Merge latest oemcrypto-v17 change

No-Typo-Check: Not related to this change.

Bug: 161477208
Change-Id: I99e4780f6855b7045aa0cd5a49c13d2d0d51ed64

libwvdrmengine/oemcrypto/test/fuzz_tests/build_oemcrypto_fuzztests

@@ -1,4 +1,16 @@
 #!/bin/bash
+
+echo "XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX"
+echo "XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX"
+echo "TODO(b/192560463): The OPK does not build because it expects an"
+echo "older version of the ODK library. The ipc_ref tests do not work because"
+echo "the reference code is v17 but OPK is v16."
+# Also, if you are fixing this script, it should probably be moved to the jenkins
+# directory, so that it is next to all the other scripts that Luci runs.
+echo "XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX"
+echo "XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX---XXX"
+exit 0
+
 set -ex
 
 export CXX=clang++
@@ -16,4 +28,4 @@ python3 $PATH_TO_CDM_DIR/third_party/gyp/__init__.py --format=ninja \
     --depth=$(pwd) \
     --include=oemcrypto/test/fuzz_tests/oemcrypto_opk_fuzztests.gypi \
     oemcrypto/test/fuzz_tests/oemcrypto_opk_fuzztests.gyp
-ninja -C out/Default
+ninja -C out/Default

libwvdrmengine/oemcrypto/test/fuzz_tests/oemcrypto_copy_buffer_fuzz.cc

@@ -0,0 +1,94 @@
+// Copyright 2020 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine Master
+// License Agreement.
+
+#include "OEMCryptoCENC.h"
+#include "log.h"
+#include "oemcrypto_fuzz_helper.h"
+#include "oemcrypto_fuzz_structs.h"
+
+namespace wvoec {
+// Free dynamic memory allocated by fuzzer script.
+void FreeOutputBuffers(OEMCrypto_SESSION session_id,
+                       OEMCrypto_DestBufferDesc& output_descriptor,
+                       int* secure_fd) {
+  switch (output_descriptor.type) {
+    case OEMCrypto_BufferType_Clear: {
+      delete[] output_descriptor.buffer.clear.address;
+      break;
+    }
+    case OEMCrypto_BufferType_Secure: {
+      OEMCrypto_FreeSecureBuffer(session_id, &output_descriptor, *secure_fd);
+      break;
+    }
+    case OEMCrypto_BufferType_Direct: {
+      break;
+    }
+  }
+}
+
+bool InitializeOutputBuffers(OEMCrypto_SESSION session_id,
+                             OEMCrypto_DestBufferDesc& output_descriptor,
+                             int* secure_fd, size_t input_buffer_size) {
+  switch (output_descriptor.type) {
+    case OEMCrypto_BufferType_Clear: {
+      output_descriptor.buffer.clear.address =
+          new OEMCrypto_SharedMemory[input_buffer_size];
+      return true;
+    }
+    case OEMCrypto_BufferType_Secure: {
+      OEMCryptoResult sts = OEMCrypto_AllocateSecureBuffer(
+          session_id, input_buffer_size, &output_descriptor, secure_fd);
+      return sts == OEMCrypto_SUCCESS;
+    }
+    case OEMCrypto_BufferType_Direct: {
+      return true;
+    }
+  }
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  // Redirect printf and log statements from oemcrypto functions to a file to
+  // reduce noise
+  RedirectStdoutToFile();
+  uint8_t subsample_flags;
+
+  // OEMCrypto_DestBufferDesc and a buffer from which data needs to be copied
+  // are expected as inputs to copy buffer API.
+  // Input fuzzed data is interpreted as
+  // (OEMCrypto_DestBufferDesc | subsample_flags | input_buffer)
+  if (size <= sizeof(OEMCrypto_Copy_Buffer_Fuzz)) {
+    return 0;
+  }
+  OEMCrypto_Copy_Buffer_Fuzz fuzzed_structure;
+  // Fuzz dest_buffer_desc.
+  memcpy(&fuzzed_structure, data, sizeof(fuzzed_structure));
+  ConvertDataToValidEnum(OEMCrypto_BufferType_MaxValue,
+                         &fuzzed_structure.dest_buffer_desc.type);
+
+  OEMCryptoLicenseAPIFuzz license_api_fuzz;
+  Session* session = license_api_fuzz.session();
+  // Fuzz input buffer to be copied.
+  size_t input_buffer_size = size - sizeof(fuzzed_structure);
+  int secure_fd = 0;
+  // Create output buffer pointers. If secure buffer is not supported, we
+  // explicitly convert to clear buffer and fuzz.
+  if (!InitializeOutputBuffers(session->session_id(),
+                               fuzzed_structure.dest_buffer_desc, &secure_fd,
+                               input_buffer_size)) {
+    LOGI(
+        "[OEMCrypto decrypt CENC fuzz] Secure buffers are not supported. Use "
+        "clear buffer instead.");
+    fuzzed_structure.dest_buffer_desc.type = OEMCrypto_BufferType_Clear;
+    InitializeOutputBuffers(session->session_id(),
+                            fuzzed_structure.dest_buffer_desc, &secure_fd,
+                            input_buffer_size);
+  }
+  OEMCrypto_CopyBuffer(session->session_id(), data + sizeof(fuzzed_structure),
+                       input_buffer_size, &fuzzed_structure.dest_buffer_desc,
+                       subsample_flags);
+  FreeOutputBuffers(session->session_id(), fuzzed_structure.dest_buffer_desc,
+                    &secure_fd);
+  return 0;
+}
+}  // namespace wvoec

