Merge latest oemcrypto-v17 change

No-Typo-Check: Not related to this change.

Bug: 161477208
Change-Id: I99e4780f6855b7045aa0cd5a49c13d2d0d51ed64

libwvdrmengine/cdm/core/src/client_identification.cpp

@@ -68,13 +68,14 @@ using video_widevine::ProvisioningRequest;
 using video_widevine::ProvisioningResponse;
 using video_widevine::SignedProvisioningMessage;
 
-CdmResponseType ClientIdentification::InitForProvisioning(
-    CryptoSession* crypto_session) {
+CdmResponseType ClientIdentification::InitForProvisioningRequest(
+    const std::string& client_token, CryptoSession* crypto_session) {
   if (crypto_session == nullptr) {
     LOGE("Crypto session not provided");
     return PARAMETER_NULL;
   }
   is_license_request_ = false;
+  client_token_ = client_token;
   crypto_session_ = crypto_session;
   return NO_ERROR;
 }
@@ -118,7 +119,15 @@ CdmResponseType ClientIdentification::Prepare(
     client_id->set_type(
         video_widevine::ClientIdentification::DRM_DEVICE_CERTIFICATE);
     client_id->set_token(client_token_);
+  } else if (!client_token_.empty()) {
+    // A token has been provided via InitForProvisioningRequest. This can only
+    // happen in provisioning 4 (second stage) where an OEM cert is provided.
+    client_id->set_type(
+        video_widevine::ClientIdentification::OEM_DEVICE_CERTIFICATE);
+    client_id->set_token(client_token_);
   } else if (!is_okp_request_) {
+    // An OTA Keybox Provisioning request does not have a client id.
+    // Otherwise this is a regular provisioning request.
     video_widevine::ClientIdentification::TokenType token_type;
     if (!GetProvisioningTokenType(&token_type)) {
       LOGE("Failed to get provisioning token type");
@@ -127,13 +136,18 @@ CdmResponseType ClientIdentification::Prepare(
     client_id->set_type(token_type);
 
     std::string token;
-    CdmResponseType status = crypto_session_->GetProvisioningToken(&token);
+    std::string additional_token;
+    CdmResponseType status =
+        crypto_session_->GetProvisioningToken(&token, &additional_token);
     if (status != NO_ERROR) {
       LOGE("Failed to get provisioning token: status = %d",
            static_cast<int>(status));
       return status;
     }
     client_id->set_token(token);
+    if (!additional_token.empty()) {
+      client_id->mutable_device_credentials()->set_token(additional_token);
+    }
   }
 
   ClientIdentification_NameValue* client_info;
@@ -295,8 +309,7 @@ CdmResponseType ClientIdentification::Prepare(
   }
 
   if (is_license_request_) {
-    client_capabilities->set_can_update_srm(
-        crypto_session_->IsSrmUpdateSupported());
+    client_capabilities->set_can_update_srm(false);
     uint16_t srm_version;
     if (crypto_session_->GetSrmVersion(&srm_version) == NO_ERROR)
       client_capabilities->set_srm_version(srm_version);
@@ -344,6 +357,10 @@ bool ClientIdentification::GetProvisioningTokenType(
       *token_type =
           video_widevine::ClientIdentification::OEM_DEVICE_CERTIFICATE;
       return true;
+    case kClientTokenBootCertChain:
+      *token_type =
+          video_widevine::ClientIdentification::BOOT_CERTIFICATE_CHAIN;
+      return true;
     case kClientTokenDrmCert:
     default:
       // shouldn't happen