From ac942791c90c4442ecab246b5eb6b8d4c211badd Mon Sep 17 00:00:00 2001 From: Bharath Chandra Elluru Date: Tue, 12 May 2020 16:18:30 -0700 Subject: [PATCH 1/2] Merging Android odk fuzz changes to improve coverage from http://go/wvgerrit/99911 Test: The changs have been made in google3 and fuzzer has been running successfully with improved coverage Critique CL: http://cl/310633618 Bug: b/155435131 Change-Id: Ib02601302db238ce8fbeb3963ce8e05e864ba985 Change-Id: I11eba4d1aa1536b44929b742a5e2c2bf89d818fb --- .../odk/test/fuzzing/odk_fuzz_helper.cpp | 24 ++++++++++++------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/libwvdrmengine/oemcrypto/odk/test/fuzzing/odk_fuzz_helper.cpp b/libwvdrmengine/oemcrypto/odk/test/fuzzing/odk_fuzz_helper.cpp index 889b205e..3e6f2e05 100644 --- a/libwvdrmengine/oemcrypto/odk/test/fuzzing/odk_fuzz_helper.cpp +++ b/libwvdrmengine/oemcrypto/odk/test/fuzzing/odk_fuzz_helper.cpp @@ -88,15 +88,23 @@ OEMCryptoResult odk_deserialize_RenewalResponse( OEMCryptoResult err = ODK_ParseRenewal(buf, SIZE_MAX, len, nonce_values, a->system_time, &a->timer_limits, &a->clock_values, &timer_value); - if (OEMCrypto_SUCCESS == err) { - Message* msg = nullptr; - AllocateMessage(&msg, message_block); - InitMessage(msg, const_cast(buf), len); - SetSize(msg, len); - Unpack_ODK_PreparedRenewalRequest(msg, renewal_msg); - assert(ValidMessage(msg)); + const bool is_parse_renewal_response_successful = + err == ODK_SET_TIMER || err == ODK_DISABLE_TIMER || + err == ODK_TIMER_EXPIRED || err == ODK_STALE_RENEWAL; + if (!is_parse_renewal_response_successful) { + return err; } - return err; + // In order to capture playback_time information which is part of + // renewal_msg and will be later used in kdo_serialize_RenewalResponse in + // odk_kdo method, we call Unpack_ODK_PreparedRenewalRequest private method. + // playback_time cannot be captured from publicly exposed API + // ODK_ParseRenewal. + Message* msg = nullptr; + AllocateMessage(&msg, message_block); + InitMessage(msg, const_cast(buf), len); + SetSize(msg, len); + Unpack_ODK_PreparedRenewalRequest(msg, renewal_msg); + return OEMCrypto_SUCCESS; } OEMCryptoResult odk_deserialize_ProvisioningResponse( From 760bf719081b5bd134303d8689b8d544b5df1c20 Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Mon, 11 May 2020 10:16:19 -0700 Subject: [PATCH 2/2] License release does not use core message Merge from Widevine repo of http://go/wvgerrit/99843 When processing a license release, the license is not loaded, so OEMCrypto does not know nonce version information for the core message. It assumes that all license releases are v15, so it is not an error for a license release to not have a core message. This CL also adds some extra logging to tests so that we can track content id and the pssh. This CL also updates some of the test content policies when running the local license server. The local license server is only used for debugging problems. Bug: 152648172 Integration test WvCdmEngineTest.LicenseRenewal failing Bug: 156259697 License release does not need core message Test: Unit tests with v16 mod mock Change-Id: I04c896adadfb17877ce1115345d2419e0d2489f0 --- libwvdrmengine/cdm/core/src/license.cpp | 18 ++++++++++-------- libwvdrmengine/cdm/core/test/test_base.cpp | 1 + .../cdm/test/cdm_extended_duration_test.cpp | 8 ++++++-- libwvdrmengine/cdm/test/cdm_feature_test.cpp | 4 ++++ .../cdm/test/request_license_test.cpp | 4 ++++ 5 files changed, 25 insertions(+), 10 deletions(-) diff --git a/libwvdrmengine/cdm/core/src/license.cpp b/libwvdrmengine/cdm/core/src/license.cpp index f34b4f78..a6585d34 100644 --- a/libwvdrmengine/cdm/core/src/license.cpp +++ b/libwvdrmengine/cdm/core/src/license.cpp @@ -702,12 +702,13 @@ CdmResponseType CdmLicense::HandleKeyUpdateResponse( return INVALID_LICENSE_TYPE; } - // At this point of the license life-cycle (handling a renewal or - // release), we should already know if the license is v15 or not. - // If license is v16, then