[ Cherry-pick of v19 http://go/wvgerrit/219291 ]
[ Merge of http://go/wvgerrit/219432 ]
If the same app/origin generates multiple provisioning 4.0
requests it is possible that a mismatch between the OEM/DRM
certificate and the wrapped OEM/DRM private key occurs. The CDM
would use the OEM/DRM certificate of the first response one
received, and the wrapped private key of the last request generated.
To avoid this issue, the public key from the most recent request
is cached and checked against the responses received. If the
keys match, that response is accepted; if the keys don't match
than the response is assumed "stale" and the response is dropped.
In an attempt to maintain existing behavior of the CDM, "stale"
responses will return NO_ERROR to the app.
Note: This was tested using both RSA and ECC cert key types.
VIC-specific: Needed to add implementation of StringContains() and
StringEndsWith().
Bug: 391469176
Test: run_prov40_tests
Change-Id: Id45d40d9af355c46a61c3cc2c19c252cf17c7489
a2cdce4296