×

Discussion Board

Results 1 to 11 of 11
  1. #1
    Regular Contributor
    Join Date
    Dec 2008
    Posts
    111

    Certified signing or express signing for complicated application?

    Hi all!
    I have an application to distribute, so I need to make Express Signing or Certified Signing. It's a little complicated and I don't know the best solution, so I try to explain the scenario.
    The application is composed by
    1) background application 1 (On app #3 the user can start and stop this process. The app indicates if the process is started on boot and it can change this option)
    2) background application 2 (same as app #1)
    3) symbian UI application needing Certified Signing because it uses MultimediaDD capability. This sis file need to install also #1 and #2 sis file!!!
    4) symbian UI application without icon on application menu, because it is launched by app #3

    So app #3 install also app #1 and #2 and manage them. On top of that, it launches app #3.

    I think that app #1, #2 and #4 could be signed with express method, writing on notes some explanation about backgroud process start and stop and for hidden icon, but I don't know if this could be the best solution.
    All the applications are really concatenated, so maybe it could be better to send every sis file to a test house and make certified signing for all of them.

    If I send only app #3 to test houses, I can send also the express signed sis file of app #1 and #2?

    Does exist problems if I have used some API fom SDK API Plug-in? in particular Bluetooth and SW installer launcher...I haven't found this information on signing documents.


    What do you think about? Does exist a better solution?
    I hope you could suggest me something!

    My best regards

    Manuela

  2. #2
    Nokia Developer Moderator
    Join Date
    Mar 2003
    Location
    Lempäälä/Finland
    Posts
    29,144

    Re: Certified signing or express signing for complicated application?

    if they are working together, then just pack them in one sis, the copmlexity is not an issue, I have one application that is build from 11 separately build modules, all packed in one sis ans express signed.

    The thing that matters is the capabilities, thus if any of the modules in the package requires capabilities not allowed for Express signed, then you need to do certified signed.

  3. #3
    Regular Contributor
    Join Date
    Dec 2008
    Posts
    111

    Re: Certified signing or express signing for complicated application?

    So, you suggest to make express sign every standalone application that not need specific capability.
    I can't make only one express signing for all the modules together, it's correct? I must create n express signed for n modules (so I need n ContentIDs ), then insert the sis files on the package that need Certified sign and finally send it to the test house?

    The application wich needs certified signing has MultimediaDD capability only because it uses CVideoPlayerUtility...

  4. #4
    Nokia Developer Moderator
    Join Date
    Mar 2003
    Location
    Lempäälä/Finland
    Posts
    29,144

    Re: Certified signing or express signing for complicated application?

    please read again what I said. I suggested making one sis file and signing it.

  5. #5
    Nokia Developer Moderator
    Join Date
    Sep 2004
    Location
    Tampere, Finland
    Posts
    11,355

    Re: Certified signing or express signing for complicated application?

    Leaving aside the fact that #3 requires Certified Signed, all the four apps, their additional dlls, resources and data files could all be packaged into one SIS file, which requires only one certification. It is cheaper and more convenient for the end-user to install as well.

    There could be however some reasons for which you may indeed want to split the components into separate components, and that is:
    a) if you have shared components, e.g. if #1 is a server used now in the current 1+2+3+4 combination but likely to be used tomorrow with some 1+5+6+7 product combination
    b) if you have modules such a #3 which have some special signing requirements and which also are not expected to change in the near future, which means that once you go through the special signing you can reuse that SIS file without any hustle, regardless of how many times the other components change and require re-signing.

    There are therefore many options you have, and it is only you that knows what is best for your application. As symbianyucca said, the easier option could be to simply package everything into one SIS and then have it Certified Signed. But if you have special reasons not to do that, package them as you will, but make sure that when you submit the packages to the test house you do submit a working application, which they can test and certify. That may imply sending all the sis files at once, with install instructions.
    -- Lucian

    If you are not yet a DVLUP member it is time to correct that mistake :) Click here to join: http://www.dvlup.com/lucian/Invite

  6. #6
    Regular Contributor
    Join Date
    Dec 2008
    Posts
    111

    Re: Certified signing or express signing for complicated application?

    Thanks Lucian for your detailed answer.
    I have splitted the application because the modules could be used in the future for some other applications, but maybe the best solution now is a unique sis for this specified app that needs special signing. In the future, if the new app doesn't need special signing I will do express signing. Do you agree?

