[RESTRICT AUTOMERGE] Sync OEMCrypto, ODK files and unit tests

run android/copy_files from cdm repo to sync files in Android
tm-widevine-release.

Changes include:
1. Update ODK to 17.1
2. update in license_protocol.proto
3. updates in oemcrypto unit tests
4. A few cdm and util test updates
5. Prov4 unit test fixes

Originating CLs:
https://widevine-internal-review.googlesource.com/c/cdm/+/155289/
https://widevine-internal-review.googlesource.com/c/cdm/+/155429/
https://widevine-internal-review.googlesource.com/c/cdm/+/155430/
https://widevine-internal-review.googlesource.com/c/cdm/+/154415/
https://widevine-internal-review.googlesource.com/c/cdm/+/156457/
https://widevine-internal-review.googlesource.com/c/cdm/+/156878/
https://widevine-internal-review.googlesource.com/c/cdm/+/156879/
https://widevine-internal-review.googlesource.com/c/cdm/+/156425/
https://widevine-internal-review.googlesource.com/c/cdm/+/156486/
https://widevine-internal-review.googlesource.com/c/cdm/+/156539/
https://widevine-internal-review.googlesource.com/c/cdm/+/156542/

Test: ran oemcrypto unit tests and ODK tests
Test: ran gts media test cases
Bug: 239201888

Change-Id: Iad9aff72aec5ba42296582837f34dd704bc11810

libwvdrmengine/cdm/core/test/cdm_engine_test.cpp

@@ -2,7 +2,7 @@
 // source code may only be used and distributed under the Widevine License
 // Agreement.
 // These tests are for the cdm engine, and code below it in the stack.  In
-// particular, we assume that the OEMCrypo layer works, and has a valid keybox.
+// particular, we assume that the OEMCrypto layer works, and has a valid keybox.
 // This is because we need a valid RSA certificate, and will attempt to connect
 // to the provisioning server to request one if we don't.
 
@@ -65,7 +65,7 @@ class WvCdmEnginePreProvTest : public WvCdmTestBaseWithEngine {
     CdmResponseType status = cdm_engine_.OpenSession(
         config_.key_system(), nullptr, nullptr, &session_id_);
     if (status == NEED_PROVISIONING) {
-      Provision();
+      EnsureProvisioned();
       status = cdm_engine_.OpenSession(config_.key_system(), nullptr, nullptr,
                                        &session_id_);
     }
@@ -335,20 +335,22 @@ TEST_F(WvCdmEngineTest, SetLicensingServiceInvalidCertificate) {
             NO_ERROR);
 };
 
-TEST_F(WvCdmEnginePreProvTestStaging, ProvisioningTest) { Provision(); }
+TEST_F(WvCdmEnginePreProvTestStaging, ProvisioningTest) { EnsureProvisioned(); }
 
-TEST_F(WvCdmEnginePreProvTestUatBinary, ProvisioningTest) { Provision(); }
+TEST_F(WvCdmEnginePreProvTestUatBinary, ProvisioningTest) {
+  EnsureProvisioned();
+}
 
 // Test that provisioning works.
-TEST_F(WvCdmEngineTest, ProvisioningTest) { Provision(); }
+TEST_F(WvCdmEngineTest, ProvisioningTest) { EnsureProvisioned(); }
 
 // Test that provisioning works, even if device is already provisioned.
 TEST_F(WvCdmEngineTest, ReprovisioningTest) {
   // Provision once.
-  Provision();
+  EnsureProvisioned();
   // Verify that we can provision a second time, even though we already
   // provisioned once.
-  Provision();
+  EnsureProvisioned();
 }
 
