×

Discussion Board

Results 1 to 12 of 12
  1. #1
    Registered User
    Join Date
    Dec 2006
    Posts
    34

    S60 3rd edition signing process

    Hello, we developed a multiplatform location based client/server app. Our current target is to include S60 3rd edition devices to the supported list (currently S60 2nd edition and Windows Mobile devices are supported). Since S60 3rd edition absolutly requires a publisher certificate we bought a package from Verisign. We have generated the cert and key files from Verisign. Now, before submitting the sis file and thus loosing a signing event (signing events cost money!) we would like to double check our steps with your experience.

    On the Symbian platform, our LBS application is devided between a java app and a python app. The python app only sends the cellid information to the java application via sockets on localhost. This approach works beautifuly on the 2nd edition. Now, using the py file that works perfectly on the 2nd edition we used ensymble to create a 3rd edition sis file using this command and output:

    D:\Works\python\makesis>ensymble.py py2sis mtsd.py
    ensymble.py: warning: no application version given, using 1.0.0
    ensymble.py: warning: no certificate given, using insecure built-in one

    On the 3rd edition device (Nokia N73) we installed Python for 3rd edition, the java part of our application and the newly created sis file. Everything installs just fine. Obviously the java application can't get the cellid because the python application doesn't have the capabilities enabled for location. Using the above sis file, we signed it with the certificate, key (from Verisign) and exe capabilities using this syntax:

    D:\Works\python\makesis>ensymble.py signsis --cert=fsmm.pfx.cer --privkey=fsmm.p
    fx.key --passphrase ***** --execaps=Location+ReadUserData+ReadDeviceData+Local
    Services+NetworkServices mtsd_nocert.sis mtsd_cert.sis
    ensymble.py: 1 EXE-files will be modified, 0 DLL-files will be modified
    ensymble.py: warning: removing old signatures from input SIS file

    When trying to install the new sis the phone says certificate error, please contact the publisher or something similar.

    My question is do we did this right? The sis file is ready to be sent to Verisign and then at the Symbian testing labs? The python script only does location.gsm_location() and uses a socket to listend and write on request. There are any extra capabilities that we missed?

    Your help is highly appreciated!

  2. #2
    Super Contributor
    Join Date
    May 2004
    Location
    Tampere, Finland
    Posts
    524

    Re: S60 3rd edition signing process

    You could try giving the certificate during the py2sis phase, although it really should generate an identical SIS file in either case. Also, I don't see you giving any UID to your program. Remember that signed SIS packages require an UID from the protected range (0x00000000..0x7FFFFFFF). You need to get an UID from Symbian Signed before submitting for signing, otherwise the signing will fail.

    To my knowledge, this will be the first time anyone tries to Symbian-sign an Ensymble-generated SIS file. I sincerely hope everything goes well! I'd hate to see you lose money because Ensymble messes up some little detail... If the SIS file passes, the vendor field will read "Ensymble" during install, because at the moment there is no way to change that.

  3. #3
    Super Contributor
    Join Date
    May 2004
    Location
    Tampere, Finland
    Posts
    524

    Re: S60 3rd edition signing process

    Oh, and this rudely named, but useful web page can help you diagnose SIS-related problems: WTFWMSFI.com.

    SIS files generated by Ensymble always get "Warning: Package UID is also used as a SID!". This "error" is so commonly present in Nokia-provided developer material that I think it's really not an error at all.

  4. #4
    Registered User
    Join Date
    Dec 2006
    Posts
    34

    Re: S60 3rd edition signing process

    I have added the UID in the py2sis command and remade the signsis command. I also had to remove ReadDeviceData because the above mentioned site was telling me that it was an error with ReadDeviceData capability. Now, the only warning (that is not actually an error) is the UID issue. However when installing the sis on the phone the same error occures.

    It is possible to run the sis only selfsigned? From what I understand from this site some, it is possible as long as using a strict set of capabilities. Since our application does only location.get and socket.listen and socket.write it should be possible doesn't it? Currently I am using these capabilities: Location+ReadUserData+LocalServices+NetworkServices (is there anything I should remove or add)?

