Questions on online cert signing procedure
I am trying to understand the exact procedure for signing a Blu-ray disc image and a VFS update bumf jar with online cert received from BDA.
1. Are certs still need to be generated by these? If not, are app.discroot.crt and bu.discroot.crt no longer needed?
2. When online certificate is used, is BDSigner used only for generating online.sig and not for signing jars?
3. In the command for generating online.sig, is the app.discroot.crt same as that generated in item 1?
java net.java.bd.tools.security.BDSigner -debug -onlinekey bda/keyfile.bin -onlinecrt bda/online.crt app.discroot.crt
4. Do these command sign the jar that goes on disc?
net.java.bd.tools.security.BDCredentialSigner -gencred -gecert grantee.discroot.crt bluray.MyXlet.perm
net.java.bd.tools.security.BDCredentialSigner -updatecert -gacerts grantorchain.crt bluray.MyXlet.perm 00000.jar
5. Are the steps for signing VFS update bumf jar something like these? Does this perm file is the one that goes in bumf jar?
net.java.bd.tools.security.BDCredentialSigner -gencert -buda discroot.crt bluray.MyXlet.perm
net.java.bd.tools.security.BDCredentialSigner -updatecert -gacerts grantorchain.crt bluray.MyXlet.perm bumf.jar
6. Where does online.sig go on disc?
7. Is there an example that does all the steps for signing with online cert?
Thanks in advance.