widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0f3c297250687568c6d35b3176c515804092620f
android/libwvdrmengine/oem_certificate_generator
History
John W. Bruce fe23bc40dc Update OEM Certificate scripts for Python 3 
(This is a merge from the Widevine repo of http://go/wvgerrit/131084.)

This patch updates the OEM Certificate scripts to work in Python 3.
Previously, the scripts were nominally Python-2-only, though I actually
couldn't get them to run in either Python 2 or 3. The following changes
were necessary to make the scripts work in Python 3:

1) print() is now a function, not a keyword.
2) xrange() is now range().
3) StringIO is now part of the io package.
4) Python 3 no longer lets you mix strings and byte buffers
   indiscriminately. As such, the code needed to be made more crisp
   about when it is treating a file or other blob of data as binary vs.
   text. Many instances of StringIO had to become BytesIO, and several
   literals had to be turned into byte literals. Passphrase command-line
   parameters are now parsed to UTF-8 bytes during argument parsing.

Bug: 151736642
Test: oem_certificate_test.py
Change-Id: I8ea5d0fda2ea5a2c0289be7612be0b4e508c4abf
2021-09-28 10:08:40 -07:00
..
oem_certificate.py
Update OEM Certificate scripts for Python 3
2021-09-28 10:08:40 -07:00
README.md
Deliver oem_certificate_generator
2017-05-05 00:12:26 +00:00

README.md

OEM certificate generation tool

Supports

  • Generating CSR (certificate signing request)
  • Generating OEM intermediate certificate (for testing)
  • Generating OEM leaf certificate chain
  • Erasing file securely
  • Getting CSR/certificate/certificate chain information

Prerequirements

Usage

Run python oem_certificate.py --help to see available commands.

The arguments can be partially or fully loaded from a configuration file, for example, if file "location.cfg" is,

  -C=US
  -ST=CA
  -L=Kirkland
  -O=Some Company
  -OU=Some Unit

A command of

  python oem_certificate.py generate_csr @location.cfg -CN TestDevice1       \
    --output_csr_file=csr.pem --output_private_key_file=key.der

is equivalent to

  python oem_certificate.py generate_csr -CN TestDevice1 -C=US -ST=CA        \
    -L=Kirkland -O='Some Company' -OU='Some Unit' --output_csr_file=csr.pem  \
    --output_private_key_file=key.der.

Note that

  • The arguments in the config file must be one per line;
  • The arguments should not be quoted in the config file.

The script uses a default configuration file 'oem_certificate.cfg', which will be loaded automatically if exists.