57b391c8b9
- Update ConvertDataToValidEnum to not use FuzzedDataProvider since it causes unexpected parsing results. - Add OEMCryptoLicenseAPIFuzz::LoadLicenseWithGenericCryptoKeys so that generic crypto fuzz tests can load appropriate keys. - Remove custom mutator from oemcrypto_generic_verify_fuzz because it provides minimal additional coverage. - Refresh affected corpus files. Merged from https://widevine-internal-review.googlesource.com/168557 Merged from https://widevine-internal-review.googlesource.com/171191 Merged from https://widevine-internal-review.googlesource.com/172170 Merged from https://widevine-internal-review.googlesource.com/172250 Change-Id: Ie676a36cbf4c12bdda9566fad3590a7b69168d9c
64 lines
2.3 KiB
C++
64 lines
2.3 KiB
C++
// Copyright 2020 Google LLC. All Rights Reserved. This file and proprietary
|
|
// source code may only be used and distributed under the Widevine
|
|
// License Agreement.
|
|
|
|
#include <vector>
|
|
|
|
#include "FuzzedDataProvider.h"
|
|
#include "OEMCryptoCENC.h"
|
|
#include "oec_session_util.h"
|
|
#include "oemcrypto_fuzz_helper.h"
|
|
#include "oemcrypto_fuzz_structs.h"
|
|
|
|
namespace {
|
|
|
|
// Avoid calling non-trivial destructor.
|
|
wvoec::OEMCryptoLicenseAPIFuzz& license_api_fuzz =
|
|
*new wvoec::OEMCryptoLicenseAPIFuzz;
|
|
|
|
} // namespace
|
|
|
|
extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
|
|
wvoec::RedirectStdoutToFile();
|
|
license_api_fuzz.Initialize();
|
|
license_api_fuzz.LoadLicenseWithGenericCryptoKeys();
|
|
return 0;
|
|
}
|
|
|
|
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
|
|
// Split data using separator.
|
|
const std::vector<wvoec::FuzzedData> inputs =
|
|
wvoec::SplitFuzzedData(data, size);
|
|
if (inputs.size() < 2) {
|
|
return 0;
|
|
}
|
|
|
|
// Deserialize fuzzed data.
|
|
wvoec::OEMCrypto_Generic_Api_Fuzz fuzzed_structure;
|
|
if (inputs[0].size < sizeof(fuzzed_structure)) {
|
|
return 0;
|
|
}
|
|
FuzzedDataProvider fuzzed_data(inputs[0].data, inputs[0].size);
|
|
fuzzed_data.ConsumeData(&fuzzed_structure, sizeof(fuzzed_structure));
|
|
wvoec::ConvertDataToValidEnum(OEMCrypto_CipherMode_MaxValue,
|
|
fuzzed_structure.cipher_mode);
|
|
wvoec::ConvertDataToValidEnum(OEMCrypto_Algorithm_MaxValue,
|
|
fuzzed_structure.algorithm);
|
|
const std::vector<uint8_t> buffer =
|
|
fuzzed_data.ConsumeRemainingBytes<uint8_t>();
|
|
const std::vector<uint8_t> signature(inputs[1].data,
|
|
inputs[1].data + inputs[1].size);
|
|
|
|
// Select key and verify.
|
|
wvoec::Session& session = license_api_fuzz.session();
|
|
std::vector<uint8_t> key_handle;
|
|
wvoec::GetKeyHandleIntoVector(session.session_id(),
|
|
session.license().keys[3].key_id,
|
|
session.license().keys[3].key_id_length,
|
|
fuzzed_structure.cipher_mode, key_handle);
|
|
OEMCrypto_Generic_Verify(key_handle.data(), key_handle.size(), buffer.data(),
|
|
buffer.size(), fuzzed_structure.algorithm,
|
|
signature.data(), signature.size());
|
|
return 0;
|
|
}
|