Provisioning 3.0: Changes to Provisioning and Service Certs.

[ Merge of http://go/wvgerrit/23360 ]

Service Certificates are used in two places, provisioning and
licensing. The service certificate code depended on a session_id
to get and set the service certificate properties, but the session_id
was not available in the provisioning path.

This patch pulls out the property lookup by session_id dependency,
and passes the CdmImpl's property_set into the provisioning code, so
the service certificate can be read and written there.

Bug: 62972441

Test: WV unit/integration tests. This introduces three test failures
  * WvCdmRequestLicenseTest.PrivacyModeWithServiceCertificateTest
  * Cdm/WvCdmStreamingLicenseRenewalTest.WithClientId/4
  * Cdm/WvCdmOfflineLicenseReleaseTest.WithClientId/3

Change-Id: I6e9d4e23a9e7e81a63a994db8ec0b443893449a6

libwvdrmengine/cdm/core/src/license.cpp

@@ -15,6 +15,7 @@
 #include "policy_engine.h"
 #include "privacy_crypto.h"
 #include "properties.h"
+#include "service_certificate.h"
 #include "string_conversions.h"
 #include "wv_cdm_constants.h"
 
@@ -145,8 +146,9 @@ CdmLicense::CdmLicense(const CdmSessionId& session_id, Clock* clock)
 CdmLicense::~CdmLicense() {}
 
 bool CdmLicense::Init(
-    const std::string& client_token, CdmClientTokenType client_token_type,
-    CryptoSession* session, PolicyEngine* policy_engine) {
+    ServiceCertificate* service_certificate, const std::string& client_token,
+    CdmClientTokenType client_token_type, CryptoSession* session,
+    PolicyEngine* policy_engine) {
   if (clock_.get() == NULL) {
     LOGE("CdmLicense::Init: clock parameter not provided");
     return false;
@@ -168,19 +170,11 @@ bool CdmLicense::Init(
     return false;
   }
 
+  service_certificate_ = service_certificate;
   client_token_ = client_token;
   client_token_type_ = client_token_type;
   crypto_session_ = session;
   policy_engine_ = policy_engine;
-  service_certificate_.reset(new ServiceCertificate());
-  if (service_certificate_.get() == NULL) {
-    LOGE("CdmLicense::Init: creation of service_certificate failed");
-    return false;
-  }
-  if (!service_certificate_->Init(session_id_, crypto_session_)) {
-    LOGE("CdmLicense::Init: init of service_certificate failed");
-    return false;
-  }
   initialized_ = true;
   return true;
 }
@@ -217,14 +211,16 @@ CdmResponseType CdmLicense::PrepareKeyRequest(
     return INVALID_PARAMETERS_LIC_7;
   }
 
-  if (service_certificate_->IsRequired() &&
-      !service_certificate_->IsAvailable()) {
+  // If privacy mode and no service certificate, initiate a
+  // service certificate request.
+  if (Properties::UsePrivacyMode(session_id_) &&
+      !service_certificate_->HasCertificate()) {
     stored_init_data_.reset(new InitializationData(init_data));
     *server_url = server_url_;
-    if (service_certificate_->PrepareServiceCertificateRequest(signed_request))
+    if (service_certificate_->PrepareRequest(signed_request)) {
       return KEY_MESSAGE;
-    else
-      return LICENSE_REQUEST_SERVICE_CERTIFICATE_GENERATION_ERROR;
+    }
+    return LICENSE_REQUEST_SERVICE_CERTIFICATE_GENERATION_ERROR;
   }
 
   std::string request_id;
@@ -309,14 +305,13 @@ CdmResponseType CdmLicense::PrepareKeyUpdateRequest(
   }
 
   if (renew_with_client_id_) {
-    if (service_certificate_->IsRequired() &&
-        !service_certificate_->IsAvailable()) {
+    if (Properties::UsePrivacyMode(session_id_) &&
+        !service_certificate_->HasCertificate()) {
       *server_url = server_url_;
-      if (service_certificate_->
-          PrepareServiceCertificateRequest(signed_request))
+      if (service_certificate_->PrepareRequest(signed_request)) {
         return KEY_MESSAGE;
-      else
-        return LICENSE_RENEWAL_SERVICE_CERTIFICATE_GENERATION_ERROR;
+      }
+      return LICENSE_RENEWAL_SERVICE_CERTIFICATE_GENERATION_ERROR;
     }
   }
 
@@ -439,8 +434,8 @@ CdmResponseType CdmLicense::HandleKeyResponse(
     case SignedMessage::LICENSE:
       break;
     case SignedMessage::SERVICE_CERTIFICATE: {
-      CdmResponseType status =
-          service_certificate_->VerifyAndSet(signed_response.msg());
+      CdmResponseType status;
+      status = service_certificate_->HandleResponse(signed_response.msg());
       if (status != NO_ERROR) {
         return status;
       }
@@ -558,8 +553,8 @@ CdmResponseType CdmLicense::HandleKeyUpdateResponse(
     case SignedMessage::LICENSE:
       break;
     case SignedMessage::SERVICE_CERTIFICATE: {
-      CdmResponseType status =
-          service_certificate_->VerifyAndSet(signed_response.msg());
+      CdmResponseType status;
+      status = service_certificate_->HandleResponse(signed_response.msg());
       if (status != NO_ERROR) {
         return status;
       }
@@ -1027,16 +1022,15 @@ CdmResponseType CdmLicense::PrepareClientId(
   if (crypto_session_->GetSrmVersion(&srm_version))
     client_capabilities->set_srm_version(srm_version);
 
-  if (service_certificate_->IsRequired()) {
-    if (!service_certificate_->IsAvailable()) {
+  if (Properties::UsePrivacyMode(session_id_)) {
+    if (!service_certificate_->HasCertificate()) {
       LOGE("CdmLicense::PrepareClientId: Service Certificate not staged");
       return LICENSE_REQUEST_SERVICE_CERTIFICATE_GENERATION_ERROR;
     }
-
     EncryptedClientIdentification* encrypted_client_id =
         license_request->mutable_encrypted_client_id();
     CdmResponseType status;
-    status = service_certificate_->EncryptClientId(client_id,
+    status = service_certificate_->EncryptClientId(crypto_session_, client_id,
                                                    encrypted_client_id);
     if (NO_ERROR == status) {
       license_request->clear_client_id();