Merges to android Pi release (part 3)

These are a set of CLs merged from the wv cdm repo to the android repo.

* Add CDM status return for decrypt blocked by HDCP.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/28062 ]

  New status code is kKeyUsageBlockedByPolicy. It is returned by the decrypt()
  call instead of kDecryptError or kNoKey.

  Also shuffled the CDM status returns to define the EME-aligned codes
  first, and added comments to highlight the differences in handling.

  BUG: 37540672

* Change division and mod ops to relocatables

  Author: Srujan Gaddam <srujzs@google.com>

  [ Merge of http://go/wvgerrit/28600 ]

  This is similar to I2dad1028acf295288cd10817a2bcff2513c053c9.
  We should be using the relocatable functions instead of the
  native division and mod operations.

* Cleanup Encrypted ClientID in provisioning request

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/28083 ]

  b/36897239

  Staging server does not support it (or the client is not constructing
  it properly).  Leave it disabled pending investigation.

* Certificate Provisioning fixes.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/28066 ]

  Partial fix for BUG: 37482676
  Partial fix for BUG: 37481392

  Update service certificates, get rid of DEV/QA root certificate.
  Provisioning request and response are base64 (web-safe) encoded.
  Response is optionally JSON-wrapped.

  Change ConfigTestEnv; clearer comments and a closer match to reality.

BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
      commit in the chain.

Change-Id: I79d3c4bf1124e5e0d3e4d40baead65a8266ea874

libwvdrmengine/cdm/core/include/device_files.h

@@ -29,17 +29,13 @@ class DeviceFiles {
     kLicenseStateUnknown,
   } LicenseState;
 
-  typedef enum {
-    kStorageLicense,  // persistent license
-    kStorageUsageInfo,  // secure stop
-  } UsageEntryStorage;
-
-  struct UsageEntryInfo {
-    UsageEntryStorage storage_type;
-    std::string key_set_id;  // used when storage_type is kStorageLicense
-    std::string
-        provider_session_token;  // used when storage_type is kStorageUsageInfo
-    std::string app_id;  // used when storage_type is kStorageUsageInfo
+  struct CdmUsageData {
+    std::string provider_session_token;
+    CdmKeyMessage license_request;
+    CdmKeyResponse license;
+    std::string key_set_id;
+    CdmUsageEntry usage_entry;
+    uint32_t usage_entry_number;
   };
 
   DeviceFiles(FileSystem*);
@@ -71,7 +67,8 @@ class DeviceFiles {
                             int64_t last_playback_time,
                             int64_t grace_period_end_time,
                             const CdmAppParameterMap& app_parameters,
-                            const CdmUsageEntry& usage_entry);
+                            const CdmUsageEntry& usage_entry,
+                            uint32_t usage_entry_number);
   virtual bool RetrieveLicense(
       const std::string& key_set_id, LicenseState* state,
       CdmInitData* pssh_data, CdmKeyMessage* key_request,
@@ -79,7 +76,7 @@ class DeviceFiles {
       CdmKeyResponse* key_renewal_response, std::string* release_server_url,
       int64_t* playback_start_time, int64_t* last_playback_time,
       int64_t* grace_period_end_time, CdmAppParameterMap* app_parameters,
-      CdmUsageEntry* usage_entry);
+      CdmUsageEntry* usage_entry, uint32_t* usage_entry_number);
   virtual bool DeleteLicense(const std::string& key_set_id);
   virtual bool ListLicenses(std::vector<std::string>* key_set_ids);
   virtual bool DeleteAllFiles();
@@ -88,13 +85,25 @@ class DeviceFiles {
   virtual bool ReserveLicenseId(const std::string& key_set_id);
   virtual bool UnreserveLicenseId(const std::string& key_set_id);
 
-  // Store a usage record to the set of usage information on the file system.
+  // Use this method to create a |usage_info_file_name| from an |app_id|
+  static std::string GetUsageInfoFileName(const std::string& app_id);
+
+  // The UsageInfo methods have been revised to use |usage_info_file_name|
+  // rather than |app_id| as a parameter. Use the helper method above to
+  // translate.
+  // OEMCrypto API 13 introduced big usage tables which required
+  // migration from usage tables stored by the TEE to usage table
+  // header+usage entries stored in unsecured persistent storage. The upgrade
+  // required creation of reverse lookup tables (CdmUsageEntryInfo).
+  // |app_id| however was hashed and unextractable, and necessitated the
+  // switch to |usage_info_file_name|
   virtual bool StoreUsageInfo(const std::string& provider_session_token,
                               const CdmKeyMessage& key_request,
                               const CdmKeyResponse& key_response,
-                              const std::string& app_id,
+                              const std::string& usage_info_file_name,
                               const std::string& key_set_id,
-                              const CdmUsageEntry& usage_entry);
+                              const CdmUsageEntry& usage_entry,
+                              uint32_t usage_entry_number);
 
   // Extract KSIDs from usage information on the file system.
   virtual bool ListUsageRecords(const std::string& app_id,
@@ -105,37 +114,49 @@ class DeviceFiles {
                                        const std::string& key_set_id,
                                        std::string* provider_session_token);
 
-  // Delete the usage record for the given PST.
-  virtual bool DeleteUsageInfo(const std::string& app_id,
+  virtual bool DeleteUsageInfo(const std::string& usage_info_file_name,
                                const std::string& provider_session_token);
 
   // Delete usage information from the file system.  Puts a list of all the
   // psts that were deleted from the file into |provider_session_tokens|.
   virtual bool DeleteAllUsageInfoForApp(
-      const std::string& app_id,
+      const std::string& usage_info_file_name,
       std::vector<std::string>* provider_session_tokens);
 
