// Copyright 2020 Google LLC. All Rights Reserved. This file and proprietary // source code may only be used and distributed under the Widevine // License Agreement. #include "FuzzedDataProvider.h" #include "OEMCryptoCENC.h" #include "log.h" #include "oec_session_util.h" #include "oemcrypto_fuzz_helper.h" #include "oemcrypto_fuzz_structs.h" #include "oemcrypto_types.h" namespace wvoec { extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { // Redirect printf and log statements from oemcrypto functions to a file to // reduce noise RedirectStdoutToFile(); OEMCrypto_Generic_Api_Fuzz fuzzed_structure; if (size < sizeof(fuzzed_structure)) { return 0; } // Copy OEMCrypto_Generic_Api_Fuzz from input data. FuzzedDataProvider fuzzed_data(data, size); fuzzed_data.ConsumeData(&fuzzed_structure, sizeof(fuzzed_structure)); ConvertDataToValidEnum(OEMCrypto_CipherMode_MaxValue, &fuzzed_structure.cipher_mode); ConvertDataToValidEnum(OEMCrypto_Algorithm_MaxValue, &fuzzed_structure.algorithm); // Copy clear buffer from input data. const std::vector clear_buffer = fuzzed_data.ConsumeRemainingBytes(); OEMCryptoLicenseAPIFuzz license_api_fuzz; Session* session = license_api_fuzz.session(); // Load license and call generic_sign API. license_api_fuzz.LoadLicense(); vector key_handle; GetKeyHandleIntoVector(session->session_id(), session->license().keys[0].key_id, session->license().keys[0].key_id_length, fuzzed_structure.cipher_mode, key_handle); size_t signature_length = 0; OEMCrypto_Generic_Sign(key_handle.data(), key_handle.size(), clear_buffer.data(), clear_buffer.size(), fuzzed_structure.algorithm, nullptr, &signature_length); std::vector signature(signature_length); OEMCrypto_Generic_Sign(key_handle.data(), key_handle.size(), clear_buffer.data(), clear_buffer.size(), fuzzed_structure.algorithm, signature.data(), &signature_length); return 0; } } // namespace wvoec