×

Discussion Board

Results 1 to 10 of 10
  1. #1
    Regular Contributor
    Join Date
    Feb 2005
    Posts
    151

    Exclamation Understanding of the complicated signing process

    After designing application for S60 3rd for many months, I got some understanding about the complicated testing and signing process of symbian applications. Any comments are welcomed, to let me know whether they are right.

    1. There are many ways for signing the application.
    1). self-sign the application.
    But the application must have a unprotected UID, and the applicable capabilities are very limited.(User granted)

    2). Developer certificate request without Publish ID
    Go to Symbian signed web site to get a .cer file depending on one IMEI. In this way, you can get all non-sensitive capabilities. But if you are using sensitive (manufacture) capability, such as DRM, AllFiles, you must apply them separately. (I did not apply for the sensitive capability before. Is it very difficult to apply for them? Does this process need money?)
    3). Developer certificate request with Publish ID
    I did not know this process.
    4). Symbian signed
    How much is the cost? Does it take too long? One or two week?

    2. For capability setting during the signing process, I am not very clear about DLL file
    For example, I have a third-party DLL file, whose capability is All -TCB, and I have my own application which calls the dll file. My own application only needs "readuserdata writeuserdata" capabilities. I packaged my application .exe file and the DLL file, together with other resource files into one sis file. My question is which capability that I need to set during signing. That is to say, if I apply a Developer certificate according to a IMEI, which capability should set in the .csr file? Are"readuserdata writeuserdata" enough?

  2. #2
    Registered User
    Join Date
    May 2005
    Posts
    24

    Re: Understanding of the complicated signing process

    Quote Originally Posted by whitewinds
    After designing application for S60 3rd for many months, I got some understanding about the complicated testing and signing process of symbian applications. Any comments are welcomed, to let me know whether they are right.

    1. There are many ways for signing the application.
    1). self-sign the application.
    But the application must have a unprotected UID, and the applicable capabilities are very limited.(User granted)

    2). Developer certificate request without Publish ID
    Go to Symbian signed web site to get a .cer file depending on one IMEI. In this way, you can get all non-sensitive capabilities. But if you are using sensitive (manufacture) capability, such as DRM, AllFiles, you must apply them separately. (I did not apply for the sensitive capability before. Is it very difficult to apply for them? Does this process need money?)
    3). Developer certificate request with Publish ID
    I did not know this process.
    4). Symbian signed
    How much is the cost? Does it take too long? One or two week?

    2. For capability setting during the signing process, I am not very clear about DLL file
    For example, I have a third-party DLL file, whose capability is All -TCB, and I have my own application which calls the dll file. My own application only needs "readuserdata writeuserdata" capabilities. I packaged my application .exe file and the DLL file, together with other resource files into one sis file. My question is which capability that I need to set during signing. That is to say, if I apply a Developer certificate according to a IMEI, which capability should set in the .csr file? Are"readuserdata writeuserdata" enough?
    if the .dll is just as a .dll, then your sis file must have all -tcb. if it's a 3rd party dll you could ask to get it in a manufacturer signed .sis


    from my quick testing, if i embedded all -tcb(signed..) in a self signed.. then it wouldn't install. as if the embedded sis file(with dll all -tcb) was tried with the embedding sis files signing(embedded as embedded in pkg).


    workaround is to just include the sis file as a normal file, then create a seperate installer program that launches the installer app on the sis.. or detect on your program if it is installed and then launch the .sis(that has the all-tcb dll) from there.

    or if feasible, get a manufacturer signing on your whole sis file.

  3. #3
    Regular Contributor
    Join Date
    Feb 2005
    Posts
    151

    Re: Understanding of the complicated signing process

    Quote Originally Posted by glassi
    if the .dll is just as a .dll, then your sis file must have all -tcb. if it's a 3rd party dll you could ask to get it in a manufacturer signed .sis
    For 3rd aprty,I must sign my sis file with All -TCB capabilities? Then it is very difficult for other application to use this third party dll due to the signing issue. As I understood, signing with manufacture capability seems very complicate and difficult. For so a published Dll file, if it wants to be shared by other application, it is better to package the dll file in a symbian signed sis file. Then it is easy for other application to use it.

    Quote Originally Posted by glassi
    from my quick testing, if i embedded all -tcb(signed..) in a self signed.. then it wouldn't install. as if the embedded sis file(with dll all -tcb) was tried with the embedding sis files signing(embedded as embedded in pkg).
    But if the sis file(with dll all -tcb) is embeded into a Developer certificate signed sis file, it should be able to install.

    Quote Originally Posted by glassi
    workaround is to just include the sis file as a normal file, then create a seperate installer program that launches the installer app on the sis.. or detect on your program if it is installed and then launch the .sis(that has the all-tcb dll) from there.

    or if feasible, get a manufacturer signing on your whole sis file.
    Thus, if I have an application which includes a dll file( All -TCB), before I can test my application on any phone, I must make my application symbian signed with All -TCB, or package the dll into a separate symbian signed sis file.

