERY_VALUE_SECURITY_LEVEL_L3.c_str()
+       : QUERY_VALUE_SECURITY_LEVEL_DEFAULT.c_str());
   AutoLock auto_lock(crypto_lock_);
   if (!initialized_) return UNKNOWN_ERROR;
   if (open_) return NO_ERROR;
@@ -719,6 +729,10 @@ CdmResponseType CryptoSession::LoadKeys(
   } else if (OEMCrypto_ERROR_TOO_MANY_KEYS == sts) {
     LOGE("CryptoSession::LoadKeys: OEMCrypto_LoadKeys error=%d", sts);
     result = INSUFFICIENT_CRYPTO_RESOURCES;
+  } else if (OEMCrypto_ERROR_USAGE_TABLE_UNRECOVERABLE == sts) {
+    // Handle vendor specific error
+    LOGE("CryptoSession::LoadKeys: OEMCrypto_LoadKeys error=%d", sts);
+    result = NEED_PROVISIONING;
   } else {
     LOGE("CryptoSession::LoadKeys: OEMCrypto_LoadKeys error=%d", sts);
     result = LOAD_KEY_ERROR;
@@ -1750,11 +1764,15 @@ bool CryptoSession::GetSrmVersion(uint16_t* srm_version) {
   }
 
   OEMCryptoResult status = OEMCrypto_GetCurrentSRMVersion(srm_version);
-  if (OEMCrypto_SUCCESS != status) {
-    LOGW("OEMCrypto_GetCurrentSRMVersion fails with %d", status);
-    return false;
+  switch (status) {
+    case OEMCrypto_SUCCESS:
+      return true;
+    case OEMCrypto_ERROR_NOT_IMPLEMENTED:
+      return false;
+    default:
+      LOGW("OEMCrypto_GetCurrentSRMVersion fails with %d", status);
+      return false;
   }
-  return true;
 }
 
 bool CryptoSession::IsSrmUpdateSupported() {