Commond Download is a protocol for OpenCable-certified hosts for the purpose of updating any of the firmware objects used in the host device. It is intended for OpenCable devices using CableCARDs and provides a means for downloading new code images to specific tru2way (OCAP) devices. S&T's TSBroadcaster CDL provides a common download capability. When a download is requested, it builds a Code Version Table (CVT) Type 2 which it streams through the the out-of-band, either via traditional OOB or via DSG broadcast tunnel type 5. TSBroadcaster places the signed code image in a DSM-CC data carousel which is referenced by the CVT and plays these out in-band at a designated frequency (defined in the CVT) or via a DSG Application Tunnel. The code image may also be signalled to be present on a tftp server.
As mandated in the Common Download Specification 2.0, CVTs delivered via DSG need to be part of a secure PKCS#7 data structure signed with the MSO Code Verification Certificate (CVC). You can use UniSoft's OCAP Security File Generator (OCAP SFG) to sign a CVT in this manner.
At the OCAP host, the CableCARD Device filters all incoming CVTs and determines if a download is applicable for the attached host. If the download is applicable, then the CableCARD device informs the host of the available download. The host acquires the DSM-CC data carousel and downloads the code object. If a code file for a particular host is not defined in the CVT, then code download for that host is not supported.
OCAP SFG allows device manufacturers to encapsulate their code image files and code version tables in a PKCS#7 Signed Data file. The Open Cable Security Specification requires code images to be prepared in this format for delivery to the receiver. The Open Cable Code Download Specification requires the code version table to be prepared in the PKCS#7 Signed Data format for delivery to the receiver.
Carriage of certificates in the PKCS#7 Signed Content for a Code Image
Your code image file may be combined with a number of certificate files before it is signed and packaged for delivery. Any of the following certificates may be included as download parameters.
The code image and optional download parameters form the Signed Content for the PKCS#7 Signed Data file. The file is signed by your Manufacturer Code Verification Certificate and may need to be subsequently co-signed by the CableLabs Code Verification Certificate.
In addition to the certificates mentioned above, when creating a PKCS#7 Signed Data file for use in OpenCable Unidirectional Receivers (OCUR) you can also include a download parameter containing the System Renewability Message [TLV Type 200].