Skip to main content

Online keytool (for online.sig) is available in hdcookbook

No replies
jaya_h
Offline
Joined: 2005-07-11
Points: 0

Hi all,

A new tool: OnlineKeytool is now available as part of hdcookbook security tools
package: net.java.bd.tools.security.OnlineKeytool.

This enables storing of BDA private key in a password protected safe storage like keystore,
instead of leaving it out in a BDA key file, which can be read by anyone if unencrypted.

See below:

/**
This is a tool for importing online credentials into a Keystore
This tool imports the private and public online keys obtained
from BDA into the Java keystore.
**/

usage: OnlineKeytool [options]

Valid Options:
-keystore filename
:Keystore where the keys get stored. In the absense of this option, a default store:"keystore.store" is used from the current working directory.

-storepass password
:Keystore password

-alias alias
:Alias for the online keys

-keypass password
:Password for online keys

-help
:Prints this message

Example: java net.java.bd.tools.security.OnlineKeytool owner.bin online.crt

----------

BDSigner can generate online.sig file using keys imported with OnlineKeytool into the Java keystore.
Alternatively, it can directly read the BDA provided files with two new options
for generating online.sig file:

-onlinekey
:Path to binary file (from BDA) containing RSA private key for creating
online.sig file

-onlinecrt
:Path to online.crt file (from BDA)

Hope that helps,
Jaya