c7e237eb00
Several updates to fuzz tests, including http://go/wvgerrit/124043 Add documentation for partners to run fuzzing http://go/wvgerrit/128224 Fix generic verify fuzz script http://go/wvgerrit/120507 Fuzzing: Add fuzzer for reportusage API http://go/wvgerrit/120503 Fuzzing: Add fuzzer for deactivate usageentry API http://go/wvgerrit/120463 Fuzzing: Add logic to exit fuzzer script http://go/wvgerrit/120444 Fuzzing: Add fuzzer for loadusageentry API Bug: 183154879 Bug: 202994773 Bug: 186785830 Test: test only code Change-Id: I877681461824c51bc82f0766a9973378aafadba7
68 lines
2.7 KiB
C++
68 lines
2.7 KiB
C++
// Copyright 2020 Google LLC. All Rights Reserved. This file and proprietary
|
|
// source code may only be used and distributed under the Widevine
|
|
// License Agreement.
|
|
|
|
#include <openssl/hmac.h>
|
|
#include <openssl/sha.h>
|
|
|
|
#include "OEMCryptoCENC.h"
|
|
#include "log.h"
|
|
#include "oemcrypto_fuzz_helper.h"
|
|
#include "oemcrypto_fuzz_structs.h"
|
|
#include "oemcrypto_types.h"
|
|
|
|
namespace wvoec {
|
|
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
|
|
// Redirect printf and log statements from oemcrypto functions to a file to
|
|
// reduce noise
|
|
RedirectStdoutToFile();
|
|
|
|
OEMCrypto_Generic_Verify_Fuzz fuzzed_structure;
|
|
if (size < sizeof(fuzzed_structure)) {
|
|
return 0;
|
|
}
|
|
// Copy OEMCrypto_Generic_Verify_Fuzz from input data.
|
|
memcpy(&fuzzed_structure, data, sizeof(fuzzed_structure));
|
|
ConvertDataToValidEnum(OEMCrypto_CipherMode_MaxValue,
|
|
&fuzzed_structure.cipher_mode);
|
|
ConvertDataToValidEnum(OEMCrypto_Algorithm_MaxValue,
|
|
&fuzzed_structure.algorithm);
|
|
|
|
size_t in_buffer_size = size - sizeof(fuzzed_structure);
|
|
if (in_buffer_size == 0) {
|
|
return 0;
|
|
}
|
|
// Copy clear buffer from input data.
|
|
vector<uint8_t> in_buffer(in_buffer_size);
|
|
memcpy(in_buffer.data(), data + sizeof(fuzzed_structure), in_buffer_size);
|
|
|
|
OEMCryptoLicenseAPIFuzz license_api_fuzz;
|
|
Session* session = license_api_fuzz.session();
|
|
// Load license and call generic_verify API.
|
|
license_api_fuzz.LoadLicense();
|
|
OEMCrypto_SelectKey(session->session_id(), session->license().keys[0].key_id,
|
|
session->license().keys[0].key_id_length,
|
|
OEMCrypto_CipherMode_CTR);
|
|
// Calculate signature for in buffer.
|
|
size_t signature_length = 0;
|
|
OEMCrypto_Generic_Sign(session->session_id(), in_buffer.data(),
|
|
in_buffer.size(), fuzzed_structure.algorithm, nullptr,
|
|
&signature_length);
|
|
vector<uint8_t> signature(signature_length);
|
|
OEMCrypto_Generic_Sign(session->session_id(), in_buffer.data(),
|
|
in_buffer.size(), fuzzed_structure.algorithm,
|
|
signature.data(), &signature_length);
|
|
|
|
OEMCrypto_SelectKey(session->session_id(), session->license().keys[0].key_id,
|
|
session->license().keys[0].key_id_length,
|
|
fuzzed_structure.cipher_mode);
|
|
signature_length =
|
|
std::min(MAX_FUZZ_SIGNATURE_LENGTH, fuzzed_structure.signature_length);
|
|
signature.resize(signature_length);
|
|
OEMCrypto_Generic_Verify(session->session_id(), in_buffer.data(),
|
|
in_buffer.size(), fuzzed_structure.algorithm,
|
|
signature.data(), signature_length);
|
|
return 0;
|
|
}
|
|
} // namespace wvoec
|