All BSE features can be used either from the command line or a graphical user interface.
Broadcast Signing Engine, version 0.3.2
Feedback to bse-users@lists.sourceforge.net
Usage: bse command arguments
or: bse -args argfile
or: bse -gui
Commands:
root Generate an MHP root certificate.
request Generate a request for an MHP leaf certificate.
sign Respond to a certificate request by signing an X509
certificate.
xlet Sign an Xlet.
The arguments take the form of attribute/value pairs, like
"file: /tmp/myCert". Used with -args, argfile must be a
text file, containing the arguments in the above format.
Quoted strings may appear in this file.
Command: xlet
Signs an MHP Xlet
Arguments:
certs: Full names of all certificate files in the certificate
chain, separated by the OS path separator.
The file names must be in the correct ascending order:
signing certificate first and root certificate last.
key: Full name of file containing signing private key
src: Base directory to copy Xlet files from
dest: Destination. If this is equal to src, the files will be
added/modified in this directory. Otherwise,
a directory with this name will be created and
if the directory already exists and the optional rm
argument is not set to "true" the command will fail.
Plus, optionally:
files: Full names of all files to be signed, separated by the
OS path separator. All other files will not be signed.
If this argument is left out all files will be signed.
rm: If set to "true", the dest directory will be deleted
in the case that it already exists. If set to "false"
(or anything else) or left out, the command will fail if
the dest directory already exists.
This command creates a ready to broadcast Xlet file structure
under the dest directory.
Command: root
Generates an MHP root certificate
Arguments:
name: Subject commonName of root CA
country: Subject countryName of root CA
email: Subject e-mail address of root CA
validFrom: Date cert is valid from, in dd/mm/yyyy format
validUntil: Date cert is valid until, in dd/mm/yyyy format
serial: Serial number of certificate
strength: Length of key in bits
file: Where to store the results
This command generates two files: one that contains the private key and one that contains the public certificate.
Command: request
Generates a request for an MHP leaf certificate
Arguments:
name: Subject commonName of leaf (not including org id)
country: Subject countryName of leaf
email: Subject e-mail address of leaf
strength: Length of key in bits
file: Where to store the results.
Plus, optionally:
org: Subject organisation specific text followed by a
dot and the organisation ID as eight hex digits
with leading zeroes
validFrom: Date cert to be valid from, in dd/mm/yyyy format
validUntil: Date cert to be valid until, in dd/mm/yyyy format
This command creates two files: one that contains the private key and one that contains the certificate request in DER encoded format.
Command: sign
Signs an MHP certificate
Arguments:
csrFile: Certificate signing request file
certFile: File containing signer's X509 certificate
keyFile: File containing signer's private key
validFrom: Date cert to be valid from, in dd/mm/yyyy format
validUntil: Date cert to be valid until, in dd/mm/yyyy format
file: Where to store the results
Optional arguments:
leaf: Whether the certificate is a leaf (true, default)
or not (false)