The MHP Security File Generator provides a comprehensive set of tools for use by application developers and broadcasters who are generating DSMCC Object Carousels for the delivery of DVB MHP applications.
The features associated with each of these capabilities are described below.
The product has been developed from the standard and well-proven OpenSSL source code and is written in C. Support for both MD5 and SHA-1 algorithms is provided. Support for key lengths up to 4096 bits is provided.
The product is available for all Windows Win32, Linux i86 and Solaris environments and is readily portable to other Unix variants.
Persistent file credentials are used by applications that have been granted access to files created by other applications or organisations. The credential grants appropriate access rights to the file(s) and needs to be generated by the organisation that created the files. The credential is then passed to the application author for inclusion in the permission file.
The MHP Security File Generator creates a permission file extract containing the signed credential and a certificate file. The application author needs to include the extract into the application's permission file and include the certificate file in the same directory.
The permission file provides details of the various secure resources that the application is permitted to access. This file is generated as an XML document and includes any signed credentials that have been provided by other organisations.
The MHP Security File Generator creates and installs the permission file and any associated certificate files that authenticate credentials in the requested directory.
The process of application authentication involves the creation of a series of hash files at each level in the directory structure that contains the application. After all of the hash files are generated, the top level hash file is then signed and a signature file and certificate file generated.
The MHP Security File Generator first traverses a directory tree generating the hash files at each level in the tree. All system or hidden files are excluded from the hashing process and the user has the option of omitting other files which will not be delivered with the application. The user can also specify files and directories which will not be authenticated; this list should include any entries of stream or stream event resources in the Object Carousel.
Once hash file generation is complete, the Security File Generator signs the top level hash file, creating a signature file, and copies the certificate file into the root directory of the authenticated tree. The generator allows for additional signatures to be applied by including references to additional certificate files in the top-level hash file as unauthenticated objects. When an additional signature needs to be supplied the generator creates new signature and certificate files without re-generating the top-level hash file.
The Security File Generator provides a 'C' language library to support server applications that use Transport Layer Security (TLS). This library includes the ability to select the cipher set defined for use with MHP clients.
The Security File Generator provides the ability to generator certificate chains used with the server side of the TLS system and to generate the corresponding root certificate file that is broadcast to the client in order to verify the TLS server certificate chain.
Application developers who do not generate their own certificates can use the Security File Generator to verify certificate chains that are provided by third parties. The verification includes tests for all X509 version 3 certificate extensions that are mandated for receiver checking, including the verification of name constraints.
The verification also includes the ability to check against authenticated versions of the root certificates (rather than those included in the certificate file) and latest versions of certificate revocation lists (CRLs). Certificate files will need to be re-verified on each change of root certificates effected by the delivery of a Root Certificate Management Message (RCMM).
The certificate installer maintains a database of available certificates that are of interest to the application developer. The database can be updated from certificate files and CRLs issued by Certificate Authorities and by RCMMs issued by the Root Certificate Authority. The database maintains an up to date list of all certificate locations and statuses. This facility simplifies the certificate file management process.
These facilities are used by certificate authorities to generate X509 Certificates, Certificate Revocation Lists and Root Certificate Management Messages.The X509 certificate generator creates new CA or leaf certificates according to the contents of a certificate request file. The certificate's Subject can include all of the Distinguished Name attributes specified as required or recommended by RFC 2459. The mandatory SubjectAlternateName can include rfc822Name (e-mail address), DNS name, URI name and IP addresses. The certificate generator includes the support of NameConstraints containing any of the field and name types allowed in the Subject and SubjectAlternateName attributes.
The X509 certificate generator also allows for the creation of self-signed root-certificates and for the generation of public/private key pairs.
The MHP Security File Generator provides a certificate authority with the capability to revoke certificates and to generate a signed CRL containing all currently revoked certificates. Empty CRLs can be created when no certificates are currently marked as revoked.
The MHP Security File Generator provides a root certificate authority with the capability to create Root Certificate Management Messages containing new root certificates and lists of root certificates to be removed. The generator also provides the ability for root certificate authorities to add their signature to an RCMM created by another root certificate authority. The generator ensures that each of the signatures applied to the RCMM is unique.
The MHP Security File Generator expects that access to the private key will be secured and does not provide a specific means of access to these secure objects. The signature process for all files is defined through an application programmer interface that allows different key storage technologies to be implemented.