Combined Decrypt Calls

(This is a merge of http://go/wvgerrit/93829,
http://go/wvgerrit/93830, http://go/wvgerrit/93832,
http://go/wvgerrit/93833, and http://go/wvgerrit/93834 from the
Widevine repo.)

This implements the CDM code changes necessary to take advantage of
Combined Decrypt Calls on OEMCrypto v16. The result of this is that
WVCryptoPlugin is much lighter now because it can pass the full sample
down to the core in one call, but CryptoSession is heavier, as it now
has to handle more complex fallback logic when devices can't handle
multiple subsamples at once.

This patch also removes support for the 'cens' and 'cbc1' schema, which
are being dropped in OEMCrypto v16. This fixes an overflow in the code
for handling those schemas by removing it entirely.

This patch also fixes the "in chunks" legacy decrypt path to use larger
chunk sizes on devices with higher resource rating tiers.

Bug: 135285640
Bug: 123435824
Bug: 138584971
Bug: 139257871
Bug: 78289910
Bug: 149361893
Test: no new CE CDM Unit Test failures
Test: Google Play plays
Test: Netflix plays
Test: no new GTS failures
Change-Id: Ic4952c9fa3bc7fd5ed08698e88254380a7a18514

libwvdrmengine/cdm/src/wv_content_decryption_module.cpp

@@ -4,6 +4,9 @@
 
 #include "wv_content_decryption_module.h"
 
+#include <algorithm>
+#include <iterator>
+
 #include "cdm_client_property_set.h"
 #include "cdm_engine.h"
 #include "cdm_engine_factory.h"
@@ -286,11 +289,18 @@ CdmResponseType WvContentDecryptionModule::GetSecureStopIds(
 CdmResponseType WvContentDecryptionModule::Decrypt(
     const CdmSessionId& session_id, bool validate_key_id,
     const CdmDecryptionParameters& parameters) {
+  return DecryptV16(session_id, validate_key_id,
+                    CdmDecryptionParametersV16::from_v15(parameters));
+}
+
+CdmResponseType WvContentDecryptionModule::DecryptV16(
+    const CdmSessionId& session_id, bool validate_key_id,
+    const CdmDecryptionParametersV16& parameters) {
   // First find the CdmEngine that has the given session_id.  If we are using
   // key sharing, the shared session will still be in the same CdmEngine.
   CdmEngine* cdm_engine = GetCdmForSessionId(session_id);
   if (!cdm_engine) {
-    LOGE("WvContentDecryptionModule::Decrypt: session not found: %s",
+    LOGE("WvContentDecryptionModule::DecryptV16: session not found: %s",
          session_id.c_str());
     return SESSION_NOT_FOUND_18;
   }
@@ -298,18 +308,26 @@ CdmResponseType WvContentDecryptionModule::Decrypt(
   CdmSessionId local_session_id = session_id;
   if (validate_key_id && Properties::GetSessionSharingId(session_id) != 0) {
     bool status =
-        cdm_engine->FindSessionForKey(*parameters.key_id, &local_session_id);
+        cdm_engine->FindSessionForKey(parameters.key_id, &local_session_id);
     if (!status) {
-      // key does not need to be loaded if clear lead/frame has a
-      // single subsample. It does in all other cases.
-      if (parameters.is_encrypted ||
-          !(parameters.subsample_flags & OEMCrypto_FirstSubsample) ||
-          !(parameters.subsample_flags & OEMCrypto_LastSubsample)) {
+      // A key does not need to be loaded if the content consists entirely of
+      // clear data.
+      bool is_any_protected = std::any_of(
+          std::begin(parameters.samples), std::end(parameters.samples),
+          [](const CdmDecryptionSample& sample) -> bool {
+            return std::any_of(
+                std::begin(sample.subsamples), std::end(sample.subsamples),
+                [](const CdmDecryptionSubsample& subsample) -> bool {
+                  return subsample.protected_bytes > 0;
+                });
+          });
+
+      if (is_any_protected) {
         return KEY_NOT_FOUND_IN_SESSION;
       }
     }
   }
-  return cdm_engine->Decrypt(local_session_id, parameters);
+  return cdm_engine->DecryptV16(local_session_id, parameters);
 }
 
 void WvContentDecryptionModule::NotifyResolution(const CdmSessionId& session_id,