widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Source release 17.1.2

Browse Source
This commit is contained in:
John "Juce" Bruce
2023-06-23 15:37:42 -07:00
parent a10f13a2dc
commit 2baa7c6e2b
353 changed files with 12903 additions and 2305 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
oemcrypto/test/oec_session_util.cpp
View File

@@ -58,6 +58,27 @@ using oemcrypto_core_message::features::CoreMessageFeatures;
constexpr size_t kTestSubsampleSectionSize = 256;
// Fill objects by consuming a source buffer of fuzzed data.
class FuzzedData {
public:
FuzzedData(const uint8_t* source, size_t source_size)
: source_(source), source_size_(source_size) {}
// Fill the destination buffer with fuzzed data.
void Fill(void* destination, size_t destination_size) {
if (source_ && destination) {
const size_t fill_size = std::min(source_size_, destination_size);
memcpy(destination, source_, fill_size);
source_ += fill_size;
source_size_ -= fill_size;
}
}
private:
const uint8_t* source_;
size_t source_size_;
};
// Encrypt a block of data using CTR mode.
void EncryptCTR(const vector<uint8_t>& in_buffer, const uint8_t* key,
const uint8_t* starting_iv, vector<uint8_t>* out_buffer) {
@@ -459,14 +480,16 @@ void ProvisioningRoundTrip::SignResponse() {
}
void ProvisioningRoundTrip::InjectFuzzedResponseData(const uint8_t* data,
size_t size UNUSED) {
size_t size) {
// Interpreting fuzz data as unencrypted core_response + message_data
const size_t core_response_size = sizeof(ODK_ParsedProvisioning);
FuzzedData fuzzed_data(data, size);
// Copy core_response from data and serialize.
memcpy(&core_response_, data, core_response_size);
fuzzed_data.Fill(&core_response_, sizeof(core_response_));
// Copy provisioning message data into response_data.
memcpy(&response_data_, data + core_response_size, sizeof(response_data_));
fuzzed_data.Fill(&response_data_, sizeof(response_data_));
// Set nonce to one from session to pass nonce checks.
response_data_.nonce = session()->nonce();
}
@@ -682,11 +705,13 @@ void LicenseRoundTrip::InjectFuzzedTimerLimits(
}
void LicenseRoundTrip::InjectFuzzedResponseData(const uint8_t* data,
size_t size UNUSED) {
size_t size) {
// Interpreting fuzz data as unencrypted core_response + message_data
const size_t core_response_size = sizeof(ODK_ParsedLicense);
FuzzedData fuzzed_data(data, size);
// Copy core_response from data.
memcpy(&core_response_, data, core_response_size);
fuzzed_data.Fill(&core_response_, sizeof(core_response_));
// Maximum number of keys could be kMaxNumKeys(30). key_array_length can be
// any random value as it is read from fuzz data.
// Key data array(MessageKeyData keys[kMaxNumKeys]) will be looped over
@@ -697,10 +722,12 @@ void LicenseRoundTrip::InjectFuzzedResponseData(const uint8_t* data,
if (core_response_.key_array_length > kMaxNumKeys) {
core_response_.key_array_length = kMaxNumKeys;
}
// For corpus data, this value gets set to 4, but we need to test other
// scenarios too, hence reading key_array_length value.
set_num_keys(core_response_.key_array_length);
ConvertDataToValidBools(&core_response_);
// TODO(b/157520981): Once assertion bug is fixed, for loop can be removed.
// Workaround for the above bug: key_data.length and key_id.length are being
// used in AES decryption process and are expected to be a multiple of 16. An
@@ -721,9 +748,9 @@ void LicenseRoundTrip::InjectFuzzedResponseData(const uint8_t* data,
// Copy response_data from data and set nonce to match one in request to pass
// nonce validations.
memcpy(&response_data_, data + core_response_size, sizeof(response_data_));
fuzzed_data.Fill(&response_data_, sizeof(response_data_));
for (uint32_t i = 0; i < num_keys_; ++i) {
response_data_.keys[i].control.nonce = session()->nonce();
response_data_.keys[i].control.nonce = htonl(session()->nonce());
}
}
@@ -1592,6 +1619,42 @@ void Session::TestDecryptCTR(bool select_key_first,
}
}
void Session::TestDecryptEntitled(OEMCryptoResult expected_result,
OEMCrypto_SESSION session_id,
const uint8_t* content_key_id,
size_t content_key_id_length) {
OEMCryptoResult select_result = OEMCrypto_SUCCESS;
// Select the key (from FillSimpleMessage)
select_result =
OEMCrypto_SelectKey(session_id, content_key_id, content_key_id_length,
OEMCrypto_CipherMode_CENC);
vector<uint8_t> unencrypted_data;
vector<uint8_t> output_buffer;
vector<uint8_t> encrypted_data(kTestSubsampleSectionSize);
vector<uint8_t> in_buffer(256);
vector<uint8_t> out_buffer(in_buffer.size());
OEMCrypto_SampleDescription sample_description;
OEMCrypto_SubSampleDescription subsample_description;
ASSERT_NO_FATAL_FAILURE(GenerateSimpleSampleDescription(
in_buffer, out_buffer, &sample_description, &subsample_description));
OEMCrypto_CENCEncryptPatternDesc pattern = {0, 0};
EncryptCTR(unencrypted_data, content_key_id, &sample_description.iv[0],
&encrypted_data);
// Try to decrypt the data with oemcrypto session id.
const OEMCryptoResult decrypt_result =
OEMCrypto_DecryptCENC(session_id, &sample_description, 1, &pattern);
// We only have a few errors that we test are reported.
ASSERT_NO_FATAL_FAILURE(
TestDecryptResult(expected_result, select_result, decrypt_result))
<< "Either SelectKey or DecryptCENC should return " << expected_result
<< ", but they returned " << select_result << " and " << decrypt_result
<< ", respectively.";
}
void Session::TestDecryptResult(OEMCryptoResult expected_result,
OEMCryptoResult actual_select_result,
OEMCryptoResult actual_decrypt_result) {