Add exponential backoff retries during initialization.

Integrators are seeing transient failures, maybe this helps. We also
conveniently already have a backoff utility.

Bug: b/411131610
Change-Id: I75360835686702837aa0c190b6adad80045de534

Author: tdbhacks

kmsp11/BUILD.bazel

@@ -286,6 +286,7 @@ cc_library(
         ":object_loader",
         ":object_store",
         ":object_store_state_cc_proto",
+        "//common:backoff",
         "//common:kms_client",
         "//common:status_macros",
         "//kmsp11/config:config_cc_proto",

kmsp11/token.cc

@@ -18,6 +18,7 @@
 
 #include "absl/container/flat_hash_set.h"
 #include "absl/status/statusor.h"
+#include "common/backoff.h"
 #include "common/kms_client.h"
 #include "common/status_macros.h"
 #include "kmsp11/object_loader.h"
@@ -88,7 +89,20 @@ absl::StatusOr<std::unique_ptr<Token>> Token::New(CK_SLOT_ID slot_id,
       std::unique_ptr<ObjectLoader> loader,
       ObjectLoader::New(token_config.key_ring(),
                         token_config.certs(), generate_certs, allow_software_keys));
-  ASSIGN_OR_RETURN(ObjectStoreState state, loader->BuildState(*kms_client));
+  absl::StatusOr<ObjectStoreState> state_resp = loader->BuildState(*kms_client);
+
+  // Exponential backoff to reduce errors at library initialization.
+  constexpr absl::Duration kMinDelay = absl::Milliseconds(10);
+  constexpr absl::Duration kMaxDelay = absl::Seconds(1);
+  int retries = 0;
+  while (retries < 10 &&
+         (state_resp.status().code() == absl::StatusCode::kDeadlineExceeded ||
+          state_resp.status().code() == absl::StatusCode::kUnavailable)) {
+    absl::SleepFor(ComputeBackoff(kMinDelay, kMaxDelay, retries++));
+    state_resp = loader->BuildState(*kms_client);
+  }
+
+  ASSIGN_OR_RETURN(ObjectStoreState state, state_resp);
   ASSIGN_OR_RETURN(std::unique_ptr<ObjectStore> store, ObjectStore::New(state));
 
   // using `new` to invoke a private constructor