Rename and clarify Drm Reprovisioning token types

[ Merge of http://go/wvgerrit/194374 ]

Renames and adds clarifying comments to Drm Reprovisioning token types.
All provisioning methods can be forced to reprovision by apps which can
cause reprovisioning to be an overloaded term. Renaming token types
used by the Drm Reprovisioning method to more clearly state they are
used for Drm Certificate Reprovisioning should help to avoid confusion.
This change also adds comments to help clarify when and where Drm
Reprovisioning is used as a provisioning type.

Bug: b/305093063
Test: WVTS

* Added dependency to dynamic perf tests to fix missing header build
  error.

Change-Id: I158eb5672ad9e655a60bc68e0f4f2f7a0d464b4e

libwvdrmengine/cdm/core/src/cdm_engine.cpp

@@ -754,7 +754,7 @@ CdmResponseType CdmEngine::QueryStatus(RequestedSecurityLevel security_level,
     }
     switch (token_type) {
       case kClientTokenDrmCert:
-      case kClientTokenDrmReprovisioning:
+      case kClientTokenDrmCertificateReprovisioning:
         *query_response = QUERY_VALUE_DRM_CERTIFICATE;
         break;
       case kClientTokenKeybox:

libwvdrmengine/cdm/core/src/certificate_provisioning.cpp

@@ -169,7 +169,7 @@ CertificateProvisioning::GetProvisioningType() {
       return SignedProvisioningMessage::PROVISIONING_40;
     case kClientTokenOemCert:
       return SignedProvisioningMessage::PROVISIONING_30;
-    case kClientTokenDrmReprovisioning:
+    case kClientTokenDrmCertificateReprovisioning:
       return SignedProvisioningMessage::DRM_REPROVISIONING;
     default:
       return SignedProvisioningMessage::PROVISIONING_20;

libwvdrmengine/cdm/core/src/client_identification.cpp

@@ -404,7 +404,7 @@ bool ClientIdentification::GetProvisioningTokenType(
       }
       return true;
     }
-    case kClientTokenDrmReprovisioning:
+    case kClientTokenDrmCertificateReprovisioning:
       *token_type =
           video_widevine::ClientIdentification::DRM_DEVICE_CERTIFICATE;
       return true;

libwvdrmengine/cdm/core/src/crypto_session.cpp

@@ -348,7 +348,7 @@ CdmResponseType CryptoSession::GetProvisioningMethod(
       type = kClientTokenBootCertChain;
       break;
     case OEMCrypto_DrmReprovisioning:
-      type = kClientTokenDrmReprovisioning;
+      type = kClientTokenDrmCertificateReprovisioning;
       break;
     case OEMCrypto_ProvisioningError:
     default:
@@ -666,7 +666,8 @@ CdmResponseType CryptoSession::GetProvisioningToken(
   } else if (pre_provision_token_type_ == kClientTokenBootCertChain) {
     status = GetBootCertificateChain(requested_security_level, token,
                                      additional_token);
-  } else if (pre_provision_token_type_ == kClientTokenDrmReprovisioning) {
+  } else if (pre_provision_token_type_ ==
+             kClientTokenDrmCertificateReprovisioning) {
     status = GetTokenFromEmbeddedCertificate(token);
   }
   metrics_->crypto_session_get_token_.Increment(status);
@@ -1275,7 +1276,8 @@ CdmResponseType CryptoSession::PrepareAndSignProvisioningRequest(
     should_specify_algorithm = true;
     // Do nothing here. The key to signing the provisioning 4.0 request for each
     // stage has been loaded already when it was generated by OEMCrypto.
-  } else if (pre_provision_token_type_ == kClientTokenDrmReprovisioning) {
+  } else if (pre_provision_token_type_ ==
+             kClientTokenDrmCertificateReprovisioning) {
     should_specify_algorithm = false;
     // Do nothing here. The baked-in certificate used as the token has already
     // been loaded when the EncryptedClientId was filled in.
@@ -1462,7 +1464,7 @@ CdmResponseType CryptoSession::GetTokenFromEmbeddedCertificate(
     LOGE("Failed to get token type");
     return sts;
   }
-  if (token_type != kClientTokenDrmReprovisioning) {
+  if (token_type != kClientTokenDrmCertificateReprovisioning) {
     token->clear();
     return CdmResponseType(NO_ERROR);
   }

libwvdrmengine/cdm/core/src/license_protocol.proto

@@ -1026,7 +1026,8 @@ message SignedProvisioningMessage {
     ARCPP_PROVISIONING = 4;  // ChromeOS/Arc++ devices.
     // Android-Attestation-based OTA keyboxes.
     ANDROID_ATTESTATION_KEYBOX_OTA = 6;
-    // Certificate reprovisioning for internal L3 CDMs only.
+    // DRM certificate reprovisioning for individualization of embedded
+    // DRM certificates used by internal L3 CDMs only.
     DRM_REPROVISIONING = 7;
     INTEL_SIGMA_101 = 101;  // Intel Sigma 1.0.1 protocol.
     INTEL_SIGMA_210 = 210;  // Intel Sigma 2.1.0 protocol.
@@ -1275,8 +1276,9 @@ message DrmCertificate {
     DEVICE = 2;
     SERVICE = 3;
     PROVISIONER = 4;
-    // Only used by baked-in certificates with internal L3 CDMs that support
-    // Drm Reprovisioning.
+    // Only used by internal L3 CDMs with baked-in (embedded) certificates that
+    // support the Drm Reprovisioning method for individualization of embedded
+    // certificates.
     DEVICE_EMBEDDED = 5;
   }
   enum ServiceType {

libwvdrmengine/cdm/core/src/system_id_extractor.cpp

@@ -60,7 +60,7 @@ bool SystemIdExtractor::ExtractSystemId(uint32_t* system_id) {
   switch (type) {
     case kClientTokenDrmCert:
     // TODO: b/309675153 - Extract system id when using DRM reprovisioning.
-    case kClientTokenDrmReprovisioning:
+    case kClientTokenDrmCertificateReprovisioning:
       LOGW(
           "Cannot get a system ID from a DRM certificate, "
           "using null system ID: security_level = %s",

libwvdrmengine/cdm/core/src/wv_cdm_types.cpp

@@ -76,8 +76,8 @@ const char* CdmClientTokenTypeToString(CdmClientTokenType type) {
       return "BootCertChain";
     case kClientTokenUninitialized:
       return "Uninitialized";
-    case kClientTokenDrmReprovisioning:
-      return "DrmReprovisioning";
+    case kClientTokenDrmCertificateReprovisioning:
+      return "DrmCertificateReprovisioning";
   }
   return UnknownValueRep(type);
 }