  5. #5
    Super Contributor
    Join Date
    May 2004
    Location
    Tampere, Finland
    Posts
    524

    Re: S60 3rd edition signing process

    Oh, I just now realized that you actually sign the package with the key/certificate pair you received from Verisign. It will not work. Those keys are not (yet) trusted by the phone. The Symbian Signed process adds a new set of keys that validate your keys and then they send you the resulting SIS file back. Before submitting your SIS for testing, the phone will not accept it.

  6. #6
    Super Contributor
    Join Date
    May 2004
    Location
    Tampere, Finland
    Posts
    524

    Re: S60 3rd edition signing process

    Quote Originally Posted by fightersoft
    Currently I am using these capabilities: Location+ReadUserData+LocalServices+NetworkServices (is there anything I should remove or add)?
    Location is not available to self-signed applications.

  7. #7
    Registered User
    Join Date
    Dec 2006
    Posts
    34

    Re: S60 3rd edition signing process

    Ok, I will send the sis to Verisign and they will send it to the testing labs. However, could you please confirm that I used the correct capabilities given that I only use location.get, sockets.listen and sockets.write?

    Thank you.

  8. #8
    Super Contributor
    Join Date
    May 2004
    Location
    Tampere, Finland
    Posts
    524

    Re: S60 3rd edition signing process

    I don't know whether LocalServices or NetworkServices is required for local sockets. You can verify that yourself by using a developer certificate from Symbian Signed and only enabling those capabilities with Ensymble.

  9. #9
    Registered User
    Join Date
    Dec 2006
    Posts
    34

    Re: S60 3rd edition signing process

    Hi! It seems that in order to get the sis file signed I require a pkg file. According to symbiansigned.com this file is generated by makesis. Is there anyway to generate this file using Ensymble?

    Thanks in advance.

  10. #10
    Super Contributor
    Join Date
    May 2004
    Location
    Tampere, Finland
    Posts
    524

    Re: S60 3rd edition signing process

    Quote Originally Posted by fightersoft
    Hi! It seems that in order to get the sis file signed I require a pkg file. According to symbiansigned.com this file is generated by makesis. Is there anyway to generate this file using Ensymble?
    PKG files are used by makesis and written by the package author. Unfortunately Ensymble does not use PKG files at all. If there is an explicit requirement to have a PKG file in order for the package to be signed, the only option is to use an official Nokia S60 SDK to create the package.

    For a Python application, requiring a PKG file sounds really dumb. And even in C++ case, all the information can be extracted from the SIS file, the PKG file contains no additional information. I hope Symbian Signed will revise their signing process to reflect this.

  11. #11
    Registered User
    Join Date
    Dec 2006
    Posts
    34

    Re: S60 3rd edition signing process

    Sorry that I haven't posted in a while... I was away from the office.

    In the mean time they sent me a waiver form that I hve completed and after a few days I've got a message with a link from this forum - http://discussions.forum.nokia.com/f...d.php?t=102254 stating that there is a tutorial on how to make the pkg file. I really didn't get it, all I found is to work with py2sis that to my knowledge doesn't work with 3rd edition.

    Does anyone know how to generate a pkg file perhaps by using the sis file?

  12. #12
    Regular Contributor
    Join Date
    Sep 2003
    Location
    Finland
    Posts
    209

    Re: S60 3rd edition signing process

    Quote Originally Posted by fightersoft
    I really didn't get it, all I found is to work with py2sis that to my knowledge doesn't work with 3rd edition.

    Does anyone know how to generate a pkg file perhaps by using the sis file?
    py2sis is working with 3rdEd - you can use the switch "--leavetemp" to leave in place all the temporary files used to generate the SIS-file (including the ".pkg" file).

    Search the forum with "py2sis" for more information (here is one thread: http://discussion.forum.nokia.com/fo...ghlight=py2sis - the bugs described in the thread are obsolete).

    Hope this helps.

Similar Threads

  1. S60 3rd Edition & OMA DRM
    By bfamler in forum Digital Rights Management & Content Downloading
    Replies: 13
    Last Post: 2009-04-13, 14:05
  2. S60 3rd edition signing types
    By Bill_Murray in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 3
    Last Post: 2006-12-12, 09:27
  3. What is going on with Vibration on S60?
    By amd_rikus in forum Mobile Java General
    Replies: 3
    Last Post: 2006-06-16, 00:29
  4. S60 3rd edition and JSR-179
    By gregatmdl in forum Mobile Java General
    Replies: 1
    Last Post: 2006-06-14, 00:24

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×