libwvdrmengine/oemcrypto/test/fuzz_tests/oemcrypto_decrypt_cenc_fuzz.cc

@@ -20,7 +20,7 @@ void FreeOutputBuffers(OEMCrypto_SESSION session_id,
         sample_description[i].buffers.output_descriptor;
     switch (fuzzed_output_descriptor.type) {
       case OEMCrypto_BufferType_Clear: {
-        delete[] fuzzed_output_descriptor.buffer.clear.address;
+        delete[] fuzzed_output_descriptor.buffer.clear.clear_buffer;
         break;
       }
       case OEMCrypto_BufferType_Secure: {
@@ -44,9 +44,10 @@ bool InitializeOutputBuffers(OEMCrypto_SESSION session_id,
                              vector<int>& secure_fd_array) {
   switch (output_descriptor.type) {
     case OEMCrypto_BufferType_Clear: {
-      output_descriptor.buffer.clear
-          .address = new OEMCrypto_SharedMemory[std::min(
-          MAX_FUZZ_SAMPLE_SIZE, output_descriptor.buffer.clear.address_length)];
+      output_descriptor.buffer.clear.clear_buffer =
+          new OEMCrypto_SharedMemory[std::min(
+              MAX_FUZZ_SAMPLE_SIZE,
+              output_descriptor.buffer.clear.clear_buffer_length)];
       return true;
     }
     case OEMCrypto_BufferType_Secure: {
@@ -54,7 +55,7 @@ bool InitializeOutputBuffers(OEMCrypto_SESSION session_id,
       OEMCryptoResult sts = OEMCrypto_AllocateSecureBuffer(
           session_id,
           std::min(MAX_FUZZ_SAMPLE_SIZE,
-                   output_descriptor.buffer.secure.handle_length),
+                   output_descriptor.buffer.secure.secure_buffer_length),
           &output_descriptor, secure_fd);
       if (sts == OEMCrypto_SUCCESS) secure_fd_array[sample_index] = *secure_fd;
       return sts == OEMCrypto_SUCCESS;

libwvdrmengine/oemcrypto/test/fuzz_tests/oemcrypto_fuzz_structs.h

@@ -68,6 +68,14 @@ struct OEMCrypto_Generate_RSA_Signature_Fuzz {
   // input buffer data is of variable length and not included in
   // this structure.
 };
+
+struct OEMCrypto_Copy_Buffer_Fuzz {
+  // Corpus format is as below.
+  // dest_buffer_desc + subsample_flags + input buffer
+  OEMCrypto_DestBufferDesc dest_buffer_desc;
+  uint8_t subsample_flags;
+  // Input buffer of variable length is not included in this structure.
+};
 }  // namespace wvoec
 
 #endif  // OEMCRYPTO_FUZZ_STRUCTS_H_

libwvdrmengine/oemcrypto/test/fuzz_tests/oemcrypto_generate_signature.cc

@@ -10,7 +10,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
   if (!is_init) {
     wvoec::global_features.Initialize();
     wvoec::global_features.RestrictFilter("*");
-    wvcdm::Properties::Init();
+    wvutil::Properties::Init();
     is_init = true;
   }