there should be a |core_message| - // present; otherwise there might have beeen some tampering with the - // request or response. - if (supports_core_messages() && + // At this point of the license life-cycle (handling a renewal), we should + // already know if the license is v15 or not. If license is v16, then a + // renewal should have a |core_message| present; otherwise there might have + // been some tampering with the request or response. On the other hand, a + // release is processed without loading the license, so OEMCrypto does not + // know if it is v15 or v16, and will not add a core message. + if (is_renewal && supports_core_messages() && (!signed_response.has_oemcrypto_core_message() || signed_response.oemcrypto_core_message().empty())) { LOGE("Renewal response is missing |core_message| field"); @@ -720,8 +721,9 @@ CdmResponseType CdmLicense::HandleKeyUpdateResponse( } const std::string& signed_message = signed_response.msg(); const std::string core_message = - supports_core_messages() ? signed_response.oemcrypto_core_message() - : std::string(); + signed_response.has_oemcrypto_core_message() + ? signed_response.oemcrypto_core_message() + : std::string(); const std::string& signature = signed_response.signature(); License license; diff --git a/libwvdrmengine/cdm/core/test/test_base.cpp b/libwvdrmengine/cdm/core/test/test_base.cpp index f3b90bc1..29adcfca 100644 --- a/libwvdrmengine/cdm/core/test/test_base.cpp +++ b/libwvdrmengine/cdm/core/test/test_base.cpp @@ -562,6 +562,7 @@ void TestLicenseHolder::GenerateKeyRequest( CdmAppParameterMap app_parameters; CdmKeySetId key_set_id; InitializationData init_data(init_data_type_string, key_id); + if (g_cutoff >= LOG_DEBUG) init_data.DumpToLogs(); CdmKeyRequest key_request; CdmResponseType result = cdm_engine_->GenerateKeyRequest( session_id_, key_set_id, init_data, kLicenseTypeStreaming, app_parameters, diff --git a/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp b/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp index 3b00e13f..caf0ae10 100644 --- a/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp +++ b/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp @@ -268,9 +268,13 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase { CdmResponseType *response) { CdmAppParameterMap app_parameters; CdmKeyRequest key_request; - + const std::string init_data_type = "video/mp4"; + if (g_cutoff >= LOG_DEBUG) { + InitializationData parsed_init_data(init_data_type, init_data); + parsed_init_data.DumpToLogs(); + } *response = decryptor_->GenerateKeyRequest( - session_id_, key_set_id_, "video/mp4", init_data, + session_id_, key_set_id_, init_data_type, init_data, license_type, app_parameters, nullptr, kDefaultCdmIdentifier, &key_request); if (*response == KEY_MESSAGE) { diff --git a/libwvdrmengine/cdm/test/cdm_feature_test.cpp b/libwvdrmengine/cdm/test/cdm_feature_test.cpp index 5d1f4bf1..254848dd 100644 --- a/libwvdrmengine/cdm/test/cdm_feature_test.cpp +++ b/libwvdrmengine/cdm/test/cdm_feature_test.cpp @@ -326,6 +326,10 @@ class WvCdmFeatureTest : public WvCdmTestBase { CdmKeyRequest key_request; std::string key_set_id; license_type_ = license_type; + if (g_cutoff >= LOG_DEBUG) { + InitializationData parsed_init_data(init_data_type, init_data); + parsed_init_data.DumpToLogs(); + } EXPECT_EQ( expected_response, decryptor_.GenerateKeyRequest( diff --git a/libwvdrmengine/cdm/test/request_license_test.cpp b/libwvdrmengine/cdm/test/request_license_test.cpp index ed36edee..c272d474 100644 --- a/libwvdrmengine/cdm/test/request_license_test.cpp +++ b/libwvdrmengine/cdm/test/request_license_test.cpp @@ -1776,6 +1776,10 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase { CdmKeyRequest key_request; std::string key_set_id; license_type_ = license_type; + if (g_cutoff >= LOG_DEBUG) { + InitializationData parsed_init_data(init_data_type, init_data); + parsed_init_data.DumpToLogs(); + } EXPECT_EQ( expected_response, decryptor_->GenerateKeyRequest(