Source release 19.2.0

2024-06-25 14:03:53 -07:00
parent b8bdfccebe
commit cd8256726f
89 changed files with 2747 additions and 35949 deletions
--- a/oemcrypto/test/oec_session_util.cpp
+++ b/oemcrypto/test/oec_session_util.cpp
@@ -16,6 +16,7 @@
 #include <openssl/hmac.h>
 #include <openssl/pem.h>
 #include <openssl/rand.h>
+#include <openssl/sha.h>
 #include <openssl/x509.h>
 #include <openssl/x509_vfy.h>
 #include <stdint.h>
@@ -359,6 +360,11 @@ void ProvisioningRoundTrip::PrepareSession(
    session_->LoadOEMCert(true);
    session_->GenerateRsaSessionKey();
    encryptor_.set_enc_key(session_->session_key());
+  } else if (global_features.provisioning_method ==
+             OEMCrypto_DrmReprovisioning) {
+    session_->SetTestRsaPublicKey();
+    session_->GenerateRsaSessionKey();
+    encryptor_.set_enc_key(session_->session_key());
  } else {
    EXPECT_EQ(global_features.provisioning_method, OEMCrypto_OEMCertificate);
    session_->LoadOEMCert(true);
@@ -371,7 +377,16 @@ void ProvisioningRoundTrip::VerifyRequestSignature(
    const vector<uint8_t>& data, const vector<uint8_t>& generated_signature,
    size_t core_message_length) {
  if (keybox_ == nullptr) {
-    session()->VerifyRsaSignature(data, generated_signature.data(),
+    std::vector<uint8_t> signature_source;
+    if (global_features.provisioning_method == OEMCrypto_DrmReprovisioning) {
+      // DRM Reprovisioning uses protocol 2.2 which computes signatures for the
+      // sha512 hash of the message and not the full message.
+      signature_source.resize(SHA512_DIGEST_LENGTH);
+      SHA512(data.data(), data.size(), signature_source.data());
+    } else {
+      signature_source = data;
+    }
+    session()->VerifyRsaSignature(signature_source, generated_signature.data(),
                                  generated_signature.size(), kSign_RSASSA_PSS);
  } else {
    // Setup the derived keys using the proto message (ignoring the core
@@ -1575,7 +1590,7 @@ void RenewalRoundTrip::EncryptAndSignResponse() {
 }

 void RenewalRoundTrip::InjectFuzzedResponseData(
-    OEMCrypto_Renewal_Response_Fuzz& fuzzed_data,
+    const OEMCrypto_Renewal_Response_Fuzz& fuzzed_data,
    const uint8_t* renewal_response, const size_t renewal_response_size) {
  // TODO(b/191724203): Test renewal server has different version from license
  // server.
@@ -1692,8 +1707,53 @@ void ReleaseRoundTrip::EncryptAndSignResponse() {
  SetEncryptAndSignResponseLengths();
 }

+void ReleaseRoundTrip::InjectFuzzedResponseData(
+    const OEMCrypto_Release_Response_Fuzz& fuzzed_data,
+    const uint8_t* release_response, const size_t release_response_size) {
+  ASSERT_NE(license_messages_, nullptr);
+  CoreMessageFeatures features =
+      CoreMessageFeatures::DefaultFeatures(license_messages_->api_version());
+  // Serializing core message.
+  // This call also sets nonce in core response to match with session nonce.
+  oemcrypto_core_message::serialize::CreateCoreReleaseResponse(
+      features, fuzzed_data.core_request,
+      fuzzed_data.seconds_since_license_received,
+      fuzzed_data.seconds_since_first_decrypt, &serialized_core_message_);
+
+  // Copy serialized core message and encrypted response from data and
+  // calculate signature. Now we will have a valid signature for data
+  // generated by fuzzer.
+  encrypted_response_.assign(serialized_core_message_.begin(),
+                             serialized_core_message_.end());
+  encrypted_response_.insert(encrypted_response_.end(), release_response,
+                             release_response + release_response_size);
+  session()->key_deriver().ServerSignBuffer(encrypted_response_.data(),
+                                            encrypted_response_.size(),
+                                            &response_signature_);
+}
+
 OEMCryptoResult ReleaseRoundTrip::LoadResponse(Session* session) {
-  // TODO(vickymin): Write corpus for oemcrypto_load_release_fuzz.
+  // Write corpus for oemcrypto_load_renewal_fuzz. Fuzz script expects
+  // encrypted response from Renewal server as input corpus data.
+  // Data will be signed again explicitly by fuzzer script after mutations.
+  if (ShouldGenerateCorpus()) {
+    const std::string file_name =
+        GetFileName("oemcrypto_load_release_fuzz_seed_corpus");
+    // Corpus for release response fuzzer should be in the format:
+    // OEMCrypto_Release_Response_Fuzz + license_release_response.
+    OEMCrypto_Release_Response_Fuzz release_response_fuzz;
+    release_response_fuzz.core_request = core_request_;
+    release_response_fuzz.seconds_since_license_received =
+        seconds_since_license_received_;
+    release_response_fuzz.seconds_since_first_decrypt =
+        seconds_since_first_decrypt_;
+    AppendToFile(file_name,
+                 reinterpret_cast<const char*>(&release_response_fuzz),
+                 sizeof(release_response_fuzz));
+    AppendToFile(file_name,
+                 reinterpret_cast<const char*>(&encrypted_response_data_),
+                 sizeof(encrypted_response_data_));
+  }
  VerifyEncryptAndSignResponseLengths();
  return OEMCrypto_LoadRelease(
      session->session_id(), encrypted_response_.data(),
@@ -2309,6 +2369,9 @@ void WriteRequestApiCorpus(size_t signature_length, size_t core_message_length,
  } else if (std::is_same<CoreRequest,
                          oemcrypto_core_message::ODK_RenewalRequest>::value) {
    file_name = GetFileName("oemcrypto_renewal_request_fuzz_seed_corpus");
+  } else if (std::is_same<CoreRequest,
+                          oemcrypto_core_message::ODK_ReleaseRequest>::value) {
+    file_name = GetFileName("oemcrypto_release_request_fuzz_seed_corpus");
  } else {
    LOGE("Invalid CoreRequest type while writing request api corups.");
  }