Introduction
In S60 3rd Edition application development all .sis files must be signed before installing
them to a device. When an application requires no capabilities or utilizes APIs which are open
to all, you can use the Self Signed certificate. This can be used when testing an application in
one’s own device or when shipping the application. Using the Self Signed certificate is recommended for freeware applications using unrestricted capabilities.
Self Signed Certificate
When an application requires no capabilities or utilizes APIs, which are open to all. This can be used when testing an application in one’s own device or when shipping the application.
Note: The application is regarded as Untrusted if signed with the Self Signed Certificate.
This process is recommended for freeware applications using unrestricted capabilities(User grantable capabilities)
Developer Certificate
When testing the application in developer’s own device(s). This certificate is received from Symbian.
The Symbian Developer Certificate can be used by developers to sign their applications in order to obtain the restricted capabilities for device testing. The certificate is restricted to a certain set of IMEIs and the set cannot be changed. There are a few requirements to get a Symbian Developer Certificate.
Symbian Signed
Mandatory if the application is using capabilities beyond the scope of APIs open to all and the application is shipped.
This is the sets of certificates respeected to APIs utilized.
60% of APIs (no restricted certificate)
User-Grantable Capabilities (need atleast self signed certificate)
ReadUserData
WriteUserData
NetworkServices
LocalServices
UserEnvironment
Symbian Signed Capabilities (need Symbian signed certificate)
User-Grantable Capabilities + sets of following
Location
ReadDeviceData
WriteDeviceData
PowerMgmt
SurroundingsDD
ProtServ
TrustedUI
SwEvent
Licensee/Platform Approval Capabilities (need Symbian signed certificate)
Symbian Signed capabilities + sets of following
Manufacturer
DRM
TCB
S60
DiskAdmin
AllFiles
CommDD
MultiMediaDD
NetworkControl
For more access capabilities details see also Enum TCapability
Sign SIS file
To self-sign the sis file with SISWare you must have the key file(.key) and certificate file(.cer).
The key file and certificate file may be given Symbian Signed Certificate from trusted Certificate Authority such as Verisign
and Symbian Signed or create your own self-sign certificate
To use the SISWare's sign tool, go to menu Tools ---> Digitally Sign Tools.
At Sign SIS File tab, follow these steps.
1. Specifile original SIS to be signed, this file will not effacted by signing process. The result of signing process is the target signed sis file.
2. Specify the target sis file which will create.
3. Specify key file
4. specify certificate file
5. Specify password(if that certificate file encrypted with password)
6. Specify algorithm. If you use symbian tool named makekeys.exe (even use in SISware) to produce key and certificate file, please choose DSA algorithm because that file created with that algorithm.
7. Click Sign button.
If no error occurs the signing will complete with some signature information that given by certificate file that seen from Signing Info box. Then this signed sis file will be able to install to Symbian9.x OS devices.
Create self-sign certificate file
You can create your own key and certificate file to use in signing process and your sis file will be regarded as Untrusted. To create key and certifiate file, go to Create Self-Signed Certificate tab in Digitally Sign Tools window.
Selct option create a private key and self signed certificate. Then follow the steps.
1.Specify key file to create.
2. Specify certificate file.
3. Specify common name(issuer) organization unit(name of certificate issued for), country, key length, password, email address and algorithm(DSA default)
4. Click Create button, then SISWare will call makekeys.exe for creation.
When command window(DOS window) appears, please follow the instruction on the screen, it may ask you to provide password or not(if you are not given password yet)
Then it asks you to moving the mouse on the screen or input the keyboard then it collected the data and after that please wait for a while until the window close and the create process completed.
Use these key file and certificate file to self sign your sis file, if you provide the password to make key and certificate file, when you signing with these file you must give the same password.
No comments:
Post a Comment