BSE is a Java application so a Java Runtime Environment must be installed. All development and testing has been done on J2SE 1.4 but it might be possible to run BSE from J2SE version 1.2 onwards.
All BSE features can be used either from the command line or a graphical user interface.
Broadcast Signing Engine, version 0.3.2 Feedback to firstname.lastname@example.org Usage: bse command arguments or: bse -args argfile or: bse -gui Commands: root Generate an MHP root certificate. request Generate a request for an MHP leaf certificate. sign Respond to a certificate request by signing an X509 certificate. xlet Sign an Xlet. The arguments take the form of attribute/value pairs, like "file: /tmp/myCert". Used with -args, argfile must be a text file, containing the arguments in the above format. Quoted strings may appear in this file.
Command: xlet Signs an MHP Xlet Arguments: certs: Full names of all certificate files in the certificate chain, separated by the OS path separator. The file names must be in the correct ascending order: signing certificate first and root certificate last. key: Full name of file containing signing private key src: Base directory to copy Xlet files from dest: Destination. If this is equal to src, the files will be added/modified in this directory. Otherwise, a directory with this name will be created and if the directory already exists and the optional rm argument is not set to "true" the command will fail. Plus, optionally: files: Full names of all files to be signed, separated by the OS path separator. All other files will not be signed. If this argument is left out all files will be signed. rm: If set to "true", the dest directory will be deleted in the case that it already exists. If set to "false" (or anything else) or left out, the command will fail if the dest directory already exists.
This command creates a ready to broadcast Xlet file structure
Command: root Generates an MHP root certificate Arguments: name: Subject commonName of root CA country: Subject countryName of root CA email: Subject e-mail address of root CA validFrom: Date cert is valid from, in dd/mm/yyyy format validUntil: Date cert is valid until, in dd/mm/yyyy format serial: Serial number of certificate strength: Length of key in bits file: Where to store the results
This command generates two files: one that contains the private key and one that contains the public certificate.
Command: request Generates a request for an MHP leaf certificate Arguments: name: Subject commonName of leaf (not including org id) country: Subject countryName of leaf email: Subject e-mail address of leaf strength: Length of key in bits file: Where to store the results. Plus, optionally: org: Subject organisation specific text followed by a dot and the organisation ID as eight hex digits with leading zeroes validFrom: Date cert to be valid from, in dd/mm/yyyy format validUntil: Date cert to be valid until, in dd/mm/yyyy format
This command creates two files: one that contains the private key and one that contains the certificate request in DER encoded format.
Command: sign Signs an MHP certificate Arguments: csrFile: Certificate signing request file certFile: File containing signer's X509 certificate keyFile: File containing signer's private key validFrom: Date cert to be valid from, in dd/mm/yyyy format validUntil: Date cert to be valid until, in dd/mm/yyyy format file: Where to store the results Optional arguments: leaf: Whether the certificate is a leaf (true, default) or not (false)