   // Retrieve one usage info from the file.  Subsequent calls will retrieve
   // subsequent entries in the table for this app_id.
   virtual bool RetrieveUsageInfo(
-      const std::string& app_id,
+      const std::string& usage_info_file_name,
       std::vector<std::pair<CdmKeyMessage, CdmKeyResponse> >* usage_info);
 
   // Retrieve the usage info entry specified by |provider_session_token|.
   // Returns false if the entry could not be found.
-  virtual bool RetrieveUsageInfo(const std::string& app_id,
+  virtual bool RetrieveUsageInfo(const std::string& usage_info_file_name,
                                  const std::string& provider_session_token,
                                  CdmKeyMessage* license_request,
                                  CdmKeyResponse* license_response,
-                                 CdmUsageEntry* usage_entry);
-
+                                 CdmUsageEntry* usage_entry,
+                                 uint32_t* usage_entry_number);
   // Retrieve the usage info entry specified by |key_set_id|.
   // Returns false if the entry could not be found.
-  virtual bool RetrieveUsageInfoByKeySetId(const std::string& app_id,
-                                           const std::string& key_set_id,
-                                           CdmKeyMessage* license_request,
-                                           CdmKeyResponse* license_response,
-                                           CdmUsageEntry* usage_entry);
+  virtual bool RetrieveUsageInfoByKeySetId(
+      const std::string& usage_info_file_name,
+      const std::string& key_set_id,
+      std::string* provider_session_token,
+      CdmKeyMessage* license_request,
+      CdmKeyResponse* license_response,
+      CdmUsageEntry* usage_entry,
+      uint32_t* usage_entry_number);
+
+  // These APIs support upgrading from usage tables to usage tabler header +
+  // entries introduced in OEMCrypto V13.
+
+  virtual bool ListUsageInfoFiles(std::vector<std::string>* usage_file_names);
+  virtual bool RetrieveUsageInfo(const std::string& usage_info_file_name,
+                                 std::vector<CdmUsageData>* usage_data);
+  // This method overwrites rather than appends data to the usage file
+  virtual bool StoreUsageInfo(const std::string& usage_info_file_name,
+                              const std::vector<CdmUsageData>& usage_data);
 
   virtual bool StoreHlsAttributes(const std::string& key_set_id,
                                   const CdmHlsMethod method,
@@ -147,11 +168,11 @@ class DeviceFiles {
 
   virtual bool StoreUsageTableInfo(
       const CdmUsageTableHeader& usage_table_header,
-      const std::vector<UsageEntryInfo>& usage_entry_info);
+      const std::vector<CdmUsageEntryInfo>& usage_entry_info);
 
   virtual bool RetrieveUsageTableInfo(
       CdmUsageTableHeader* usage_table_header,
-      std::vector<UsageEntryInfo>* usage_entry_info);
+      std::vector<CdmUsageEntryInfo>* usage_entry_info);
 
  private:
   // Extract serial number and system ID from DRM Device certificate
@@ -175,7 +196,6 @@ class DeviceFiles {
   static std::string GetCertificateFileName();
   static std::string GetHlsAttributesFileNameExtension();
   static std::string GetLicenseFileNameExtension();
-  static std::string GetUsageInfoFileName(const std::string& app_id);
   static std::string GetUsageTableFileName();
   static std::string GetFileNameSafeHash(const std::string& input);
 

libwvdrmengine/cdm/core/include/license_key_status.h

@@ -37,7 +37,11 @@ class LicenseKeys {
   virtual bool ApplyStatusChange(CdmKeyStatus new_status,
                                  bool* new_usable_keys);
 
-  // Populates the CdmKeyStatusMap with the current content keys.
+  // Returns current CdmKeyStatus for the given key.
+  // Returns kKeyStatusKeyUnknown if key_id not found.
+  virtual CdmKeyStatus GetKeyStatus(const KeyId& key_id);
+
+  // Populates a CdmKeyStatusMap with the current content keys.
   virtual void ExtractKeyStatuses(CdmKeyStatusMap* content_keys);
 
   // Determines whether the specified key can be used under the current

libwvdrmengine/cdm/core/include/policy_engine.h

@@ -34,6 +34,11 @@ class PolicyEngine {
   // status is not calculated to avoid overhead in the decryption path.
   virtual bool CanDecryptContent(const KeyId& key_id);
 
+  // Returns the current CdmKeyStatus for the given key, or
+  // kKeyStatusKeyUnknown if the key is not found. This is useful for finding
+  // out why a key is not usable.
+  virtual CdmKeyStatus GetKeyStatus(const KeyId& key_id);
+
   // OnTimerEvent is called when a timer fires. It notifies the Policy Engine
   // that the timer has fired and dispatches the relevant events through
   // |event_listener_|.

libwvdrmengine/cdm/core/include/wv_cdm_types.h

@@ -317,6 +317,7 @@ enum CdmResponseType {
 };
 
 enum CdmKeyStatus {
+  kKeyStatusKeyUnknown,
   kKeyStatusUsable,
   kKeyStatusExpired,
   kKeyStatusOutputNotAllowed,
@@ -398,6 +399,18 @@ enum CdmUsageSupportType {
   kUnknownUsageSupport,
 };
 
+enum CdmUsageEntryStorageType {
+  kStorageLicense,
+  kStorageUsageInfo,
+  kStorageUnknown,
+};
+
+struct CdmUsageEntryInfo {
+  CdmUsageEntryStorageType storage_type;
+  CdmKeySetId key_set_id;
+  std::string usage_info_file_name;
+};
+
 class CdmKeyAllowedUsage {
  public:
   CdmKeyAllowedUsage() {