 TEST_F(WvCdmEngineTest, BaseIsoBmffMessageTest) {

libwvdrmengine/cdm/core/test/crypto_session_unittest.cpp

@@ -96,6 +96,9 @@ TEST_F(CryptoSessionMetricsTest, OpenSessionValidMetrics) {
   } else if (token_type == kClientTokenDrmCert) {
     // TODO(blueeyes): Add support for getting the system id from a
     // pre-installed DRM certificate..
+  } else if (token_type == kClientTokenBootCertChain) {
+    EXPECT_EQ(OEMCrypto_BootCertificateChain,
+              metrics_proto.oemcrypto_provisioning_method().int_value());
   } else {
     FAIL() << "Unexpected token type: " << token_type;
   }
@@ -134,9 +137,9 @@ TEST_F(CryptoSessionMetricsTest, GetProvisioningTokenValidMetrics) {
     ASSERT_GE(metrics_proto.oemcrypto_get_oem_public_certificate().size(), 1);
     EXPECT_THAT(metrics_proto.oemcrypto_get_oem_public_certificate(0).count(),
                 AllOf(Ge(1), Le(2)));
-
-    ASSERT_GE(metrics_proto.crypto_session_get_token().size(), 1);
-    EXPECT_GE(metrics_proto.crypto_session_get_token(0).count(), 1);
+  } else if (token_type == kClientTokenBootCertChain) {
+    EXPECT_EQ(OEMCrypto_BootCertificateChain,
+              metrics_proto.oemcrypto_provisioning_method().int_value());
   } else {
     ASSERT_EQ(0, metrics_proto.crypto_session_get_token().size());
   }

libwvdrmengine/cdm/core/test/fake_provisioning_server.cpp

@@ -284,7 +284,8 @@ bool FakeProvisioningServer::MakeResponse(
   wvoec::KeyDeriver key_deriver;
   // Not only is this Prov 2.0 specific, it assumes the device is using the
   // standard test keybox.
-  key_deriver.DeriveKeys(wvoec::kTestKeybox.device_key_, mac_context_v,
+  key_deriver.DeriveKeys(wvoec::kTestKeybox.device_key_,
+                         sizeof(wvoec::kTestKeybox.device_key_), mac_context_v,
                          enc_context_v);
 
   // Create a structure to hold the RSA private key. This is used by the key

libwvdrmengine/cdm/core/test/reboot_test.cpp

@@ -222,9 +222,11 @@ void RebootTest::SetUp() {
     EXPECT_EQ(read, file_size) << "Error reading persistent data file.";
     EXPECT_TRUE(ParseDump(dump, &persistent_data_));
   }
+  TestSleep::SyncFakeClock();
 }
 
 void RebootTest::TearDown() {
+  TestSleep::SyncFakeClock();
   auto file = file_system_->Open(persistent_data_filename_,
                                  FileSystem::kCreate | FileSystem::kTruncate);
   ASSERT_TRUE(file) << "Failed to open file: " << persistent_data_filename_;
@@ -404,6 +406,7 @@ class OfflineLicense {
   // Fetch and load the license. The session is left open.
   void LoadLicense() {
     license_holder_.OpenSession();
+    TestSleep::SyncFakeClock();
     start_of_rental_clock_ = wvutil::Clock().GetCurrentTime();
     license_holder_.FetchLicense();
     license_holder_.LoadLicense();
@@ -433,6 +436,7 @@ class OfflineLicense {
 
   // Verify that the license may be used to decrypt content.
   void Decrypt() {
+    TestSleep::SyncFakeClock();
     if (start_of_playback_ == 0) {
       start_of_playback_ = wvutil::Clock().GetCurrentTime();
     }
@@ -450,6 +454,7 @@ class OfflineLicense {
   // Verify that the license has expired, and may not be used to decrypt
   // content.
   void FailDecrypt() {
+    TestSleep::SyncFakeClock();
     const KeyId key_id = "0000000000000000";
     EXPECT_EQ(NEED_KEY, license_holder_.Decrypt(key_id))
         << "Decrypt should have failed for " << content_id_
@@ -628,6 +633,7 @@ class OfflineLicenseTest : public RebootTest {
     int decrypt_count = 0;
     int fail_count = 0;
     for (auto time : interesting_times_) {
+      TestSleep::SyncFakeClock();
       int64_t now = wvutil::Clock().GetCurrentTime();
       int64_t delta = (time - now);
       // It is not necessarily an error for the delta to be negative. But it is
@@ -672,6 +678,7 @@ class OfflineLicenseTest : public RebootTest {
       for (size_t i = first_valid_[n] + 1; i < test_case_[n].size(); i++) {
         OfflineLicense* license = test_case_[n][i].get();
         ASSERT_NO_FATAL_FAILURE(license->ReloadLicense());
+        TestSleep::SyncFakeClock();
         int64_t now = wvutil::Clock().GetCurrentTime();
         if (now <= license->cutoff() - kFudge) {
           license->Decrypt();