88d6b53ba3
This change updates the unit tests to have more comments so that it is more clear what went wrong if a test fails. Also, some utility code has been changed to make it easier to support new platforms and read/write locks. Also, the reference code has had some refactoring added to make it easier for Widevine to test CDM code. There should be no functionality differences in the reference code. Also, in the main API doc, there was an obsolete paragraph in the description of the threading model. This paragraph has been removed.
OEM certificate generation tool
Supports
- Generating CSR (certificate signing request)
- Generating OEM intermediate certificate (for testing)
- Generating OEM leaf certificate chain
- Erasing file securely
- Getting CSR/certificate/certificate chain information
Prerequirements
- Install pip: https://pip.pypa.io/en/stable/installing/
- Install python cryptography: https://cryptography.io/en/latest/installation/
Usage
Run python oem_certificate.py --help to see available commands.
The arguments can be partially or fully loaded from a configuration file, for example, if file "location.cfg" is,
-C=US
-ST=CA
-L=Kirkland
-O=Some Company
-OU=Some Unit
A command of
python oem_certificate.py generate_csr @location.cfg -CN TestDevice1 \
--output_csr_file=csr.pem --output_private_key_file=key.der
is equivalent to
python oem_certificate.py generate_csr -CN TestDevice1 -C=US -ST=CA \
-L=Kirkland -O='Some Company' -OU='Some Unit' --output_csr_file=csr.pem \
--output_private_key_file=key.der.
Note that
- The arguments in the config file must be one per line;
- The arguments should not be quoted in the config file.
The script uses a default configuration file 'oem_certificate.cfg', which will be loaded automatically if exists.