    But now I have a question about unique sis for multiple projects: does exist some problems for this? for example, every modules needs its private folder, it's possible?

    best regards

    Manuela

  7. #7
    Nokia Developer Moderator
    Join Date
    Mar 2003
    Location
    Lempäälä/Finland
    Posts
    29,144

    Re: Certified signing or express signing for complicated application?

    processes with different UIDs have different private folders, as well as processes can not share private folders, thus if the modules are loadable modules, then they would be using the private folder of the loading process, and not their own.

  8. #8
    Nokia Developer Moderator
    Join Date
    Sep 2004
    Location
    Tampere, Finland
    Posts
    11,355

    Re: Certified signing or express signing for complicated application?

    Quote Originally Posted by manubemanu View Post
    Thanks Lucian for your detailed answer.
    I have splitted the application because the modules could be used in the future for some other applications, but maybe the best solution now is a unique sis for this specified app that needs special signing. In the future, if the new app doesn't need special signing I will do express signing. Do you agree?
    Just make sure to plan this right and understand what the consequences are. Once a binary with a given name/UID is published in a SIS file, publishing a new SIS file with a diferent package UID but including the same binaries will not be possible.

    Quote Originally Posted by manubemanu View Post
    But now I have a question about unique sis for multiple projects: does exist some problems for this? for example, every modules needs its private folder, it's possible?
    Yes. The installer allows creation and access to the private directory of each and every executable included in the package. I.e. if you have 4 exes in a SIS file you can access all/any of their four private paths. Of course after install each exe can only access its own private path.
    -- Lucian

    If you are not yet a DVLUP member it is time to correct that mistake :) Click here to join: http://www.dvlup.com/lucian/Invite

  9. #9
    Regular Contributor
    Join Date
    Dec 2008
    Posts
    111

    Re: Certified signing or express signing for complicated application?

    I have read on the api docs that if I don't need priority for using the video engine, I don't have to include MultimediaDD capability. so I think that it could be possible to make Express signing for the application with only one sis file
    Lucian, about binary name or UID, you are saying that I can't insert one module on two different sis files? It's possible to simply use the same binary, chancing the UID, so that the modules can seem different? Maybe I'm not so clear, I'm saying that I'd like to generate only one sis file now, including all the exes on the same pkg. When, in the future, I will need to sign another application which uses mod1 and mod2, I will need to change their UID but can I include them on the new pkg file?

    Thanks

    Manuela

  10. #10
    Nokia Developer Moderator
    Join Date
    Sep 2004
    Location
    Tampere, Finland
    Posts
    11,355

    Re: Certified signing or express signing for complicated application?

    Manuela,

    if SIS1 installs app1.dll in \sys\bin\ then later SIS2 wants to install the same app1.dll in the same \sys\bin you have a problem, since there can be only one file with that name in that directory.
    The installer will therefore check whether you are attempting an upgrade of that component, but since the packageUID1!=packageUID2 that is not the case and you will simply get an installation error caused by a file name clash.

    This is why Symbian Signed recommends using unique names, e.g. by inserting the UID into the name, and even then, shared components must be packaged in own SIS file, which can then be updated if needed.

    To fix such thing adter the release of SIS1, you will have to refactor app1.dll (change name, UID) and package it as a new product SIS3. Then SIS1 can be updated to have a dependency on SIS3, and SIS2 can have that dependency as well.
    -- Lucian

    If you are not yet a DVLUP member it is time to correct that mistake :) Click here to join: http://www.dvlup.com/lucian/Invite

  11. #11
    Regular Contributor
    Join Date
    Dec 2008
    Posts
    111

    Re: Certified signing or express signing for complicated application?

    Ok, thanks a lot for your suggestions!

    Best regards

    Manuela

Similar Threads

  1. Replies: 5
    Last Post: 2010-08-24, 12:01
  2. [Moved] Express Signing and Certified Signing
    By prashant.sharma in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 7
    Last Post: 2010-02-20, 12:54
  3. Express Vs Certified Signing
    By jupitar in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 2
    Last Post: 2009-01-12, 11:00
  4. Multilanguage app for Certified signing
    By jinuthomas in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 5
    Last Post: 2008-11-26, 10:12
  5. Multilanguage app for Certified signing
    By jinuthomas in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 6
    Last Post: 2008-10-31, 17:08

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •