Please note that as of October 24, 2014, the Nokia Developer Wiki will no longer be accepting user contributions, including new entries, edits and comments, as we begin transitioning to our new home, in the Windows Phone Development Wiki. We plan to move over the majority of the existing entries. Thanks for all your past and future contributions.

Revision as of 11:02, 13 May 2013 by hamishwillee (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

How to protect WRT widgets with OMA DRM 1.0

From Wiki
Jump to: navigation, search
Article Metadata
Created: jimgilmour1 (01 May 2009)
Last edited: hamishwillee (13 May 2013)



Symbian Web RunTime widgets (WRT) are great new applications for Nokia mobile phone. They are easy to write and do not need any form of signing, because they use JavaScript(tm) to access the phones via built in libraries.

This ease of use and speed of application delivery is generating new streams of revenue for advertisers keen to display there products on smartphones. In many cases the developer is being paid by the customer to develop the application and the customer is hoping viral marketing will send this demonstration of the companies product onto other people via bluetooth or SMS.

For the developer who is hoping to sell his application directly to customers over the internet the limitation to one mobile phone is very important.

The protection of WRT widgets is the subject of this article. Recently an article has been written How to package Flash content in a Widget this is was an inspired article because this solved the major problem of starting the FlashLite player to display content in smartphones.

Putting protection on WRT packages

The commonly asked questions are:-

  • Does Nokia supply free products to protect these packages ?

Yes, they supply the Nokia Mobile Toolkit 4.1, this provides Digital Rights Management to OMA standard 1.0

  • This sounds complex. Will changes be need to application packages to implement this ?

No changes are needed to the application package. The package is encrypted with a layer which can be read by Nokia smartphones during install.

  • Can the encrypted package be broken into?

Any form of security package can eventually be broken into. What security packages hope to achieve is to make this sufficently difficult to stop the casual users from copying the application compared to the price to buy the application. The fact that decryption takes place in the phone make the application more secure.

Further to this a DRM header is applied telling the Nokia phone not to allow Forward or onward transmission to other mobile phone, by bluetooth or SMS. If this pakage is somehow sent to another phone via bluetooth, the phone will refuse to load this as this header prevents install.

The Option 1 of the above article supplies demo files to test this form of protection.

Installing NMIT 4.1

Firstly Before you start to install the program on the same download page "request a licence" by selecting toolkit licence which will be sent to your registered email account.

The installation of Nokia NMT 4.1.

When you have got your licence you can start installing, with Using Nokia SDKs and Tools on Windows Vista you must right click on the install package and select "Run as Administrator". When requested enter you Nokia Developer Username and the product licence by copy and past from the licence email you hve received. Store the email safely in case you need to install the application again.

Using NMIT 4.1 to secure the WRT .wgz package

Open the NMIT from the Nokia Developer Tools on the Start bar of Windows. There is an excellent article How to protect Flash Lite content with OMA DRM 1.0 and this shows how to protect with DRM.

In Step 4 on this guide the Flash file is used. In this article MyFlashWidget.wgz from the article How to package Flash content in a widget is used and loaded into NMIT.

Content Type should be set to "application/x-nokia-widget".

Further up the screen click on "Content Header" and select "Base64". This encrypts the package using Nokia's own encryption, this is applied to the package before download. The Forward Lock is applied during download to the smartphone.

Now save the File using "Save as.." from the main file menu.

See the picture below


Testing the WRT package on a webserver

This article was developed and tested using a local webserver described in the article

How to use Vista personal webserver to test OMA DRM 1.0


This article would not have been possible without the work of the other Nokia Developer Champion's who have provided ideas and inspiration to write this article

This page was last modified on 13 May 2013, at 11:02.
23 page views in the last 30 days.