Update to ODK v18.3

2023-07-20 18:11:31 +00:00
parent 2bfd670424
commit 74178f968f
39 changed files with 14570 additions and 600 deletions
--- a/oemcrypto/odk/test/fuzzing/Android.bp
+++ b/oemcrypto/odk/test/fuzzing/Android.bp
@@ -11,6 +11,7 @@ package {
    // all of the 'license_kinds' from "vendor_widevine_license"
    // to get the below license kinds:
    //   legacy_by_exception_only (by exception only)
+    //   legacy_proprietary (by exception only)
    default_applicable_licenses: ["vendor_widevine_license"],
 }

--- a/oemcrypto/odk/test/fuzzing/corpus_generator/Android.bp
+++ b/oemcrypto/odk/test/fuzzing/corpus_generator/Android.bp
@@ -18,6 +18,7 @@ package {
    // all of the 'license_kinds' from "vendor_widevine_license"
    // to get the below license kinds:
    //   legacy_by_exception_only (by exception only)
+    //   legacy_proprietary (by exception only)
    default_applicable_licenses: ["vendor_widevine_license"],
 }

--- a/oemcrypto/odk/test/fuzzing/corpus_generator/odk_corpus_generator.c
+++ b/oemcrypto/odk/test/fuzzing/corpus_generator/odk_corpus_generator.c
@@ -113,15 +113,14 @@ OEMCryptoResult ODK_ParseRenewal(const uint8_t* message, size_t message_length,

 OEMCryptoResult ODK_PrepareCoreProvisioningRequest(
    uint8_t* message, size_t message_length, size_t* core_message_length,
-    const ODK_NonceValues* nonce_values, const uint8_t* device_id,
-    size_t device_id_length) {
+    const ODK_NonceValues* nonce_values,
+    const ODK_MessageCounterInfo* counter_info) {
  OEMCryptoResult (*original_function)(uint8_t*, size_t, size_t*,
-                                       const ODK_NonceValues*, const uint8_t*,
-                                       size_t);
+                                       const ODK_NonceValues*,
+                                       const ODK_MessageCounterInfo*);
  original_function = dlsym(RTLD_NEXT, "ODK_PrepareCoreProvisioningRequest");
-  OEMCryptoResult oem_crypto_result =
-      (*original_function)(message, message_length, core_message_length,
-                           nonce_values, device_id, device_id_length);
+  OEMCryptoResult oem_crypto_result = (*original_function)(
+      message, message_length, core_message_length, nonce_values, counter_info);
  char* file_name = GetFileName("provisioning_request_corpus");

  // Provisioning Request format expected by fuzzer - [Core Provisioning
@@ -134,18 +133,19 @@ OEMCryptoResult ODK_PrepareCoreProvisioningRequest(
 OEMCryptoResult ODK_ParseProvisioning(
    const uint8_t* message, size_t message_length, size_t core_message_length,
    const ODK_NonceValues* nonce_values, const uint8_t* device_id,
-    size_t device_id_length, ODK_ParsedProvisioning* parsed_response) {
+    size_t device_id_length, ODK_MessageCounterInfo* counter_info,
+    ODK_ParsedProvisioning* parsed_response) {
  struct ODK_ParseProvisioning_Args parse_provisioning_args;
  parse_provisioning_args.nonce_values = *nonce_values;
  memcpy(parse_provisioning_args.device_id, device_id, device_id_length);
  parse_provisioning_args.device_id_length = device_id_length;
-  OEMCryptoResult (*original_function)(const uint8_t*, size_t, size_t,
-                                       const ODK_NonceValues*, const uint8_t*,
-                                       size_t, ODK_ParsedProvisioning*);
+  OEMCryptoResult (*original_function)(
+      const uint8_t*, size_t, size_t, const ODK_NonceValues*, const uint8_t*,
+      size_t, ODK_MessageCounterInfo*, ODK_ParsedProvisioning*);
  original_function = dlsym(RTLD_NEXT, "ODK_ParseProvisioning");
  OEMCryptoResult oem_crypto_result = (*original_function)(
      message, message_length, core_message_length, nonce_values, device_id,
-      device_id_length, parsed_response);
+      device_id_length, counter_info, parsed_response);
  char* file_name = GetFileName("provisioning_response_corpus");

  // Provisioning Response format expected by fuzzer -
--- a/oemcrypto/odk/test/fuzzing/odk_fuzz.gyp
+++ b/oemcrypto/odk/test/fuzzing/odk_fuzz.gyp
@@ -23,7 +23,7 @@
          '-Wno-error=cast-qual',
        ],
        'cflags_cc': [
-          '-std=c++11',
+          '-std=c++14',
          '-g3',
          '-O0',
          '-fsanitize=fuzzer,address,undefined',
--- a/oemcrypto/odk/test/fuzzing/odk_fuzz_helper.cpp
+++ b/oemcrypto/odk/test/fuzzing/odk_fuzz_helper.cpp
@@ -4,8 +4,12 @@
 #include "fuzzing/odk_fuzz_helper.h"

 #include <string>
+#include <vector>

+#include "core_message_types.h"
 #include "odk.h"
+#include "odk_attributes.h"
+#include "odk_structs.h"

 namespace oemcrypto_core_message {
 using features::CoreMessageFeatures;
@@ -39,7 +43,11 @@ OEMCryptoResult odk_serialize_LicenseRequest(
    const void* in UNUSED, uint8_t* out, size_t* size,
    const ODK_LicenseRequest& core_license_request UNUSED,
    const ODK_NonceValues* nonce_values) {
-  return ODK_PrepareCoreLicenseRequest(out, SIZE_MAX, size, nonce_values);
+  // TODO(mattfedd): hook up counters to fuzzer
+  const ODK_MessageCounterInfo counter_info = {0, 0, 0,   0,   0,
+                                               0, 0, {0}, {0}, {0}};
+  return ODK_PrepareCoreLicenseRequest(out, SIZE_MAX, size, nonce_values,
+                                       &counter_info);
 }