  4. #4
    Nokia Developer Moderator
    Join Date
    Feb 2006
    Location
    Budapest, Hungary
    Posts
    28,568

    Re: Understanding of the complicated signing process

    Quote Originally Posted by whitewinds
    For 3rd aprty,I must sign my sis file with All -TCB capabilities? Then it is very difficult for other application to use this third party dll due to the signing issue. As I understood, signing with manufacture capability seems very complicate and difficult. For so a published Dll file, if it wants to be shared by other application, it is better to package the dll file in a symbian signed sis file. Then it is easy for other application to use it.
    It works a bit different: if you publish a .dll, you are the one who should wrap it into a SymbianSigned .sis file. Then other developers just embed your .sis file into theirs (which can even be self-signed in this case).
    But if the sis file(with dll all -tcb) is embeded into a Developer certificate signed sis file, it should be able to install.
    No, every installation package is handled separately. Embedding does affect the capabilities of the original. Although there is at least one exception: Startup List Management cannot be used in an embedded .sis file - thus in this case the embedded .sis file gets a restriction just because of being embedded.

  5. #5
    Regular Contributor
    Join Date
    Jul 2006
    Location
    Italy
    Posts
    99

    Re: Understanding of the complicated signing process

    I'm getting realy more and more confused with this signing process: if I have 2 application one is the main application and the second it's only the Sarter that make the firstone autostart on device boot. So this 2 application are separated and need a certificate...How can I sign those 2 application? I want to make only a sisx of the main app that enbed the Started application...How can I sign the entire sisx?? I think that there's a lot of confusion around this signing process...Nokia say that this process is better for the security of the application and phones....I think that for developers it's I realy big problem and loss of time! I'm afraid that this process will cause more problem than benefict...even on the number of the application and on the number of sold phone.

  6. #6
    Nokia Developer Champion
    Join Date
    Mar 2006
    Location
    Helsinki, Finland
    Posts
    8,335

    Smile Re: Understanding of the complicated signing process

    Quote Originally Posted by muntain View Post
    I'm getting realy more and more confused with this signing process: if I have 2 application one is the main application and the second it's only the Sarter that make the firstone autostart on device boot. So this 2 application are separated and need a certificate...How can I sign those 2 application? I want to make only a sisx of the main app that enbed the Started application...How can I sign the entire sisx?? I think that there's a lot of confusion around this signing process...Nokia say that this process is better for the security of the application and phones....I think that for developers it's I realy big problem and loss of time! I'm afraid that this process will cause more problem than benefict...even on the number of the application and on the number of sold phone.
    http://discussion.forum.nokia.com/fo...8&postcount=14

    Kiran.

  7. #7
    Regular Contributor
    Join Date
    Jul 2006
    Location
    Italy
    Posts
    99

    Re: Understanding of the complicated signing process

    Ok so I have only to sing one .sis file that include the embedded application. I have found that an application embedded could not have autostart capability: so now I have embedded the main application in the starter application...is this the right way? or there's a different way? I don't like this way because the name of the installer is of the starter application and not of the main application

  8. #8
    Regular Contributor
    Join Date
    Jul 2006
    Location
    Italy
    Posts
    99

    Re: Understanding of the complicated signing process

    Ok I solved in another way

  9. #9
    Registered User
    Join Date
    Feb 2006
    Location
    Brazil
    Posts
    523

    Re: Understanding of the complicated signing process

    Quote Originally Posted by muntain View Post
    Ok I solved in another way
    it would be cool if you could post here how.

    It might help other users that may face the same problem you did

    best regards
    Http_user_agent:
    NokiaN80-1/3.0 (4.0707.0.7)
    Series60/3.0
    Profile/MIDP-2.0
    Configuration/CLDC-1.1

  10. #10
    Regular Contributor
    Join Date
    Jul 2006
    Location
    Italy
    Posts
    99

    Re: Understanding of the complicated signing process

    I have created one .sisx containing both the applications, main and the startup. The UID specified in the .pkg file is that of the Startup program.

Similar Threads

  1. WaitDialog during synchronous process
    By jp4symbian in forum Symbian User Interface
    Replies: 5
    Last Post: 2008-07-16, 09:56
  2. Process termination check
    By prasanta_sadhukhan in forum Symbian
    Replies: 3
    Last Post: 2007-03-31, 16:27
  3. Signing process duration
    By er_benji in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 1
    Last Post: 2007-02-02, 03:05
  4. Midlet signing process
    By lakechat in forum Mobile Java Networking & Messaging & Security
    Replies: 14
    Last Post: 2006-12-23, 21:47
  5. Signing problem with 6630 and jad file
    By panwoo in forum Mobile Java General
    Replies: 7
    Last Post: 2005-11-19, 14:57

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •