CVTSigner is a headend product which generates signed Code Version Tables (CVTs) for delivery via DSG. CVTs which are to be transmitted via DSG broadcast tunnel type 5 are required to be inserted into PKCS#7 signed data files and CVTSigner performs this task.
CVTSigner is most typically used by S&T's TSBroadcaster CDL carousel generator. CVTs generated by TSBroadcaster are POSTed over a secure connection to the CVTSigner prior to broadcast. CVTSigner consists of three components:
- A standalone java program, the CVTJarMakerProject, which ingests CVCs, private keys and private key passphrases into a target jar file. This software ensures that the private key and passphrase are stored on CVTSigner server in a highly secure manner.
The CVTSigner software which receives CVTs via https, calls the OCAP Security File Generator (OCAP SFG) to perform the signature and sends the resulting data back to the origniator of the request.
- The OCAP SFG software.
CVT File Maker Panel
- Signing server for OCAP Code Version Tables (CVT) .
- CVC private key and associated passphrase encrypted and stored securely.
- Simple java-based UI for collecting the CVC, private key and passphrase (see screen shot below).
- Uses the OCAP Security File Generator for PCKS#7 signature generation.
- The CVTSigner is provided on a Dell 1RU server running the Linux operating system.
- CVTSigner can also be used for OCAP application and code image signing using OCAP SFG. Both command line and GUI versions are available.
- CVTSigner is capable of supporting multiple redundant pairs of TSBroadcaster units.
- Code images delivered by TSBroadcaster via DSM-CC data carousels through DSG application tunnels or via TFTP server.
- DSG code delivery may be unicast or multicast.
- CVTSigner operates as a Tomcat service.