 OEMCryptoResult odk_serialize_RenewalRequest(
@@ -54,12 +62,13 @@ OEMCryptoResult odk_serialize_RenewalRequest(

 OEMCryptoResult odk_serialize_ProvisioningRequest(
    const void* in UNUSED, uint8_t* out, size_t* size,
-    const ODK_ProvisioningRequest& core_provisioning,
+    const ODK_ProvisioningRequest& core_provisioning UNUSED,
    const ODK_NonceValues* nonce_values) {
-  const std::string& device_id = core_provisioning.device_id;
-  return ODK_PrepareCoreProvisioningRequest(
-      out, SIZE_MAX, size, nonce_values,
-      reinterpret_cast<const uint8_t*>(device_id.data()), device_id.size());
+  // TODO(mattfedd): hook up counters to fuzzer
+  const ODK_MessageCounterInfo counter_info = {0, 0, 0,   0,   0,
+                                               0, 0, {0}, {0}, {0}};
+  return ODK_PrepareCoreProvisioningRequest(out, SIZE_MAX, size, nonce_values,
+                                            &counter_info);
 }

 OEMCryptoResult odk_deserialize_LicenseResponse(const uint8_t* message,
@@ -69,9 +78,9 @@ OEMCryptoResult odk_deserialize_LicenseResponse(const uint8_t* message,
                                                ODK_ParsedLicense* parsed_lic) {
  return ODK_ParseLicense(message, SIZE_MAX, core_message_length,
                          static_cast<bool>(a->initial_license_load),
-                          static_cast<bool>(a->usage_entry_present),
+                          static_cast<bool>(a->usage_entry_present), 0,
                          &a->timer_limits, &a->clock_values, nonce_values,
-                          parsed_lic);
+                          parsed_lic, nullptr);
 }

 OEMCryptoResult odk_deserialize_RenewalResponse(
@@ -119,13 +128,32 @@ bool kdo_serialize_LicenseResponse(const ODK_ParseLicense_Args* args,
                                   const ODK_ParsedLicense& parsed_lic,
                                   std::string* oemcrypto_core_message) {
  const auto& nonce_values = args->nonce_values;
-  ODK_LicenseRequest core_request{nonce_values.api_minor_version,
-                                  nonce_values.api_major_version,
-                                  nonce_values.nonce, nonce_values.session_id};
+  const ODK_MessageCounter counter_info = {0, 0, 0, 0, 0, 0, 0, {0}, {0}, {0}};
+  ODK_LicenseRequest core_request{
+      nonce_values.api_minor_version, nonce_values.api_major_version,
+      nonce_values.nonce, nonce_values.session_id, counter_info};
  std::string core_request_sha_256(
      reinterpret_cast<const char*>(args->request_hash), ODK_SHA256_HASH_SIZE);
+  ODK_Packing_ParsedLicense parsed_license;
+  parsed_license.enc_mac_keys_iv = parsed_lic.enc_mac_keys_iv;
+  parsed_license.enc_mac_keys = parsed_lic.enc_mac_keys;
+  parsed_license.pst = parsed_lic.pst;
+  parsed_license.srm_restriction_data = parsed_lic.srm_restriction_data;
+  parsed_license.license_type = parsed_lic.license_type;
+  parsed_license.nonce_required = parsed_lic.nonce_required;
+  parsed_license.timer_limits = parsed_lic.timer_limits;
+  parsed_license.watermarking = parsed_lic.watermarking;
+  parsed_license.dtcp2_required = parsed_lic.dtcp2_required;
+  parsed_license.renewal_delay_base = parsed_lic.renewal_delay_base;
+  parsed_license.key_array_length = parsed_lic.key_array_length;
+  std::vector<OEMCrypto_KeyObject> key_array;
+  size_t i;
+  for (i = 0; i < parsed_lic.key_array_length; i++) {
+    key_array.push_back(parsed_lic.key_array[i]);
+  }
+  parsed_license.key_array = key_array.data();
  return serialize::CreateCoreLicenseResponse(
-      CoreMessageFeatures::kDefaultFeatures, parsed_lic, core_request,
+      CoreMessageFeatures::kDefaultFeatures, parsed_license, core_request,
      core_request_sha_256, oemcrypto_core_message);
 }

@@ -151,11 +179,17 @@ bool kdo_serialize_ProvisioningResponse(
  if (args->device_id_length > sizeof(args->device_id)) {
    return false;
  }
+  const ODK_MessageCounter counter_info = {0, 0, 0, 0, 0, 0, 0, {0}, {0}, {0}};
  ODK_ProvisioningRequest core_request{
-      nonce_values.api_minor_version, nonce_values.api_major_version,
-      nonce_values.nonce, nonce_values.session_id,
+      nonce_values.api_minor_version,
+      nonce_values.api_major_version,
+      nonce_values.nonce,
+      nonce_values.session_id,
      std::string(reinterpret_cast<const char*>(args->device_id),
-                  args->device_id_length)};
+                  args->device_id_length),
+      0,
+      "",
+      counter_info};
  return serialize::CreateCoreProvisioningResponse(
      CoreMessageFeatures::kDefaultFeatures, parsed_prov, core_request,
      oemcrypto_core_message);