Add OEMCrypto_GetDeviceSignedCsrPayload fuzzer

Merged from https://widevine-internal-review.googlesource.com/175050 Change-Id: I28e4b1bc1f82deaf5644d0b2e31d916bf65365d3
2023-05-12 16:10:57 +00:00
parent ea43147a08
commit 3a05989920
1 changed files with 50 additions and 0 deletions
--- a/libwvdrmengine/oemcrypto/test/fuzz_tests/oemcrypto_get_device_signed_csr_payload_fuzz.cc
+++ b/libwvdrmengine/oemcrypto/test/fuzz_tests/oemcrypto_get_device_signed_csr_payload_fuzz.cc
@@ -0,0 +1,50 @@
+// Copyright 2023 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine
+// License Agreement.
+
+#include <vector>
+
+#include "FuzzedDataProvider.h"
+#include "OEMCryptoCENC.h"
+#include "oemcrypto_fuzz_helper.h"
+
+extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
+  wvoec::RedirectStdoutToFile();
+  wvoec::SessionUtil session_util;
+  wvoec::InitializeFuzz(session_util);
+  return 0;
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  // Split data using separator.
+  const std::vector<wvoec::FuzzedData> inputs =
+      wvoec::SplitFuzzedData(data, size);
+  if (inputs.size() < 3) {
+    return 0;
+  }
+
+  const std::vector<uint8_t> challenge(inputs[0].data,
+                                       inputs[0].data + inputs[0].size);
+
+  const std::vector<uint8_t> encoded_device_info(
+      inputs[1].data, inputs[1].data + inputs[1].size);
+
+  // signed_csr_payload and signed_csr_payload_length parameters
+  FuzzedDataProvider signed_csr_payload_fuzzed_data(inputs[2].data,
+                                                    inputs[2].size);
+  size_t signed_csr_payload_length_data =
+      signed_csr_payload_fuzzed_data.ConsumeIntegralInRange<size_t>(
+          0, wvoec::MAX_FUZZ_OUTPUT_LENGTH);
+  std::vector<uint8_t> signed_csr_payload(signed_csr_payload_length_data);
+  size_t* const signed_csr_payload_length =
+      signed_csr_payload_fuzzed_data.ConsumeBool()
+          ? &signed_csr_payload_length_data
+          : nullptr;
+
+  OEMCrypto_GetDeviceSignedCsrPayload(
+      challenge.data(), challenge.size(), encoded_device_info.data(),
+      encoded_device_info.size(), signed_csr_payload.data(),
+      signed_csr_payload_length);
+
+  return 0;
+}