widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync Android reference with CDM reference.

Browse Source 
The sc-dev branch on Android is out of sync with several important
changes on the CDM master branch.  This changes copies several CLs.

[ Merge of http://go/wvgerrit/104524 ]

OEMCrypto unittest: generic crypto APIs

Add unit tests to verify that generic crypto APIs do not crash for large
input buffer lengths and signature lengths.

[ Merge of http://go/wvgerrit/106583 ]

Fix secure buffer tests in OEMCrypto testbed

The secure buffers were not being used correctly in the testbed, and
were failing OEMCryptoMemoryCopyBufferForHugeBufferLengths.

[ Merge of http://go/wvgerrit/109603 ]

Reject block_offsets of 16 or greater in OEC Ref

This is a potential security hole. We will be enforcing that OEMCrypto
rejects this in an upcoming test, so the Ref must be updated to reject
it.

[ Merge of http://go/wvgerrit/110165 ]

Fix Format String Signedness

See above for full description.

[ Merge of http://go/wvgerrit/111784 ]

Fix heap overflow test in L3 and OEMCrypto ref

Check the length of wrapped_rsa_key_length before casting to
WrappedRSAKey struct.

[ Merge of http://go/wvgerrit/113563 ]

Reword "blacklisted" to "forbidden"

[ Merge of http://go/wvgerrit/113583 ]

Use error code from RAND_bytes

The return code from RAND_bytes was not used correctly.

[ Merge of http://go/wvgerrit/113644 ]

Check for buffer overflow when computing subsample size

The test DecryptCENCForNumBytesClearPlusEncryptedOverflowsSize
cleverly picks num_bytes_clear + num_bytes_encrypted = 1 after integer
overflow. This is in the refernce code, level 3, and odkitee.

[ Merge of http://go/wvgerrit/113683 ]

OEMCrypto reference code: respect analog flags for clear buffers

The reference code should honor the analog_display_active flag for
both clear and secure buffers.

[ Merge of http://go/wvgerrit/114883 ]

Add size check for IV in OEMCrypto APIs

IV is supposed to be 16 bytes but the size is never checked before iv
gets used in LoadProvisioning.

Bug: 145026457
Bug: 147569428
Bug: 159847851
Bug: 162372059
Bug: 169278035
Bug: 169980065
Bug: 173460694
Bug: 173994023
Bug: 174523584
Bug: 175001473
Bug: 175041667
Test: No compiled files changed
Change-Id: If0ccd1cd3a56f72eedd2a6cb202a34bc7b43ca0d
This commit is contained in:
Alex Dale
2021-02-19 17:16:32 -08:00
parent eb56801fdb
commit 23f7cd60a7
5 changed files with 167 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp
View File

@@ -230,6 +230,13 @@ OEMCryptoResult CryptoEngine::SetDestination(
max_length = out_description.buffer.clear.address_length;
break;
case OEMCrypto_BufferType_Secure:
if (out_description.buffer.secure.handle_length <
out_description.buffer.secure.offset) {
LOGE("Secure buffer offset too large: %zu < %zu",
out_description.buffer.secure.handle_length,
out_description.buffer.secure.offset);
return OEMCrypto_ERROR_SHORT_BUFFER;
}
destination_ =
reinterpret_cast<uint8_t*>(out_description.buffer.secure.handle) +
out_description.buffer.secure.offset;