Support CAST V2 authentication

bug: 12702350

Squashed commit of these CLs from the widevine cdm repo:

Cast V2 cdm support
https://widevine-internal-review.googlesource.com/#/c/9190/

Add CASTv2 Support to DrmPlugin
https://widevine-internal-review.googlesource.com/#/c/9228/

Test for CastV2 authentication APIs
https://widevine-internal-review.googlesource.com/9550

Change-Id: I6d66bc1bbd653db5542c68687b30b441dd20617f

libwvdrmengine/cdm/core/src/certificate_provisioning.cpp

@@ -6,6 +6,7 @@
 #include "license_protocol.pb.h"
 #include "log.h"
 #include "string_conversions.h"
+#include "wv_cdm_constants.h"
 
 namespace {
 const std::string kDefaultProvisioningServerUrl =
@@ -17,6 +18,7 @@ const std::string kDefaultProvisioningServerUrl =
 namespace wvcdm {
 // Protobuf generated classes.
 using video_widevine_server::sdk::ClientIdentification;
+using video_widevine_server::sdk::ProvisioningOptions;
 using video_widevine_server::sdk::ProvisioningRequest;
 using video_widevine_server::sdk::ProvisioningResponse;
 using video_widevine_server::sdk::SignedProvisioningMessage;
@@ -54,6 +56,8 @@ void CertificateProvisioning::ComposeJsonRequestAsQueryString(
  */
 CdmResponseType CertificateProvisioning::GetProvisioningRequest(
     SecurityLevel requested_security_level,
+    CdmCertificateType cert_type,
+    const std::string& cert_authority,
     CdmProvisioningRequest* request,
     std::string* default_url) {
   default_url->assign(kDefaultProvisioningServerUrl);
@@ -86,6 +90,24 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequest(
   std::string the_nonce(reinterpret_cast<char*>(&nonce), sizeof(nonce));
   provisioning_request.set_nonce(the_nonce);
 
+  ProvisioningOptions* options = provisioning_request.mutable_options();
+  switch (cert_type) {
+    case kCertificateWidevine:
+      options->set_certificate_type(
+          video_widevine_server::sdk::ProvisioningOptions_CertificateType_RSA_WIDEVINE);
+      break;
+    case kCertificateX509:
+      options->set_certificate_type(
+          video_widevine_server::sdk::ProvisioningOptions_CertificateType_X509);
+      break;
+    default:
+      LOGE("GetProvisioningRequest: unknown certificate type %ld", cert_type);
+      return UNKNOWN_ERROR;
+  }
+
+  cert_type_ = cert_type;
+  options->set_certificate_authority(cert_authority);
+
   std::string serialized_message;
   provisioning_request.SerializeToString(&serialized_message);
 
@@ -155,7 +177,9 @@ bool CertificateProvisioning::ParseJsonResponse(
  * Returns NO_ERROR for success and UNKNOWN_ERROR if fails.
  */
 CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
-    CdmProvisioningResponse& response) {
+    CdmProvisioningResponse& response,
+    std::string* cert,
+    std::string* wrapped_key) {
 
   // Extracts signed response from JSON string, decodes base64 signed response
   const std::string kMessageStart = "\"signedResponse\": \"";
@@ -211,6 +235,12 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
 
   crypto_session_.Close();
 
+  if (cert_type_ == kCertificateX509) {
+    *cert = provisioning_response.device_certificate();
+    *wrapped_key = wrapped_rsa_key;
+    return NO_ERROR;
+  }
+
   const std::string& device_certificate =
       provisioning_response.device_certificate();